everardoherrera.com Open in urlscan Pro
143.244.215.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://everardoherrera.com/
Effective URL:
https://everardoherrera.com/
Submission: On February 12 via api (February 12th 2024, 4:17:42 pm UTC) from US — Scanned from DE

Summary HTTP 427 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 85 IPs in 13 countries across 62 domains to perform 427 HTTP transactions. The main IP is 143.244.215.166, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is everardoherrera.com. The Cisco Umbrella rank of the primary domain is 652180.
TLS certificate: Issued by R3 on February 3rd 2024. Valid for: 3 months.

This is the only time everardoherrera.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	143.244.215.166 143.244.215.166	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	51.79.85.170 51.79.85.170	16276 (OVH) (OVH)
8	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	18.245.46.54 18.245.46.54	16509 (AMAZON-02) (AMAZON-02)
8	141.94.202.176 141.94.202.176	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 8	2606:4700:440... 2606:4700:4400::ac40:919c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1 30	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
43	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
8	170.150.56.17 170.150.56.17	52263 (Telecable...) (Telecable Economico S.A.)
9	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	104.16.80.121 104.16.80.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.245.144.237 18.245.144.237	16509 (AMAZON-02) (AMAZON-02)
2 6	2606:4700:10:... 2606:4700:10::6816:118d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.106.140.246 185.106.140.246	7979 (SERVERS-COM) (SERVERS-COM)
2	178.32.210.226 178.32.210.226	16276 (OVH) (OVH)
1 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	52.58.67.45 52.58.67.45	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1 3	54.76.165.90 54.76.165.90	() ()
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	91.227.144.128 91.227.144.128	50245 (SERVEREL-AS) (SERVEREL-AS)
4	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
1	88.221.169.49 88.221.169.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
8	104.22.68.131 104.22.68.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
4	3.161.124.29 3.161.124.29	16509 (AMAZON-02) (AMAZON-02)
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2606:4700:440... 2606:4700:4400::ac40:9754	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.169.43 52.222.169.43	() ()
1	195.201.193.117 195.201.193.117	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:8f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.211.3.71 52.211.3.71	16509 (AMAZON-02) (AMAZON-02)
1	18.245.46.49 18.245.46.49	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 82	2606:4700:440... 2606:4700:4400::6812:28b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:4400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2600:1f18:1ac... 2600:1f18:1aca:4280:bdb4:8050:697b:3322	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.250 37.157.2.250	198622 (ADFORM) (ADFORM)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:25::1726:6211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4005:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.66.83.174 3.66.83.174	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:c96e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:33::212:40c5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	173.0.146.5 173.0.146.5	7979 (SERVERS-COM) (SERVERS-COM)
3	96.46.186.186 96.46.186.186	7979 (SERVERS-COM) (SERVERS-COM)
2	52.49.19.18 52.49.19.18	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	8.2.110.17 8.2.110.17	46636 (NATCOWEB) (NATCOWEB)
1	63.32.206.174 63.32.206.174	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1 2	81.17.55.173 81.17.55.173	() ()
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.34.232.193 23.34.232.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.194.182.120 54.194.182.120	() ()
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1 1	8.2.110.33 8.2.110.33	() ()
1	2600:9000:211... 2600:9000:211e:6a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	2600:9000:269... 2600:9000:269d:b400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
427	85

48 143.244.215.166 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

everardoherrera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.85.170 (United States)

ASN16276 (OVH, FR)
PTR: c1061.cloud.wiroos.net

ejs.mowplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mowplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-54.fra56.r.cloudfront.net

embi-media.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.94.202.176 (France)

ASN16276 (OVH, FR)
PTR: ns31491888.ip-141-94-202.eu

amer.hhkld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.hhkld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.hhkld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hhkld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::ac40:919c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sender.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 170.150.56.17 (Costa Rica)

ASN52263 (Telecable Economico S.A., CR)
PTR: ptr17.56.150.170.residencial.telecablecr.com

scontent.fsyq2-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.80.121 (None, )

ASN13335 (CLOUDFLARENET, US)

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.245.144.237 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-144-237.lhr5.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:118d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pdp-cdn.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pdp-service.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.140.246 (Netherlands)

ASN7979 (SERVERS-COM, US)

cdn2.viads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.32.210.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.67.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-67-45.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.165.90 (Dublin, Ireland) 1 redirects

ASN- ()
PTR: ec2-54-76-165-90.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.227.144.128 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)

pub.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.161.124.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-124-29.vie50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:4400::ac40:9754 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

promos.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.43 (United States)

ASN- ()
PTR: server-52-222-169-43.cdg52.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.193.117 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.193.201.195.clients.your-server.de

s.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:8f4 (United States)

ASN13335 (CLOUDFLARENET, US)

pdp-service.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.3.71 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-3-71.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-49.fra56.r.cloudfront.net

dd.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 2606:4700:4400::6812:28b3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

landingpages.kaizengaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
visuals.kaizengaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4280:bdb4:8050:697b:3322 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.250 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

12738953.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:25::1726:6211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

servg.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4005:801::2003 (Hong Kong)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.83.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-83-174.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c96e (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:33::212:40c5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.0.146.5 (United States)

ASN7979 (SERVERS-COM, US)

gov.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.46.186.186 (United States)

ASN7979 (SERVERS-COM, US)

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.19.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-19-18.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.17 (United States)

ASN46636 (NATCOWEB, US)

sync.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.206.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-206-174.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.173 (Netherlands) 1 redirects

ASN- ()

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.232.193 (Stockholm, Sweden)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-232-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.182.120 (Dublin, Ireland)

ASN- ()
PTR: ec2-54-194-182-120.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.33 (United States) 1 redirects

ASN- ()

us.shb-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:6a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:269d:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	kaizengaming.com 1 redirects landingpages.kaizengaming.com — Cisco Umbrella Rank: 225187 visuals.kaizengaming.com — Cisco Umbrella Rank: 232842	1 MB
48	everardoherrera.com 1 redirects everardoherrera.com — Cisco Umbrella Rank: 652180	6 MB
43	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 1216	12 MB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	557 KB
18	betano.de 1 redirects promos.betano.de — Cisco Umbrella Rank: 341248 dd.betano.de — Cisco Umbrella Rank: 404251	263 KB
18	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 566 12738953.fls.doubleclick.net — Cisco Umbrella Rank: 442880 Failed	298 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	196 KB
12	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 302 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 606 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	153 KB
9	seedtag.com t.seedtag.com — Cisco Umbrella Rank: 10904 s.seedtag.com — Cisco Umbrella Rank: 1780	136 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 829 static.adsafeprotected.com — Cisco Umbrella Rank: 625 dt.adsafeprotected.com — Cisco Umbrella Rank: 630	105 KB
8	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 5201 csync.smilewanted.com — Cisco Umbrella Rank: 2891 static.smilewanted.com — Cisco Umbrella Rank: 8686	16 KB
8	retargetly.com 2 redirects api.retargetly.com — Cisco Umbrella Rank: 4648 pdp-cdn.retargetly.com — Cisco Umbrella Rank: 7723 pdp-service.retargetly.com — Cisco Umbrella Rank: 7286	12 KB
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2720 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 97	123 KB
8	fbcdn.net scontent.fsyq2-1.fna.fbcdn.net — Cisco Umbrella Rank: 206131	2 MB
8	cleverwebserver.com 1 redirects scripts.cleverwebserver.com — Cisco Umbrella Rank: 28086 ui.cleverwebserver.com — Cisco Umbrella Rank: 29103 sender.cleverwebserver.com — Cisco Umbrella Rank: 44892 lp.cleverwebserver.com — Cisco Umbrella Rank: 48235 call.cleverwebserver.com — Cisco Umbrella Rank: 29744	113 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 366 fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 472	672 KB
8	hhkld.com amer.hhkld.com — Cisco Umbrella Rank: 102949 rtb.hhkld.com — Cisco Umbrella Rank: 96995 logs.hhkld.com — Cisco Umbrella Rank: 94834 hhkld.com — Cisco Umbrella Rank: 15005	10 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	554 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	63 KB
5	aniview.com player.aniview.com — Cisco Umbrella Rank: 2372 gov.aniview.com — Cisco Umbrella Rank: 5746 track1.aniview.com — Cisco Umbrella Rank: 2747	140 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 752 tr6.snapchat.com — Cisco Umbrella Rank: 1346	1 KB
5	gstatic.com fonts.gstatic.com csi.gstatic.com Failed	173 KB
4	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 687 ce.lijit.com — Cisco Umbrella Rank: 852	468 B
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 252 acdn.adnxs.com — Cisco Umbrella Rank: 620 secure.adnxs.com — Cisco Umbrella Rank: 459	21 KB
4	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1678 sync.smartadserver.com — Cisco Umbrella Rank: 1356	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 171	158 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 363	14 KB
3	gumgum.com js.gumgum.com — Cisco Umbrella Rank: 5200 g2.gumgum.com — Cisco Umbrella Rank: 1489	42 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	97 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6562	626 B
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 692	660 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 539 image6.pubmatic.com — Cisco Umbrella Rank: 826	6 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 13461	5 KB
2	adform.net s2.adform.net — Cisco Umbrella Rank: 7841 cm.adform.net — Cisco Umbrella Rank: 1131	32 KB
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 64996	2 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 758	172 B
2	admanmedia.com pub.admanmedia.com — Cisco Umbrella Rank: 50005 sync.admanmedia.com — Cisco Umbrella Rank: 2568	517 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 579 eb2.3lift.com — Cisco Umbrella Rank: 414	763 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 702	416 B
2	embi-media.com embi-media.com — Cisco Umbrella Rank: 368925	120 KB
2	mowplayer.com ejs.mowplayer.com — Cisco Umbrella Rank: 126691 cdn.mowplayer.com — Cisco Umbrella Rank: 146797	56 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1307	633 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 419	1 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1311	9 KB
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674
1	shb-sync.com 1 redirects us.shb-sync.com — Cisco Umbrella Rank: 6107	581 B
1	360yield.com ice.360yield.com — Cisco Umbrella Rank: 1971	199 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374
1	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 9349	141 B
1	datadome.co api-js.datadome.co — Cisco Umbrella Rank: 4764	408 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	185 B
1	playstream.media servg.playstream.media — Cisco Umbrella Rank: 64746	1 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1147	18 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 139	572 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	11 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 761	30 KB
1	4dex.io mp.4dex.io — Cisco Umbrella Rank: 2507	399 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1418	383 B
1	creativecdn.com prebid-us.creativecdn.com — Cisco Umbrella Rank: 8574	182 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3586	710 B
1	richaudience.com shb.richaudience.com Failed s.richaudience.com — Cisco Umbrella Rank: 17826 sync.richaudience.com Failed	384 B
1	viads.net cdn2.viads.net — Cisco Umbrella Rank: 104919	58 KB
427	62

	Domain	Requested by
48	everardoherrera.com	1 redirects everardoherrera.com
47	landingpages.kaizengaming.com	code.jquery.com landingpages.kaizengaming.com promos.betano.de
43	pbs.twimg.com	everardoherrera.com
35	visuals.kaizengaming.com	1 redirects code.jquery.com visuals.kaizengaming.com
22	pagead2.googlesyndication.com	everardoherrera.com pagead2.googlesyndication.com imasdk.googleapis.com googleads.g.doubleclick.net tpc.googlesyndication.com
17	promos.betano.de	1 redirects lp.cleverwebserver.com promos.betano.de code.jquery.com
14	s0.2mdn.net	imasdk.googleapis.com everardoherrera.com s0.2mdn.net
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagmanager.com
8	scontent.fsyq2-1.fna.fbcdn.net	everardoherrera.com
8	www.googletagmanager.com	everardoherrera.com www.googletagmanager.com www.google-analytics.com promos.betano.de
7	tpc.googlesyndication.com	googleads.g.doubleclick.net everardoherrera.com tpc.googlesyndication.com pagead2.googlesyndication.com
6	c.amazon-adsystem.com	embi-media.com c.amazon-adsystem.com player.aniview.com
6	www.google-analytics.com	www.googletagmanager.com everardoherrera.com www.google-analytics.com
5	csync.smilewanted.com	embi-media.com csync.smilewanted.com
5	t.seedtag.com	embi-media.com t.seedtag.com
4	tr.snapchat.com	sc-static.net promos.betano.de
4	dt.adsafeprotected.com	googleads.g.doubleclick.net everardoherrera.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
4	pdp-service.retargetly.com	1 redirects everardoherrera.com pdp-cdn.retargetly.com
4	logs.hhkld.com	cdn2.viads.net
4	lp.cleverwebserver.com	everardoherrera.com lp.cleverwebserver.com
4	s.seedtag.com	embi-media.com t.seedtag.com
4	imasdk.googleapis.com	ejs.mowplayer.com imasdk.googleapis.com
4	connect.facebook.net	everardoherrera.com connect.facebook.net
3	track1.aniview.com	player.aniview.com
3	bat.bing.com	everardoherrera.com bat.bing.com promos.betano.de
3	www.google.com	1 redirects promos.betano.de tpc.googlesyndication.com
3	googleads4.g.doubleclick.net	everardoherrera.com
3	csi.gstatic.com	imasdk.googleapis.com
3	cdnjs.cloudflare.com	cdn2.viads.net s0.2mdn.net
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	ap.lijit.com	1 redirects embi-media.com csync.smilewanted.com
3	api.retargetly.com	1 redirects embi-media.com api.retargetly.com
3	www.google.de	everardoherrera.com www.googletagmanager.com promos.betano.de
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	everardoherrera.com
2	u.openx.net	2 redirects
2	sync.smartadserver.com	1 redirects csync.smilewanted.com
2	g2.gumgum.com	js.gumgum.com
2	a.mgid.com	everardoherrera.com promos.betano.de
2	12738953.fls.doubleclick.net	www.googletagmanager.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects everardoherrera.com
2	gml-grp.com	2 redirects
2	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
2	fonts.gstatic.com	everardoherrera.com
2	prebid.smilewanted.com	embi-media.com
2	prebid.a-mo.net	embi-media.com
2	onetag-sys.com	embi-media.com
2	ib.adnxs.com	embi-media.com acdn.adnxs.com
2	prg.smartadserver.com	embi-media.com
2	securepubads.g.doubleclick.net	ejs.mowplayer.com securepubads.g.doubleclick.net
2	amer.hhkld.com	everardoherrera.com amer.hhkld.com
2	embi-media.com	everardoherrera.com embi-media.com
1	rules.quantcount.com	secure.quantserve.com
1	id5-sync.com
1	secure.quantserve.com	everardoherrera.com
1	s.ad.smaato.net	csync.smilewanted.com
1	us.shb-sync.com	1 redirects
1	cm.adform.net	csync.smilewanted.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ice.360yield.com	csync.smilewanted.com
1	ads.pubmatic.com	csync.smilewanted.com
1	pixel.rubiconproject.com	csync.smilewanted.com
1	secure.adnxs.com	1 redirects
1	static.smilewanted.com	csync.smilewanted.com
1	acdn.adnxs.com	embi-media.com
1	ce.lijit.com	embi-media.com
1	sync.admanmedia.com	embi-media.com
1	eb2.3lift.com	embi-media.com
1	gov.aniview.com	player.aniview.com
1	player.aniview.com	imasdk.googleapis.com
1	tr6.snapchat.com	sc-static.net
1	c.bannerflow.net	visuals.kaizengaming.com
1	api-js.datadome.co	dd.betano.de
1	www.facebook.com	promos.betano.de
1	servg.playstream.media	imasdk.googleapis.com
1	adservice.google.com	12738953.fls.doubleclick.net
1	s2.adform.net	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	www.googleadservices.com	1 redirects
1	dd.betano.de	promos.betano.de
1	cdn.jsdelivr.net	promos.betano.de
1	code.jquery.com	promos.betano.de
1	s.richaudience.com	imasdk.googleapis.com
1	js.gumgum.com	everardoherrera.com
1	hhkld.com	cdnjs.cloudflare.com
1	pdp-cdn.retargetly.com	api.retargetly.com
1	call.cleverwebserver.com	everardoherrera.com
1	sender.cleverwebserver.com	1 redirects
1	mp.4dex.io	embi-media.com
1	a.teads.tv	embi-media.com
1	pub.admanmedia.com	embi-media.com
1	prebid-us.creativecdn.com	embi-media.com
1	hb-api.omnitagjs.com	embi-media.com
1	tlx.3lift.com	embi-media.com
1	rtb.hhkld.com	amer.hhkld.com
1	cdn2.viads.net	amer.hhkld.com
1	ui.cleverwebserver.com	everardoherrera.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.mowplayer.com	ejs.mowplayer.com
1	scripts.cleverwebserver.com	everardoherrera.com
1	ajax.googleapis.com	everardoherrera.com
1	ejs.mowplayer.com	everardoherrera.com
0	sync.richaudience.com Failed	embi-media.com
0	shb.richaudience.com Failed	embi-media.com
427	106

This site contains links to these domains. Also see Links.

Domain
cleveradvertising.com
www.facebook.com
twitter.com
pinterest.com
instagram.com
www.youtube.com
api.whatsapp.com
www.everardoherrera.com
www.clinicaocampo.com
www.radios.co.cr
soundcloud.com

Subject Issuer	Validity	Valid
dev2.everardoherrera.com R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
ejs.mowplayer.com R3	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
embi-media.com Amazon RSA 2048 M01	`2023-06-08` - `2024-07-06`	a year	crt.sh
hhkld.com R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.fsyq2-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-21` - `2024-02-19`	3 months	crt.sh
cdn.mowplayer.com R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.retargetly.com R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
cdn2.viads.net R3	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
promos.betano.de Cloudflare Inc ECC CA-3	`2023-09-11` - `2024-09-10`	a year	crt.sh
*.gumgum.com Amazon RSA 2048 M02	`2023-08-13` - `2024-09-09`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
dd.betano.de R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
landingpages.kaizengaming.com E1	`2024-01-30` - `2024-04-29`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
kaizengaming.com E1	`2024-01-17` - `2024-04-16`	3 months	crt.sh
wl.aniview.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-13` - `2024-10-15`	a year	crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh

This page contains 49 frames:

Primary Page: https://everardoherrera.com/
Frame ID: B5D8F5D1112FD5BE03E28AA5EE459865
Requests: 203 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 928212D1CE83B4ECE01ED38A45C3AA62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&adk=818887759&adf=845068020&lmt=1707754649&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Feverardoherrera.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~11&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649926&bpp=3&bdt=906&idt=399&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2009621240441&frm=20&pv=2&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=426
Frame ID: DD8F80F86F31C8E150B50A89D0C07251
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=90&slotname=5715959960&adk=2143527120&adf=432176807&pi=t.ma~as.5715959960&w=728&lmt=1707754649&format=728x90&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649929&bpp=1&bdt=909&idt=432&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=448
Frame ID: DBF10239202D7D6414D7FE48AAF3A2F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468
Frame ID: 1C4C24C139E9636C0E5F06765A525FE4
Requests: 24 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D
Frame ID: B19CD1C7FD258E51CC5CDCAC08D7545C
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Frame ID: 0ADFFBF9521E714C8F003EC7542FCE97
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 47712B665687FD92CE21A85ED3FF2930
Requests: 1 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=1679&src=0&url=https%3A%2F%2Feverardoherrera.com%2F&browserUrl=undefined&ref=&utmz=&n=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&md=Everardoherrera.com%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica%20%2C%20deporte%20y%20el%20entretenimiento.&mk=futbol%20de%20Costa%20Rica%2C%20futbol%20nacional%2C%20futbol%20internacional%2C%20Everardo%20Herrera%2C%20se%C3%B1ales%20en%20vivo%2C%20futb&il=0&limit_drop=&userid=11ec98f0-9a54-4b7d-b365-a679a417e0fa&fullVersionList=&platform=&_rlid=11ec98f0-9a54-4b7d-b365-a679a417e0fa
Frame ID: 26F3D8CA383B79299F17D6B677CE2707
Requests: 1 HTTP requests in this frame

Frame: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Frame ID: 6010B97E1F5C928073F15338B95AAD4B
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGI2v1YACMAE&v=APEucNXk2A-fxKqmyEDBMyxVMM4Q0nDoi4FlCgf-xjUoNC-VAO7Ip0f_zdFy26J1Ri4jhkCduQHRzhvPHB6Z7Q1ktoxFoi4D5NRuAIdiXMTZ6Dow36d6j34CrbN57EXmkDqPKRtJPvzavyD-c60sVahgPhBFD2QaW8s6-bXjj7wyc4Fi-KokLjM
Frame ID: 03FE7CB2EB96059DF3EFBCCA607395EC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Frame ID: 034D2AED3500955BD8233980E2A77A72
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FFE38200DD966BF23A58413297666E3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E39D7D77F3B5DE151CC1C79176765767
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
Frame ID: 8222906309F2C3C76292A5909D180A28
Requests: 14 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Frame ID: 914505DB8B657B73106B6F142C55F1FA
Requests: 2 HTTP requests in this frame

Frame: https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 5F550580A0E00779658916938F3A5990
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4ABBB28375585F188D5DF69F651A7566
Requests: 1 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPaMmOuZpoQDFUrHOwId6cEPWA;src=12738953;type=despo0;cat=despo0;ord=1337654614;~oref=https%3A%2F%2Fpromos.betano.de%2F
Frame ID: 247DF22EAB7C24699C438C2D390BCCE6
Requests: 1 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785
Frame ID: 011AB753992C4A3FA05373BD17440519
Requests: 2 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Frame ID: 1F7ACC66F4ECEED9F42BAE1690E100F8
Requests: 11 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 91F384998315B1E09C14AEB4800C6BC9
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=b8b8c17b-7e54-4141-bef4-f1de910d5146&u_sclid=687dc384-d717-4391-af82-de157ea700f9
Frame ID: 76978C4650DE4E8FD62E90A26B55896C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 57A2C51B649F4B1634CE498E8C63E93E
Requests: 3 HTTP requests in this frame

Frame: blob://https://visuals.kaizengaming.com/464d820d-dc87-4a3f-a653-b0d6ffff7a67
Frame ID: 721E75DCFA1335E77BC9C31A06443191
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 992F6CE49A03EEF08366CE7B3281DBBB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A755F6FDF1EA6DEC2B6ED87A30929F57
Requests: 2 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Frame ID: 8774563AC8DE63A9D20BD562145AFB23
Requests: 23 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 3261406E192B8D6A682F219507D566CD
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6BFD49F884B74C23068DECC50B96F675
Requests: 1 HTTP requests in this frame

Frame: https://sync.admanmedia.com/iframe?pbjs=1&coppa=0
Frame ID: 06DC0F0558FD8B666C1DB31C7B7C09CE
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=9171996170
Frame ID: A9C720C97985A5666988414D22DDEAA3
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: B5082AD6B2ED2E1226F9089612C33F7D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 53863909B3F62F3E925032BDE00C6E9E
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13406112
Frame ID: 952BF8AB00828850F9BF8B3B29C12C8C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1707754650356
Frame ID: 7E2D2726EC8776DD270E5D4D1CE7B98A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1CE127D9367EFB0384CED74A61A7E1FA
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 45B1F5BA95F9EDBD60ACC56ECCD2C3D4
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 908C91ED9D65C7497644D13344B0D1B5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7092236699868605649
Frame ID: A8B369601E46EAA120C28D54FED4CF38
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 19AFC35480519419E01AF8BED0E9DD79
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: B3FADF99692B97233031C2AE252CCECE
Requests: 2 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: 63B39B7270CE9B3D2EF359C3AB1A6D17
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/610ebffa-24d0-484c-8dd0-294e5a902f30
Frame ID: 1F48A61CC5EC96EF5DC41BA989754E60
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: DB2616164775A29AFDEDEAA0B0723BA7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: A011F21FD573F21784A2E9E24E1012BB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adwmg/5f7b6f93-b7e2-4b6d-bab2-825cabd58d05
Frame ID: 5FFCDB681D2B05A6D07B5E50065FEF4D
Requests: 1 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Frame ID: C245AD9AE03943F8A7D95539B7B2BC50
Requests: 1 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 534AA2BA481093BAB4F4C7DBBE1E46C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Everardo Herrera, lo mejor del fútbol de Costa Rica

Page URL History Show full URLs

http://everardoherrera.com/ HTTP 308
https://everardoherrera.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

427
Requests

97 %
HTTPS

44 %
IPv6

62
Domains

106
Subdomains

85
IPs

13
Countries

26644 kB
Transfer

35327 kB
Size

49
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://cleveradvertising.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.everardoherrera.com/index.php/futbol-costa-rica-seleccion-nacional/90-futbol-costa-rica-noticias/73941-douglas-sequeira-defiende-su-labor-hemos-hecho-un-trabajo-espectacular-al-final-el-resultado-no-se-dio&picture=&title=Douglas%20Sequeira%20defiende%20su%20labor:
Title: https://www.facebook.com/AlPieDelDeporte/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Douglas+Sequeira+defiende+su+labor%3A+%22Hemos+hecho+un+trabajo+espectacular%2C+al+final+el+resultado+no+se+dio%22%0Ahttps://www.everardoherrera.com/index.php/futbol-costa-rica-seleccion-nacional/90-futbol-costa-rica-noticias/73941-douglas-sequeira-defiende-su-labor-hemos-hecho-un-trabajo-espectacular-al-final-el-resultado-no-se-dio%0A
Title: https://twitter.com/alpiedeldeporte

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.everardoherrera.com/index.php/futbol-costa-rica-seleccion-nacional/90-futbol-costa-rica-noticias/73941-douglas-sequeira-defiende-su-labor-hemos-hecho-un-trabajo-espectacular-al-final-el-resultado-no-se-dio&media=&description=Douglas%20Sequeira%20defiende%20su%20labor:
Title: pinterest

Search URL Search Domain Scan URL

URL: http://instagram.com/
Title: https://www.instagram.com/evergolcr/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/
Title: https://www.youtube.com/@evergolcroficial86

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Douglas%20Sequeira%20defiende%20su%20labor:%20
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.everardoherrera.com/index.php/programa-al-pie-del-deporte/66-al-pie-del-deporte-2/111123-la-asombrosa-preparacion-del-atleta-keniata-kelvin-kiptum-en-busca-de-hacer-mas-historia-en-maraton#google_vignette
Title: Así era la asombrosa preparación del atleta keniata Kelvin Kiptum en busca de hacer más historia en maratón

Search URL Search Domain Scan URL

URL: https://www.clinicaocampo.com/contenido

Search URL Search Domain Scan URL

URL: http://www.radios.co.cr/genero/noticias/#radio-actual-107-1-fm
Title: AL PIE DEL DEPORTE (Everardo Herrera Soto) 12:00 p.m. y 6 PM POR RADIO ACTUAL 107.1 FM. L a V . Desde 1989.

Search URL Search Domain Scan URL

URL: https://soundcloud.com/user-256076475/tracks

Search URL Search Domain Scan URL

URL: http://www.facebook.com/AlPieDelDeporte

Search URL Search Domain Scan URL

URL: https://twitter.com/alpiedeldeporte

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://everardoherrera.com/ HTTP 308
https://everardoherrera.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 155

https://sender.cleverwebserver.com/group/76459?id=860758&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D&ruri=&t=1707754650&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1200&app=&v=1.65.3&iv=-1&ctr=DE&sz=1200&landing=1&hei=360.00 HTTP 301
https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D

Request Chain 172

https://api.retargetly.com/api?id=1679&src=0&url=https%3A%2F%2Feverardoherrera.com%2F&browserUrl=undefined&ref=&utmz=&n=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&md=Everardoherrera.com%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica%20%2C%20deporte%20y%20el%20entretenimiento.&mk=futbol%20de%20Costa%20Rica%2C%20futbol%20nacional%2C%20futbol%20internacional%2C%20Everardo%20Herrera%2C%20se%C3%B1ales%20en%20vivo%2C%20futb&il=0&limit_drop=&userid=11ec98f0-9a54-4b7d-b365-a679a417e0fa&fullVersionList=&platform= HTTP 302
https://api.retargetly.com/api?id=1679&src=0&url=https%3A%2F%2Feverardoherrera.com%2F&browserUrl=undefined&ref=&utmz=&n=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&md=Everardoherrera.com%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica%20%2C%20deporte%20y%20el%20entretenimiento.&mk=futbol%20de%20Costa%20Rica%2C%20futbol%20nacional%2C%20futbol%20internacional%2C%20Everardo%20Herrera%2C%20se%C3%B1ales%20en%20vivo%2C%20futb&il=0&limit_drop=&userid=11ec98f0-9a54-4b7d-b365-a679a417e0fa&fullVersionList=&platform=&_rlid=11ec98f0-9a54-4b7d-b365-a679a417e0fa

Request Chain 174

https://pdp-service.retargetly.com/event_collector_cookies HTTP 307
https://pdp-service.retargetly.com/event_collector_cookies?redirect=true

Request Chain 187

https://gml-grp.com/C.ashx?btag=a_24785b_2931c_&affid=431&siteid=24785&adid=2931&c=CABAEFLAFCDAADE HTTP 302
https://gml-grp.com/C.ashx?btag=a_24785b_2931c_&affid=431&siteid=24785&adid=2931&c=CABAEFLAFCDAADE&AutoR=1 HTTP 302
https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Request Chain 235

https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 254

https://fw.adsafeprotected.com/rfw/st/1874223/77019499/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-6530008089495715&ias_chanId=1&ias_placementId=20839934288&bidurl=https://everardoherrera.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h9SX8aTLsNTUhDdW3ugNhf&adContainerId=brand_safety_m0TKZdvuGdrRjuwPgYa_-Ao&cbFunctionName=goog_wrapCb_m0TKZdvuGdrRjuwPgYa_-Ao&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Feverardoherrera.com&adsafe_type=y&adsafe_url=https%3A%2F%2Feverardoherrera.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6530008089495715%26output%3Dhtml%26h%3D600%26slotname%3D6887580780%26adk%3D1666921911%26adf%3D343901277%26pi%3Dt.ma~as.6887580780%26w%3D300%26lmt%3D1707754649%26format%3D300x600%26url%3Dhttps%253A%252F%252Feverardoherrera.com%252F%26fwrattr%3Dtrue%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707754649930%26bpp%3D1%26bdt%3D910%26idt%3D464%26shv%3Dr20240208%26mjsv%3Dm202402010101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D2009621240441%26frm%3D20%26pv%3D1%26ga_vid%3D1389964320.1707754650%26ga_sid%3D1707754650%26ga_hid%3D27662829%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1049%26ady%3D224%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44808398%252C31080795%252C31081024%252C31081035%252C44809005%252C95322745%252C95324581%252C95320870%252C95324154%252C95324160%252C95324260%26oid%3D2%26pvsid%3D283109826932713%26tmod%3D1144195827%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D468&adsafe_type=d&adsafe_jsinfo=,id:c8c81e48-f1fd-b903-e5d2-6ffdf707d718,c:41Nhd3,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-585fd76b4b-cgnm2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:9,mot:0,app:0,maw:0,tdt:s,fm:u45CtSw+11%7C12%7C13%7C14*.1874223-77019499%7C141%7C142%7C143%7C15%7C1611%7C1612%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:45,oid:393be9b5-c9c2-11ee-ae5f-daa4e43a93d9,v:19.8.482,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 256

https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=nETKZb9Ino-IzQ-6qYW4Bw&random=2104856002&sscte=1&crd=COy7sQI&pscrd=IhMIv4aW65mmhAMVngeiAx26VAF3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2104856002&sscte=1&crd=COy7sQI&pscrd=IhMIv4aW65mmhAMVngeiAx26VAF3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=nETKZb9Ino-IzQ-6qYW4Bw&cid=CAQSKQAvHhf_j8tdrU7g-9b3mtHm5a4xpva3h_BRtadAAzyUeqQ438ohU7jb&random=3617946776 HTTP 302
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2104856002&sscte=1&crd=COy7sQI&pscrd=IhMIv4aW65mmhAMVngeiAx26VAF3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=nETKZb9Ino-IzQ-6qYW4Bw&cid=CAQSKQAvHhf_j8tdrU7g-9b3mtHm5a4xpva3h_BRtadAAzyUeqQ438ohU7jb&random=3617946776&ipr=y

Request Chain 259

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=1337654614;~oref=https%3A%2F%2Fpromos.betano.de%2F HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CPaMmOuZpoQDFUrHOwId6cEPWA;src=12738953;type=despo0;cat=despo0;ord=1337654614;~oref=https%3A%2F%2Fpromos.betano.de%2F

Request Chain 281

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785 HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785

Request Chain 330

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 415

https://ap.lijit.com/beacon?informer=13406112 HTTP 302
https://ce.lijit.com/beacon?informer=13406112

Request Chain 421

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 422

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7092236699868605649

Request Chain 426

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/openx/610ebffa-24d0-484c-8dd0-294e5a902f30

Request Chain 431

https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA] HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/adwmg/5f7b6f93-b7e2-4b6d-bab2-825cabd58d05

427 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
everardoherrera.com/
Redirect Chain

http://everardoherrera.com/
https://everardoherrera.com/

100 KB
25 KB

511ms
317ms

Document
text/html

143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ PHP/7.4.6

Resource Hash

84e65b7d5ad8bedeb2c52eaff67e795740dc6cbdf21937cb786cb865a44bfcb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 16:17:28 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Mon, 12 Feb 2024 16:17:29 GMT
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/7.4.6

Redirect headers

Connection: keep-alive
Content-Length: 164
Content-Type: text/html
Date: Mon, 12 Feb 2024 16:17:28 GMT
Location: https://everardoherrera.com

GET
H2 200 mqP6dEWIkE.js Show response
ejs.mowplayer.com/js/player/ 154 KB
40 KB 353ms
113ms Script
application/javascript 51.79.85.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ejs.mowplayer.com/js/player/mqP6dEWIkE.js
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.85.170 , United States, ASN16276 (OVH, FR),
Reverse DNS: c1061.cloud.wiroos.net
Software: nginx/1.14.2 /
Resource Hash: 3d961df6f903709e923adfb503a88b8358b4af0c54888a8e2a1fbd5848fc793c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 16:13:28 GMT
server: nginx/1.14.2
etag: W/"65ca43a8-2663f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 77ms
23ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-22613876-1

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5a5dacdc178c87b62cf029637baa571916f1260e9283c0256741b1e0d946103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70843
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 16:17:29 GMT

GET
H2 200 e6fb2272.js Show response
embi-media.com/hb_resources/everardo_herrera-com/test/ 11 KB
3 KB 194ms
94ms Script
application/javascript 18.245.46.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embi-media.com/hb_resources/everardo_herrera-com/test/e6fb2272.js
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-54.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11ca469e57472b89f84820ea0d8b82add3f3df32c4c83e1eaedd62a4e24e7a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:16:07 GMT
x-amz-version-id: 3K72Z7teBFeyeuhguG8UEUIOakVXxp6R
content-encoding: gzip
last-modified: Wed, 08 Nov 2023 18:07:28 GMT
server: AmazonS3
via: 1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
etag: W/"b10ef3c79a749d73754b95283fa512b0"
age: 83
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JIRi8mK-VP9ATF98CDfVWorcv55M_5zDwmqYy7TWIYJYoVgjhAWgDw==

GET
H2 200 load-102880.js Show response
amer.hhkld.com/tag/ 277 B
643 B 223ms
100ms Script
application/javascript 141.94.202.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://amer.hhkld.com/tag/load-102880.js
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31491888.ip-141-94-202.eu
Software: nginx /
Resource Hash: ff277aec8447e39443e6abd4dd9ba0fa031decccdb74f21ed47368440bf085ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type: application/javascript
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 51ms
12ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:01:42 GMT

GET
H2 200 system.css
everardoherrera.com/templates/system/css/ 894 B
1 KB 95ms
90ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/system/css/system.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

3f492ef8c75e516e37d280720bb37973f7130e11ddb8797213bf9d0745f293a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "37e-5a7071aee7c80"
content-length: 894
content-type: text/css

GET
H2 200 position.css
everardoherrera.com/templates/beez3/css/ 14 KB
14 KB 108ms
103ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/css/position.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

10983ff0458c4d869e2c0ae237d697a19c2aeda3d52730d46c4bc8c31d9b30d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 12 Jan 2022 04:04:47 GMT
accept-ranges: bytes
etag: "37e6-5d55aaba93e93"
content-length: 14310
content-type: text/css

GET
H2 200 layout.css
everardoherrera.com/templates/beez3/css/ 34 KB
34 KB 140ms
135ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/css/layout.css?id=2

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

61d73067199058ae00203e8220bf1d61f443319eaa6e610a4e2252ee2ff173f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 08 Jan 2024 22:35:00 GMT
accept-ranges: bytes
etag: "8713-60e76cee1a682"
content-length: 34579
content-type: text/css

GET
H2 200 general.css
everardoherrera.com/templates/beez3/css/ 12 KB
13 KB 121ms
116ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/css/general.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

5ed81eb8b5eae10aa0c135397c8218c480e0760158db64ad28080b7f1d235457

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Sep 2020 16:53:15 GMT
accept-ranges: bytes
etag: "3161-5aed02bdac8dc"
content-length: 12641
content-type: text/css

GET
H2 200 eh.css
everardoherrera.com/templates/beez3/css/ 6 KB
6 KB 181ms
176ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/css/eh.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

3c13366f3127b98dd73e0ff273e715176fe9835f3bf7a3ba2dbd262258d2f008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 30 Jul 2021 21:41:31 GMT
accept-ranges: bytes
etag: "165e-5c85e152d3cd8"
content-length: 5726
content-type: text/css

GET
H2 200 personal.css
everardoherrera.com/templates/beez3/css/ 37 KB
37 KB 189ms
184ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/css/personal.css?id=?Monday_12th_of_February_2024_04:17:29_PM

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

ee6e0795474cbe81aeca004d469c7d6dc0799a3d37785aa13b3957a6e50cf069

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 01 Feb 2024 02:29:05 GMT
accept-ranges: bytes
etag: "94ab-61048c26a663e"
content-length: 38059
content-type: text/css

GET
H2 200 maximenuck_maximenuck552.css
everardoherrera.com/modules/mod_maximenuck/themes/custom/css/ 4 KB
5 KB 265ms
260ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/modules/mod_maximenuck/themes/custom/css/maximenuck_maximenuck552.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

ebf1df3c4af8a738589f0ddb86fa2eecbec01c21348b4569fb6aa594395d76ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Sep 2020 17:38:12 GMT
accept-ranges: bytes
etag: "11e7-5aed0cc96e20b"
content-length: 4583
content-type: text/css

GET
H2 200 mod_bw_social_share.css
everardoherrera.com/modules/mod_bw_social_share/css/ 2 KB
2 KB 239ms
235ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/modules/mod_bw_social_share/css/mod_bw_social_share.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

ee56fa6085e2387b1990ae4a778b6dd096abde6ab29ec79ad5163342a14e35a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Jul 2020 23:12:02 GMT
accept-ranges: bytes
etag: "652-5aa6eef5e1df3"
content-length: 1618
content-type: text/css

GET
H2 200 rrssb.css
everardoherrera.com/modules/mod_bw_social_share/css/ 8 KB
8 KB 274ms
270ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/modules/mod_bw_social_share/css/rrssb.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

d7a73f49224e7447efc98ca3d9a95373c3ccb664ba2d7e6d1879b36509647100

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Jul 2020 23:12:02 GMT
accept-ranges: bytes
etag: "1f13-5aa6eef5e20bd"
content-length: 7955
content-type: text/css

GET
H2 200 jquery.min.js Show response
everardoherrera.com/media/jui/js/ 95 KB
96 KB 278ms
275ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/jui/js/jquery.min.js?b1cd780282fd9414b3939df181189fb9

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "17d6e-5a7071aee7c80"
content-length: 97646
content-type: application/javascript

GET
H2 200 jquery-noconflict.js Show response
everardoherrera.com/media/jui/js/ 21 B
211 B 351ms
348ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/jui/js/jquery-noconflict.js?b1cd780282fd9414b3939df181189fb9

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "15-5a7071aee7c80"
content-length: 21
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
everardoherrera.com/media/jui/js/ 10 KB
10 KB 349ms
346ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/jui/js/jquery-migrate.min.js?b1cd780282fd9414b3939df181189fb9

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "2748-5a7071aee7c80"
content-length: 10056
content-type: application/javascript

GET
H2 200 caption.js Show response
everardoherrera.com/media/system/js/ 491 B
682 B 339ms
336ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/system/js/caption.js?b1cd780282fd9414b3939df181189fb9

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "1eb-5a7071aee7c80"
content-length: 491
content-type: application/javascript

GET
H2 200 mootools-core.js Show response
everardoherrera.com/media/system/js/ 82 KB
82 KB 341ms
338ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/system/js/mootools-core.js?b1cd780282fd9414b3939df181189fb9

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "147b5-5a7071aee7c80"
content-length: 83893
content-type: application/javascript

GET
H2 200 core.js Show response
everardoherrera.com/media/system/js/ 9 KB
9 KB 367ms
365ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/system/js/core.js?b1cd780282fd9414b3939df181189fb9

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "2268-5a7071aee7c80"
content-length: 8808
content-type: application/javascript

GET
H2 200 mootools-more.js Show response
everardoherrera.com/media/system/js/ 231 KB
232 KB 358ms
356ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/system/js/mootools-more.js?b1cd780282fd9414b3939df181189fb9

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "39d19-5a7071aee7c80"
content-length: 236825
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
everardoherrera.com/media/jui/js/ 28 KB
29 KB 372ms
369ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/jui/js/bootstrap.min.js?b1cd780282fd9414b3939df181189fb9

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "71c6-5a7071aee7c80"
content-length: 29126
content-type: application/javascript

GET
H2 200 hide.js Show response
everardoherrera.com/templates/beez3/javascript/ 9 KB
9 KB 377ms
375ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/javascript/hide.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

d557ac16594b80a88ed876e585d32bfe3086bc18bdbc0d90422b42acbda7b42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "2200-5a7071aee7c80"
content-length: 8704
content-type: application/javascript

GET
H2 200 respond.src.js Show response
everardoherrera.com/templates/beez3/javascript/ 9 KB
9 KB 380ms
378ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/javascript/respond.src.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

a21e413cc26d5de1425a1211b089d3c41407ad164426a9d475b2e4fbb27991d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "2509-5a7071aee7c80"
content-length: 9481
content-type: application/javascript

GET
H2 200 template.js Show response
everardoherrera.com/templates/beez3/javascript/ 2 KB
2 KB 423ms
421ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/javascript/template.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

20a3666a70ca33bb5f8f1694d1c0baddf6486e06b19dac01127a60fa9499e7f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "7af-5a7071aee7c80"
content-length: 1967
content-type: application/javascript

GET
H2 200 maximenuck.min.js Show response
everardoherrera.com/modules/mod_maximenuck/assets/ 16 KB
17 KB 384ms
383ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/modules/mod_maximenuck/assets/maximenuck.min.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

acd6dd6862932d343a83efa57ac20dc629e9527454005afaf34131bf5b12b787

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Sep 2020 16:37:19 GMT
accept-ranges: bytes
etag: "417a-5aecff2dffba6"
content-length: 16762
content-type: application/javascript

GET
H2 200 mobilemenuck.js Show response
everardoherrera.com/media/plg_system_mobilemenuck/assets/ 28 KB
28 KB 424ms
422ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/plg_system_mobilemenuck/assets/mobilemenuck.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

abf9314d71a15a8c6791670b50f3a8bc451abc72cbb7b026cdd3a40a968d99f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Sep 2020 16:41:21 GMT
accept-ranges: bytes
etag: "6ef9-5aed001486662"
content-length: 28409
content-type: application/javascript

GET
H2 200 e4a047eb3ee54070d4ae2ffffcc7cb7e.js Show response
scripts.cleverwebserver.com/ 180 KB
66 KB 299ms
229ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/e4a047eb3ee54070d4ae2ffffcc7cb7e.js
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40d0956b744bfc7a22e63e16797dc3e1087950a043b245ef3bf4fe7535af00d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
x-amz-version-id: laVJb727MYSdXLCC9tiCPYZ.r41vIqhK
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Feb 2024 18:29:07 GMT
server: cloudflare
x-amz-request-id: 6BBWCAC6VFC15PV0
etag: W/"fef5f8fd8c695720b457763f36cb6730"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 854624601aa89bb9-FRA
x-amz-id-2: +op3GmU/M1dHNA6e40zQrQK09PmoHXPanhiYKDcUB43MKu4gAYc9mG2wYAHKU2ncFVMQxzCRDoU=
expires: Mon, 12 Feb 2024 16:47:29 GMT

GET
H2 200 rrssb.js Show response
everardoherrera.com/modules/mod_bw_social_share/js/ 12 KB
12 KB 410ms
408ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/modules/mod_bw_social_share/js/rrssb.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

f446f89ed1950a40756e76b0c8c999af1eaacdd0ba7bd5699da8445911b9ae2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Jul 2020 23:12:02 GMT
accept-ranges: bytes
etag: "2f4e-5aa6eef5e2a0c"
content-length: 12110
content-type: application/javascript

GET
H2 200 mod_bw_social_share.js Show response
everardoherrera.com/modules/mod_bw_social_share/js/ 1 KB
1 KB 408ms
407ms Script
application/javascript 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/modules/mod_bw_social_share/js/mod_bw_social_share.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

24cc16de3d8d0d6026074f4a7c5ccd43e7b3d3392c47198a922208c1a94f9ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 14 Jul 2020 23:12:02 GMT
accept-ranges: bytes
etag: "53a-5aa6eef5e28bb"
content-length: 1338
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 762 B
798 B 52ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Passion+One

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16b4bd9d233644797c76598eb6ad3d866e796e920965f8d8e7201e351f057452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 16:13:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 16:17:29 GMT

GET
H2 200 logo.png
everardoherrera.com/images/images-pag/ 28 KB
28 KB 409ms
408ms Image
image/png 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images/images-pag/logo.png

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

87c11d6ef52b96f056f348a18e7f43b576e3454ecf4d6d20bfc4c7e2f201f9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 25 Apr 2016 05:13:38 GMT
accept-ranges: bytes
etag: "6fce-531483d376480"
content-length: 28622
content-type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 212ms
124ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71fb32982beb227a8206fa82f96df7ba6c925335b8c51b54c5a700831dcb5524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51452
x-xss-protection: 0
server: cafe
etag: 2822450762719139379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 12 Feb 2024 16:17:29 GMT

GET
H2 200 menu-mobile-icon.png
everardoherrera.com/templates/beez3/images/ 994 B
1 KB 408ms
407ms Image
image/png 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/menu-mobile-icon.png

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

cfc68e1419e472b4f2d59fa7d2f8550545717158557d55f58d1697cb564ab504

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 19 Sep 2016 23:16:09 GMT
accept-ranges: bytes
etag: "3e2-53ce47f452040"
content-length: 994
content-type: image/png

GET
H2 200 GGI7kRFXUAACPlq.jpg
pbs.twimg.com/media/ 273 KB
274 KB 76ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGI7kRFXUAACPlq.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

751a8ede0994f0b6f19f4bb6284ab2395661950e66463b4915e5de9d4a6cf371

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 10277
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 279791
x-response-time: 220
surrogate-key: media media/bucket/1 media/1757032298875146240
last-modified: Mon, 12 Feb 2024 13:19:58 GMT
server: ECS (frb/674D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1dc0bc7648c237c6
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: ca23f51e2bece5eae8c1370cdf6888a7608e5441bfe631f93101d994c6c3b837
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 427984067_927578462403140_4654840452169454346_n.jpg
scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/ 99 KB
99 KB 669ms
203ms Image
image/jpeg 170.150.56.17
Telecable Economi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/427984067_927578462403140_4654840452169454346_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=276hiHawxisAX_qs4qF&_nc_ht=scontent.fsyq2-1.fna&oh=00_AfC4QNFuFOHN9KH48nKibwRz3Qu5Ba8wdcsDOgrAWnMxwA&oe=65CE0041
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.150.56.17 , Costa Rica, ASN52263 (Telecable Economico S.A., CR),
Reverse DNS: ptr17.56.150.170.residencial.telecablecr.com
Software: /
Resource Hash: 727aab34cf7b93803158fe79c74254f551cd7b854dd0db228f062f49ec9b4b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 11 Feb 2024 20:35:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2238426383
thrift_fmhk: GBCSrQtkVbhhMruipMYDaQPrFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2238426383
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 101707

GET
H2 200 GGIrLCzWMAAz28X
pbs.twimg.com/media/ 312 KB
313 KB 37ms
19ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGIrLCzWMAAz28X?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

2a9a6989962be58e9c983dacb2035808d86556280d8e08d9a31fa0e7dff4bd58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 14288
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 319803
x-response-time: 217
surrogate-key: media media/bucket/4 media/1757014273358704640
last-modified: Mon, 12 Feb 2024 12:08:21 GMT
server: ECS (frb/67A7)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 64bf180128d2d9c4
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 42ac486c7424fca2eac30c2374f0d391fc80c5b947affeddad865bb346284d93
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGHXGHQWUAABqol.jpg
pbs.twimg.com/media/ 151 KB
151 KB 40ms
23ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGHXGHQWUAABqol.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

a2f9462e6bc5d81902b5bd8b0b6bab5d33b937101374c3f13433a29efa0fd9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 36857
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 154505
x-response-time: 210
surrogate-key: media media/bucket/5 media/1756921829678010368
last-modified: Mon, 12 Feb 2024 06:01:00 GMT
server: ECS (frb/673A)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: e830d7974d2daab8
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: f6c2eee6ec2f8af0822ea5166831f7e20aeba152cdfd7935e7e9962129602b40
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGFwZTcWIAAeuF8
pbs.twimg.com/media/ 73 KB
73 KB 40ms
23ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGFwZTcWIAAeuF8?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

340dddd5d80eba271df66f1a21d4f2be386a949cd6f293d741b5b01581777be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 63680
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 74991
x-response-time: 226
surrogate-key: media media/bucket/5 media/1756808909669408768
last-modified: Sun, 11 Feb 2024 22:32:18 GMT
server: ECS (frb/6738)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 7d89950c09a38b7a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: fe8c0d16adc71596d22a270c6762e1a45c3457600a666cfe895fb52314af2ea1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 luna%20verde.gif
everardoherrera.com/images-banners/ 986 KB
988 KB 160ms
143ms Image
image/gif 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images-banners/luna%20verde.gif

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

abf96510b6f6c7104d67a388900136fb29dece2976b943ec042079f227b6ad95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 28 Mar 2023 21:10:16 GMT
accept-ranges: bytes
etag: "f66ed-5f7fc494382ff"
content-length: 1009389
content-type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
659 B 59ms
41ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Play:wght@700&display=swap

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a33f24eb4a2a30503b76dff7dd3cb31b321d484f663fb20d5d79e433ff5b2a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 16:17:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 16:17:29 GMT

GET
H2 200 GF6eFmhWIAAcF29
pbs.twimg.com/media/ 204 KB
204 KB 39ms
23ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF6eFmhWIAAcF29?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

6657564cbaa199de5f2cc4813868b6ec7fe7f430b58b4b774a0119abf1340e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 231076
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 209089
x-response-time: 215
surrogate-key: media media/bucket/3 media/1756014723798016000
last-modified: Fri, 09 Feb 2024 17:56:29 GMT
server: ECS (frb/6725)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 71e04e099af9225a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: f04027848d33e40090b84bf10ad26a0d365a796d87392901c41c63bd40455c12
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GFAzI8yW4AADFo-.jpg
pbs.twimg.com/media/ 307 KB
307 KB 84ms
68ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GFAzI8yW4AADFo-.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674C) /

Resource Hash

03eb48d039c3987d91bf3c32fc33f27d71d016f3d8072489def05ef9b48a5edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 10718
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 313924
x-response-time: 113
surrogate-key: media media/bucket/5 media/1751956483896434688
last-modified: Mon, 29 Jan 2024 13:10:30 GMT
server: ECS (frb/674C)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: e502f4f7832c3cb0
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: d4d65bdede4ec91a2f1c0d7fb589eab62b26d981edb11065c653d9bd76758c52
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 conape-nov-22.gif
everardoherrera.com/images-banners/ 154 KB
154 KB 178ms
162ms Image
image/gif 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images-banners/conape-nov-22.gif

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

041d9bcbcefc815556b877c8cdcba9658481f3139535a8e52030beaf9c9b494f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 23 Nov 2022 00:57:56 GMT
accept-ranges: bytes
etag: "266af-5ee18c77896aa"
content-length: 157359
content-type: image/gif

GET
H2 200 GFvXVwvW4AAoXGK.jpg
pbs.twimg.com/media/ 124 KB
124 KB 83ms
67ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GFvXVwvW4AAoXGK.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

95250a057c350065687db06d4996de5ada9f9d91137f67d6a742d0e6afced274

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 439442
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 126666
x-response-time: 224
surrogate-key: media media/bucket/5 media/1755233248651698176
last-modified: Wed, 07 Feb 2024 14:11:11 GMT
server: ECS (frb/67F2)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 32ad76fde8d2c7ed
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 57b501199dd55f78a0604765d440eb240508ac4dc53862466326dff7668808d4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GFlPLsJXoAARWWl.jpg
pbs.twimg.com/media/ 172 KB
173 KB 83ms
68ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GFlPLsJXoAARWWl.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) /

Resource Hash

389587d57c24f0a433f7a0134303eb02d649c77ec2e118308757c264dfaf2a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 4345
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 176471
x-response-time: 180
surrogate-key: media media/bucket/0 media/1754520592085131264
last-modified: Mon, 05 Feb 2024 14:59:21 GMT
server: ECS (frb/6724)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: cb32c51b42b32054
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 2a5a0990848079f896e691e45d8ed7796b8deafd105f0463c249e3bd0eda9e94
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGIePapXwAErFXw
pbs.twimg.com/media/ 149 KB
149 KB 83ms
68ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGIePapXwAErFXw?format=jpg&name=900x900

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

e813ed0b5fea40c6fb6dde73fcf5620a388085ceba43f03778b25693e652f35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 18201
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 152769
x-response-time: 231
surrogate-key: media media/bucket/8 media/1757000054827630593
last-modified: Mon, 12 Feb 2024 11:11:51 GMT
server: ECS (frb/6723)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1b3e5e071cfe9fbe
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 03fa3ab4dff582e3c9580bd5379f95c87e791148cf078389564d27d111a6fb8b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 416893259_861047956025228_9126134941806636031_n.jpg
scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/ 517 KB
518 KB 584ms
204ms Image
image/jpeg 170.150.56.17
Telecable Economi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/416893259_861047956025228_9126134941806636031_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=3635dc&_nc_ohc=JZwmgdW2zXMAX-cL6sv&_nc_ht=scontent.fsyq2-1.fna&oh=00_AfBd9AVzADuLN3zUYrB_c7kbK8FBcQLU_ygHZXMT0LCdPQ&oe=65CECE57
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.150.56.17 , Costa Rica, ASN52263 (Telecable Economico S.A., CR),
Reverse DNS: ptr17.56.150.170.residencial.telecablecr.com
Software: /
Resource Hash: 0645a8677982ad53b052187d052115793e6ad2cadecc86d72e88d477d982d5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 05 Jan 2024 00:05:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1579727878
thrift_fmhk: GBBfwLmnH3+m6MQcqsJAuf4UFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1579727878
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 529712

GET
H2 200 GGIA64SXkAALfKf.jpg
pbs.twimg.com/media/ 163 KB
163 KB 83ms
68ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGIA64SXkAALfKf.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

a16de65fadc7ab0713cfae9b81f903368fe667ad59c45ceb9009f99022c82479

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 25901
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 166580
x-response-time: 234
surrogate-key: media media/bucket/4 media/1756967816169754624
last-modified: Mon, 12 Feb 2024 09:03:44 GMT
server: ECS (frb/674D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 51446745d4c38208
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: a5f864685ec42b0518ef6c229efebf084c0f0e386e6228e35ff199f2eeff0cdd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGHxoPwXwAAncXK
pbs.twimg.com/media/ 189 KB
189 KB 83ms
68ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGHxoPwXwAAncXK?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

b13c9629a25f41a392fb8d5b01e162291433c14251de30d0b2087ba2c0828d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 29600
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 193216
x-response-time: 210
surrogate-key: media media/bucket/7 media/1756951003377680384
last-modified: Mon, 12 Feb 2024 07:56:56 GMT
server: ECS (frb/668B)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: fa03c31be0b2ce16
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 03d9dc775d8ba294c32e3741de95c0e4515cdd5756142048f5cf3d55c6f5f778
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 427838709_927809282380058_5713853657316971690_n.jpg
scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/ 85 KB
85 KB 583ms
204ms Image
image/jpeg 170.150.56.17
Telecable Economi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/427838709_927809282380058_5713853657316971690_n.jpg?_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=om_0UCyNuRIAX_AuNEV&_nc_ht=scontent.fsyq2-1.fna&oh=00_AfD9CsFmpaie1pkLNuoU3A4KZFirBk7X6eiGxPAsPBYjhw&oe=65CF193B
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.150.56.17 , Costa Rica, ASN52263 (Telecable Economico S.A., CR),
Reverse DNS: ptr17.56.150.170.residencial.telecablecr.com
Software: /
Resource Hash: 6cd2f4b38f48f0d0c800263dbf06c4d1ca1f04e48c5de5c370c9b0d18484f07d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 12 Feb 2024 07:01:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1201735610
thrift_fmhk: GBCKEiSp35UwTzzDPFsi/CAKFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1201735610
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 86907

GET
H2 200 GGHLINYXsAAOeBm.jpg
pbs.twimg.com/media/ 187 KB
187 KB 92ms
77ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGHLINYXsAAOeBm.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

1f4f86444bb34f5ea40461c1fab85e2f14ac2223c51496e51fa842ced2ca547b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 39963
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 191619
x-response-time: 213
surrogate-key: media media/bucket/5 media/1756908671542472704
last-modified: Mon, 12 Feb 2024 05:08:43 GMT
server: ECS (frb/6752)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c6929785982ae862
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 92a9b9a270457f493af257ef6569b913af1eab19125b0a9a4c3267e4f1fb11f3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGG0PkHWgAApoHo.jpg
pbs.twimg.com/media/ 119 KB
120 KB 92ms
78ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGG0PkHWgAApoHo.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

5dc469f4e42d18b796bdaede3148f38dd7782f52181bc6c8811d197303fcbc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 45990
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 122267
x-response-time: 218
surrogate-key: media media/bucket/8 media/1756883509136752640
last-modified: Mon, 12 Feb 2024 03:28:44 GMT
server: ECS (frb/67A7)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: bc778c3d9abbe177
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 88471cf5617b277944a7ced05a17ca7a677729686839233234f55c829312ddb1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGGXHXTWgAAm41_
pbs.twimg.com/media/ 285 KB
286 KB 92ms
77ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGGXHXTWgAAm41_?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

e7905b3eeb273da7420ac155ef0db1bc7bd121d70a9d25bfcc57509da5c4292e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 52951
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 292018
x-response-time: 217
surrogate-key: media media/bucket/1 media/1756851482421264384
last-modified: Mon, 12 Feb 2024 01:21:28 GMT
server: ECS (frb/67BA)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: e8367b1f3fb783e6
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: f5af1b0418c0a6f45695103537b2745a7853da93d046c3813eb274da2a680505
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGF54g-XAAA545b
pbs.twimg.com/media/ 256 KB
256 KB 92ms
78ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGF54g-XAAA545b?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

a97e1c9013fef6416ad6ede21fbbb312b47eb8f48c42054117272bd1fb0b6693

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 61088
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 261938
x-response-time: 578
surrogate-key: media media/bucket/2 media/1756819341482328064
last-modified: Sun, 11 Feb 2024 23:13:45 GMT
server: ECS (frb/67DF)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 5b9694e622ff9557
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 16f4ffe5f6c66fa83ed76b90023f019a98fbf5dfc75f738ef52ad54cf8bb8aa9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGFSYyBWcAArEbm
pbs.twimg.com/media/ 516 KB
516 KB 93ms
79ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGFSYyBWcAArEbm?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

194925f62f0c013cfba12af214c4bcf21e7d8473da122d9c3f790aa85a056f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 71394
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 528054
x-response-time: 233
surrogate-key: media media/bucket/9 media/1756775915348979712
last-modified: Sun, 11 Feb 2024 20:21:12 GMT
server: ECS (frb/6762)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: bf895d464ca2d3ba
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: b9ff6952b4ba0f4de968dccd591974364829d96135222feddf6044e359ff95c8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGFCh-SWMAAuYed
pbs.twimg.com/media/ 270 KB
271 KB 91ms
78ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGFCh-SWMAAuYed?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

1bc532bc156125d811f62f30cde6f3ab6e67489cec69ae7269562f8952c53323

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 75485
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 276674
x-response-time: 230
surrogate-key: media media/bucket/0 media/1756758481074270208
last-modified: Sun, 11 Feb 2024 19:11:55 GMT
server: ECS (frb/669E)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: f0413f9d57816455
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: c0601708ba7fc4a042dadd42f7fb4b6a7eb3b1976a6181de98d9475bfdf0a83e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 top.jpg
everardoherrera.com/images-banners/ocampo/img/ 5 KB
6 KB 156ms
143ms Image
image/jpeg 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images-banners/ocampo/img/top.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

0d9c3025a7e4c9088678323efba7f3decdad5e717f2fcdc00aad634156d0576f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 23 Oct 2020 01:46:15 GMT
accept-ranges: bytes
etag: "159d-5b24cbefe1671"
content-length: 5533
content-type: image/jpeg

GET
H2 200 foot.jpg
everardoherrera.com/images-banners/ocampo/img/ 9 KB
9 KB 189ms
176ms Image
image/jpeg 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images-banners/ocampo/img/foot.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

1a01269065091dedcb1c5c96d2dd6b5db2f222f9e46b2490058f7f5699f26be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 23 Oct 2020 01:46:15 GMT
accept-ranges: bytes
etag: "2440-5b24cbefe910d"
content-length: 9280
content-type: image/jpeg

GET
H2 200 GGJDTbLWIAAQgNs.jpg
pbs.twimg.com/media/ 221 KB
222 KB 92ms
79ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGJDTbLWIAAQgNs.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

5c0407be5bb704f0329c01c64b7ed48ac363a4ae876b9346bd6c7e62be24459e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 8492
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 226593
x-response-time: 213
surrogate-key: media media/bucket/0 media/1757040805619834880
last-modified: Mon, 12 Feb 2024 13:53:46 GMT
server: ECS (frb/6752)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ccf661cfcd851616
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: c902d50f751789193193631b65476531b7098744a1e99c9d49d65427c8a96fb0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 427107080_926417139185939_2789916578017533491_n.jpg
scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/ 329 KB
329 KB 951ms
573ms Image
image/jpeg 170.150.56.17
Telecable Economi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/427107080_926417139185939_2789916578017533491_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=3635dc&_nc_ohc=wW7R5zXii_EAX_NYwTp&_nc_ht=scontent.fsyq2-1.fna&oh=00_AfDgJKqf5ei33xfp8ZCkw7S0B2l9ENII_HcLKLWwp_ed9w&oe=65CB0A67
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.150.56.17 , Costa Rica, ASN52263 (Telecable Economico S.A., CR),
Reverse DNS: ptr17.56.150.170.residencial.telecablecr.com
Software: /
Resource Hash: 16ee07abe7bad2847f01a1b1b0e42be64de9822077cbc1e4a8d6c414a12fbfd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 09 Feb 2024 23:49:43 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3730802776
thrift_fmhk: GBDiAq37W+nstbRKFXLUzzKhFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3730802776
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 336768

GET
H2 200 GF6rNYHW0AAG3r5.jpg
pbs.twimg.com/media/ 242 KB
242 KB 119ms
106ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF6rNYHW0AAG3r5.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674C) /

Resource Hash

b62bd1beab2b04ab6b56d713ea6ecbfea4912643c00706bba1f6bc5484e5a457

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 249696
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 247745
x-response-time: 242
surrogate-key: media media/bucket/2 media/1756029151021027328
last-modified: Fri, 09 Feb 2024 18:53:49 GMT
server: ECS (frb/674C)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 3d6358af8a92616b
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 61d2a677a9b928fe22e399a82b8adcb68026ecb2bef30969ca809919b4c39b3d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GF3O3eYWAAA08Kj
pbs.twimg.com/media/ 177 KB
178 KB 92ms
79ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF3O3eYWAAA08Kj?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6725) /

Resource Hash

7da1859618a3dedb300ff69df3c1d74aefea6e2eb1d2b6415dc1a9512d08be4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 307271
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 181741
x-response-time: 226
surrogate-key: media media/bucket/6 media/1755786882187657216
last-modified: Fri, 09 Feb 2024 02:51:08 GMT
server: ECS (frb/6725)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 948ab4a99d48bebf
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 9a62dbc70e890475e63389b98fbcba8db9ce52503591ec12db3ddc8a4633cd6a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GFv04ytXMAUo7Xc.jpg
pbs.twimg.com/media/ 73 KB
73 KB 92ms
79ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GFv04ytXMAUo7Xc.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

5d67eec8c04db7ce6b804621df0b891210572cd10f75be07286e3c58cf897877

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 431663
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 74721
x-response-time: 228
surrogate-key: media media/bucket/2 media/1755265736312827909
last-modified: Wed, 07 Feb 2024 16:20:17 GMT
server: ECS (frb/668D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: d245b5586d904706
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: df0b609f62b2503e8cdb978b19538b1e52ebf48e3cb91207f77554e878291305
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 udesasports.gif
everardoherrera.com/images-banners/ 47 KB
47 KB 188ms
175ms Image
image/gif 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images-banners/udesasports.gif

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

3b21a4131c8a8b061f8557dbf25ea33a9513dd3ab097f773c771f802fe79063b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 07 Jun 2023 12:56:45 GMT
accept-ranges: bytes
etag: "bca9-5fd89ab04943b"
content-length: 48297
content-type: image/gif

GET
H2 200 GF9q_5oW0AAU1cl.jpg
pbs.twimg.com/media/ 139 KB
139 KB 117ms
105ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF9q_5oW0AAU1cl.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

647b4cf82221a656e66d6d8724257ebcfbd15fb3d241c2f5f30c77cddd7e6ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 199276
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 142146
x-response-time: 224
surrogate-key: media media/bucket/1 media/1756240025732173824
last-modified: Sat, 10 Feb 2024 08:51:46 GMT
server: ECS (frb/67C1)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 911052cf4a4b3245
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 51ee002d22db20ebdae4c9725e1404ccac9dad086f21e96a1fbd757326d24eb5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GF7f0eVWUAEhuF7.jpg
pbs.twimg.com/media/ 164 KB
164 KB 117ms
106ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF7f0eVWUAEhuF7.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

c0e01a747cdd55abe4edc7c193b55455248940ac4c4077a5a948018ab1f7af00

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 235907
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 168049
x-response-time: 213
surrogate-key: media media/bucket/6 media/1756086997309870081
last-modified: Fri, 09 Feb 2024 22:43:41 GMT
server: ECS (frb/67E0)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: b2a050449d5da7fa
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 656653223d3fddc95fff194e3d729fba3ca95fb4bb01daa9c5ea501dc189926a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 419738117_933894094768057_6946331628085292372_n.jpg
scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/ 689 KB
689 KB 554ms
203ms Image
image/jpeg 170.150.56.17
Telecable Economi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/419738117_933894094768057_6946331628085292372_n.jpg?stp=cp6_dst-jpg&_nc_cat=105&ccb=1-7&_nc_sid=3635dc&_nc_ohc=9-ugd0oxOIkAX9UFMsD&_nc_ht=scontent.fsyq2-1.fna&oh=00_AfBOr7Cyjdd0YjCUE1sqITQu5rvgGmXBGlzGfiMAcsswmw&oe=65CAF55B
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.150.56.17 , Costa Rica, ASN52263 (Telecable Economico S.A., CR),
Reverse DNS: ptr17.56.150.170.residencial.telecablecr.com
Software: /
Resource Hash: ebee8b96ee103c5c0ca35f72fb1f84aea16f0bc35b58b90ac3ee9d2e8362e9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 15 Jan 2024 21:45:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1474616204
thrift_fmhk: GBCHd4VNoz/ozz8YwzJ3vDQ2FfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 481939791
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 705467

GET
H2 200 GGJgLRmXYAAJQ9p.jpg
pbs.twimg.com/media/ 167 KB
167 KB 120ms
109ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGJgLRmXYAAJQ9p.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) /

Resource Hash

9793170177c3bab8ae118bab743aa250c6c344b53352a61283f728df9baa618a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 885
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 170657
x-response-time: 216
surrogate-key: media media/bucket/9 media/1757072551447060480
last-modified: Mon, 12 Feb 2024 15:59:55 GMT
server: ECS (frb/6796)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 8801a02cb0d06003
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: df00e06905ddff8ccc77be90ef7c48a272bc74f4a8057b31fcb9b97f4bbae1ee
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGGHGgpXYAQuXtY
pbs.twimg.com/media/ 769 KB
769 KB 117ms
106ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGGHGgpXYAQuXtY?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

7de8e5f9cb9357e2f201b3ab84d19335e86d2c24cb0fb796f95ae22239a2d2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 56120
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 787323
x-response-time: 236
surrogate-key: media media/bucket/3 media/1756833875563601924
last-modified: Mon, 12 Feb 2024 00:11:30 GMT
server: ECS (frb/67D5)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 28b0988bd74cbbf9
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: c1755fb27554a7baf56cb72cf09bc61b9bff3db927fa60d84850806bc71e4df4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGGNr4zW0AAAOMR.jpg
pbs.twimg.com/media/ 141 KB
141 KB 119ms
108ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGGNr4zW0AAAOMR.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

3ee3475da11ea4eabf43042d8243050b8f1b59e6cd7e1dae2eefe624e1f8bd27

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 56062
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 144414
x-response-time: 225
surrogate-key: media media/bucket/4 media/1756841114772885504
last-modified: Mon, 12 Feb 2024 00:40:16 GMT
server: ECS (frb/675D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2e66d1803359c3ce
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 478aeb5e4b6faa37cdc41e27613e559c24816c6a4fa7e74f6ab1901431400e7b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GF-rTgNWEAANnCt
pbs.twimg.com/media/ 154 KB
155 KB 117ms
106ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF-rTgNWEAANnCt?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

5c4f06272264a0eeeb48d898dfb9659bb8aec4290250cb7e7ea1f1a22920ea3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 62020
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 157886
x-response-time: 543
surrogate-key: media media/bucket/6 media/1756310731249553408
last-modified: Sat, 10 Feb 2024 13:32:43 GMT
server: ECS (frb/6712)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 9899aebea0c27ed4
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 9adbf8a82002af02a386d1b766de1f171ba4ad00181530ee0255b658a937b814
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGFsK9DWUAAQZcZ
pbs.twimg.com/media/ 290 KB
291 KB 117ms
107ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGFsK9DWUAAQZcZ?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

b5470e8faecaea61075f3017c6fd9ea2ff6dafade3a535debaaed55cfa8f5a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 64088
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 297444
x-response-time: 556
surrogate-key: media media/bucket/4 media/1756804265094303744
last-modified: Sun, 11 Feb 2024 22:13:51 GMT
server: ECS (frb/674D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: d0e278d044608095
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 56de05033df0db541d2695df100139628e946eef1ef0d80ebf0b98ae66d9da87
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGFF09eXIAAhJGJ
pbs.twimg.com/media/ 4 MB
4 MB 117ms
107ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGFF09eXIAAhJGJ?format=jpg&name=4096x4096

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

df589677b9b655f52da8f2fd5d0ecf26403ee08e28e2338b9db4fecdcbae46ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 74689
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 3808851
x-response-time: 332
surrogate-key: media media/bucket/9 media/1756762105808625664
last-modified: Sun, 11 Feb 2024 19:26:19 GMT
server: ECS (frb/67DF)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 411924f1ca5fc9dc
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 6b22efc59c45ef8c10a6f81dc50961780f9e67f969026364c7c3cf40e2543339
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGE4JsIWIAAmvLi
pbs.twimg.com/media/ 348 KB
349 KB 119ms
109ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGE4JsIWIAAmvLi?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674C) /

Resource Hash

62f7855e47cced7560ab673f448245593445a18a94dfb7eed65f147adc0419a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 78531
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 356799
x-response-time: 264
surrogate-key: media media/bucket/4 media/1756747068767346688
last-modified: Sun, 11 Feb 2024 18:26:34 GMT
server: ECS (frb/674C)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 879dcdf4bc9ace42
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 056ef05b7f2b47a6f1d70b70823fb783188f0affcc938d9b0ac8f46386d7b4f3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 427904504_927523592408627_276773655021009525_n.jpg
scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/ 40 KB
40 KB 503ms
203ms Image
image/jpeg 170.150.56.17
Telecable Economi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/427904504_927523592408627_276773655021009525_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=AQK5YuI1gj4AX-FXHQd&_nc_ht=scontent.fsyq2-1.fna&oh=00_AfBQuqEWCkOwX0wYQjFEsTMEeCQ4HkLbSJv5QOk_GYKzpw&oe=65CD2758
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.150.56.17 , Costa Rica, ASN52263 (Telecable Economico S.A., CR),
Reverse DNS: ptr17.56.150.170.residencial.telecablecr.com
Software: /
Resource Hash: 242bb1405da0cee71643b867e20d50ed3430ef06dc2046b0988112b97056488f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 11 Feb 2024 18:20:24 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1881119061
thrift_fmhk: GBCDMI384MTMK7yIqZfgzXB5FfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1881119061
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 40849

GET
H2 200 GGAmjMOWkAA7q8i
pbs.twimg.com/media/ 106 KB
106 KB 116ms
107ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGAmjMOWkAA7q8i?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

c705660d66904f452e8a41f2070142277b0b6343e60de83721e2f02260d7b5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 149822
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 108519
x-response-time: 553
surrogate-key: media media/bucket/1 media/1756446240693194752
last-modified: Sat, 10 Feb 2024 22:31:11 GMT
server: ECS (frb/67D5)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: b1e3a48c75b3f614
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: e0ba6a42abcedb9b436eef34917d260ba9d7d3af11fe66182a236f67b4e3522e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGBh7TcW0AAf2Su
pbs.twimg.com/media/ 92 KB
92 KB 116ms
107ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGBh7TcW0AAf2Su?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) /

Resource Hash

0a3585d4fe65308b04b1cdc7769f544c814acba8c112e76e6e8f5585bcad7cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 109527
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 93788
x-response-time: 213
surrogate-key: media media/bucket/8 media/1756511526133878784
last-modified: Sun, 11 Feb 2024 02:50:36 GMT
server: ECS (frb/67D3)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 00b80e13a91aeb11
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 33e9069bb97c91633bf014375d78a19d5aa0cb375086ed0731f75ac497b75496
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGJT0cdXcAAflZ1.jpg
pbs.twimg.com/media/ 124 KB
124 KB 119ms
110ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGJT0cdXcAAflZ1.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

322a51391c74b87d63e5b3dc9595b8eef242921d687f6d8997b5cf89f404bf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 4124
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 127153
x-response-time: 222
surrogate-key: media media/bucket/6 media/1757058965085581312
last-modified: Mon, 12 Feb 2024 15:05:56 GMT
server: ECS (frb/6723)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2c33d94e7fbb3b1d
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: d1083269cf6b3b9c0155114e02b67c3697138479f0e60c32394dd1ea24762ffa
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 print.css
everardoherrera.com/templates/beez3/css/ 6 KB
6 KB 337ms
331ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/templates/beez3/css/print.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

c9040502d4d9deec976f822396dc83ef7c8ea6d33ba6df076f56d8b6479742d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Sep 2020 16:53:20 GMT
accept-ranges: bytes
etag: "1607-5aed02c2921bd"
content-length: 5639
content-type: text/css

GET
H2 200 GGHc8S5WwAAohSB.jpg
pbs.twimg.com/media/ 375 KB
376 KB 118ms
109ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGHc8S5WwAAohSB.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) /

Resource Hash

5bb710e379473a6ba1e4068602b66402a96b942cf027bd45221e30bb9f82f43f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 35335
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 384408
x-response-time: 220
surrogate-key: media media/bucket/8 media/1756928258073870336
last-modified: Mon, 12 Feb 2024 06:26:33 GMT
server: ECS (frb/67BC)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 6d196c7e22595dc2
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 5f111a2efc7bfe1a7ecb3a9efc6d2b65d77bea4380a2be8ec2c4181b6c6130a2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 427945496_926018719193315_1919468465538062820_n.jpg
scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/ 285 KB
285 KB 904ms
903ms Image
image/jpeg 170.150.56.17
Telecable Economi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/427945496_926018719193315_1919468465538062820_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=3635dc&_nc_ohc=zSYSRSFpOecAX8vKLMn&_nc_ht=scontent.fsyq2-1.fna&oh=00_AfA9LAcnKSFgiARn8kT81OT0DB1oLnfYacnWO8WTid7aMA&oe=65CD71F9
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.150.56.17 , Costa Rica, ASN52263 (Telecable Economico S.A., CR),
Reverse DNS: ptr17.56.150.170.residencial.telecablecr.com
Software: /
Resource Hash: 95af8ff6d0ae39b228ca6c31eee738505e7bf3851a2d34448a86d67765c1469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 11 Feb 2024 18:37:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=893365770
thrift_fmhk: GBAAdbHDZA4B0vIxZEsTtJ9SFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 893365770
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 291490

GET
H2 200 GGFO1SJXcAEAY8X.jpg
pbs.twimg.com/media/ 252 KB
253 KB 116ms
107ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGFO1SJXcAEAY8X.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

39a19737f73f73d20cc65799c3ec414a8108a05c657fb8cacebb2c8b69713190

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 72575
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 258379
x-response-time: 215
surrogate-key: media media/bucket/9 media/1756772006962360321
last-modified: Sun, 11 Feb 2024 20:05:40 GMT
server: ECS (frb/668D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: d2a048ad3537b0e0
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: a011947dd5d6f68007229cd3bad03dc1a517ff6a398e1d0526dc7b9b8e54939d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGE5XUIXkAAw6Dl
pbs.twimg.com/media/ 207 KB
208 KB 116ms
108ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGE5XUIXkAAw6Dl?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

b5cae41146aa58780742760855d3a1702e797d1bc4e8d5daf6c03b0c7f1a5888

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 77886
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 212230
x-response-time: 211
surrogate-key: media media/bucket/0 media/1756748402354786304
last-modified: Sun, 11 Feb 2024 18:31:52 GMT
server: ECS (frb/67E0)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 93d6948526c3ddf7
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 36eaf5c8ea3f27b8849a6768c5333a7b2b43e79c94562dbd121845d9da3d6aae
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GGEzbU8W0AIuEZr.jpg
pbs.twimg.com/media/ 151 KB
151 KB 116ms
108ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGEzbU8W0AIuEZr.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

db8aa4bada838a2936aaca3f2576eaf15d85cd17f6cff759016c0d48956294ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 79759
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 154684
x-response-time: 216
surrogate-key: media media/bucket/9 media/1756741874222551042
last-modified: Sun, 11 Feb 2024 18:05:56 GMT
server: ECS (frb/669E)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 891a079165045813
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 0ac68cbb0a45b679c9a08a31ffcc76612e81d87f722c4c3ada954f131c5e6178
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 404 banner-programas.jpg
everardoherrera.com/images-banners/ 196 B
196 B 169ms
161ms Image
text/html 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images-banners/banner-programas.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 196
content-type: text/html; charset=iso-8859-1

GET
H2 200 GGFmEfPXYAAK-Nv.jpg
pbs.twimg.com/media/ 101 KB
101 KB 116ms
108ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGFmEfPXYAAK-Nv.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

607db1bdcd3ffaed32fd69e946077892fee13eaba311f33983d76de84f38c411

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 66486
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 102990
x-response-time: 494
surrogate-key: media media/bucket/2 media/1756797556942659584
last-modified: Sun, 11 Feb 2024 21:47:11 GMT
server: ECS (frb/67C0)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: aad4d106067ce09b
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 854bfca95795ae722a92bc2b2a1e65bd2734ae213f4dd31612918bdbadc1a106
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GF8Pw-DW4AALH9F
pbs.twimg.com/media/ 111 KB
111 KB 116ms
109ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF8Pw-DW4AALH9F?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

a855722493660ded17bea969e5018a5b43a90aea46232e4148e4e5e8e322eab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 84254
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 113311
x-response-time: 225
surrogate-key: media media/bucket/6 media/1756139713663000576
last-modified: Sat, 10 Feb 2024 02:13:09 GMT
server: ECS (frb/6711)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 24c376d32109dd0d
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 5f0de0daab1457f38594e0f7c4c23b5770133236b6389a251fd1ba329dc8881f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GF_RR5iXoAAgWnU.jpg
pbs.twimg.com/media/ 104 KB
104 KB 117ms
109ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF_RR5iXoAAgWnU.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

c2079f5b7b7e3d07d397d9fc337494118b193c2a11b1ee02dadcb5594c4b79f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 172601
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 106189
x-response-time: 211
surrogate-key: media media/bucket/3 media/1756352485130739712
last-modified: Sat, 10 Feb 2024 16:18:38 GMT
server: ECS (frb/67BA)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ed68b9e2f4f47d4d
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 263b651780c3e31b95a080c0cdc3c717962eb42fc80f9a9dd21fa5396d71d29b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GF7BpkRWIAAp0u5
pbs.twimg.com/media/ 103 KB
103 KB 117ms
110ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF7BpkRWIAAp0u5?format=jpg&name=medium

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

d39aff78644bb77500de1b045685ce8b119fd7d5e4700a9a219d5bb586e825ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 238801
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 105451
x-response-time: 228
surrogate-key: media media/bucket/1 media/1756053824576299008
last-modified: Fri, 09 Feb 2024 20:31:52 GMT
server: ECS (frb/673A)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1426c3383a0190a7
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: d3414b217801c7ed3e4c03bb98789698aa3227626dfa5f0069ec926a0d8a2732
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 GF6fih0W8AEVq3r.jpg
pbs.twimg.com/media/ 85 KB
86 KB 117ms
110ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GF6fih0W8AEVq3r.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A8) /

Resource Hash

532d1f861482c0eab0321fba7270ca4dc34044fd6a0bf5d7413c73ce3f82df63

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 252748
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 87429
x-response-time: 228
surrogate-key: media media/bucket/8 media/1756016320263417857
last-modified: Fri, 09 Feb 2024 18:02:50 GMT
server: ECS (frb/67A8)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: b0ad683e6851c2a4
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: b266fb86b55bb566ee6481375e55e0fb34d5388c0ac43374ea9185e97fcbcfe5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 426988131_926259102535076_8556662939547342519_n.jpg
scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/ 404 KB
405 KB 905ms
903ms Image
image/jpeg 170.150.56.17
Telecable Economi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fsyq2-1.fna.fbcdn.net/v/t39.30808-6/426988131_926259102535076_8556662939547342519_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=3635dc&_nc_ohc=KuSs07fiMm8AX99Mbpc&_nc_ht=scontent.fsyq2-1.fna&oh=00_AfAErKNsuBXDPePyHnPuD1hobv6W4Hprk63sSn2VT3kHUg&oe=65CBF924
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.150.56.17 , Costa Rica, ASN52263 (Telecable Economico S.A., CR),
Reverse DNS: ptr17.56.150.170.residencial.telecablecr.com
Software: /
Resource Hash: 77a1f3174d17dec53111e86f0521af23b39e999d51b1a5f26974e1d560397828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 09 Feb 2024 17:27:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1510776364
thrift_fmhk: GBA0X7VJdB7dOvbs+7OuxSJbFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1510776364
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 413914

GET
H2 200 GGJbl1bWkAEG3s7
pbs.twimg.com/media/ 428 KB
428 KB 145ms
139ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/GGJbl1bWkAEG3s7?format=jpg&name=large

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) /

Resource Hash

71f27b3128d71361cbc69334acd0fa1c569ffac2271107bde48411f810e00784

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 1308
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 438316
x-response-time: 235
surrogate-key: media media/bucket/8 media/1757067510183006209
last-modified: Mon, 12 Feb 2024 15:39:53 GMT
server: ECS (frb/67BC)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 90e58366114e1d31
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 177773263dcafa619097ecf9d38017b8436c9452b6c6a7c8e1d2e6674a190b57
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 logoMobile.png
everardoherrera.com/images/images-pag/ 15 KB
15 KB 337ms
330ms Image
image/png 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images/images-pag/logoMobile.png

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

33c95e1f1dd2d68d92144a7c48551e2aa6fb5fe86386704c1da3d3589ae86679

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Sep 2020 16:59:08 GMT
accept-ranges: bytes
etag: "3b66-5aed040de9c95"
content-length: 15206
content-type: image/png

GET
H2 200 system.css
everardoherrera.com/media/system/css/ 1 KB
2 KB 389ms
388ms Stylesheet
text/css 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/media/system/css/system.css

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/system/css/system.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

a78e30adc0f491eb7917ed7a04c472151c7064c3fa7230009cf2abc19468b9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/system/css/system.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 01 Jun 2020 15:04:02 GMT
accept-ranges: bytes
etag: "5a6-5a7071aee7c80"
content-length: 1446
content-type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
92 KB 72ms
65ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-17T41Q3037&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22613876-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d185ecf904c04b2ba4bbaa2684f9bb43962fda0f504a20a9742027a23c1fdee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93777
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 16:17:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 181ms
48ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22613876-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 12 Feb 2024 17:48:09 GMT

GET
H2 200 bg-2024-0002.jpg
everardoherrera.com/templates/beez3/images/personal/ 605 KB
606 KB 173ms
167ms Image
image/jpeg 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/personal/bg-2024-0002.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/beez3/css/personal.css?id=?Monday_12th_of_February_2024_04:17:29_PM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

316335f84d8b3c30a409c00e966a41c4073973b3b20bc71023c2d960674a4de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/beez3/css/personal.css?id=?Monday_12th_of_February_2024_04:17:29_PM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 01 Feb 2024 02:28:16 GMT
accept-ranges: bytes
etag: "972eb-61048bf82957e"
content-length: 619243
content-type: image/jpeg

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5860e55aceec4810a016aeff5e3472d122fb5b786b9c7fdf3c026d8e7143a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51456
x-xss-protection: 0
server: cafe
etag: 2941013263319010804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 12 Feb 2024 16:17:29 GMT

GET
H2 200 main_menu_area.png
everardoherrera.com/templates/beez3/images/personal/ 8 KB
9 KB 334ms
330ms Image
image/png 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/personal/main_menu_area.png

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/beez3/css/personal.css?id=?Monday_12th_of_February_2024_04:17:29_PM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

22ce7efcb810b21ed2a0bad4af133866818006e5940f12d1eed79067e271d8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/beez3/css/personal.css?id=?Monday_12th_of_February_2024_04:17:29_PM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 16 Jun 2023 17:00:49 GMT
accept-ranges: bytes
etag: "2155-5fe4220782f23"
content-length: 8533
content-type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 153ms
49ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 12 Feb 2024 17:48:09 GMT

GET
H2 200 luna%20verde.gif
everardoherrera.com/images-banners/ 986 KB
988 KB 429ms
424ms Image
image/gif 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images-banners/luna%20verde.gif

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

abf96510b6f6c7104d67a388900136fb29dece2976b943ec042079f227b6ad95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 28 Mar 2023 21:10:16 GMT
accept-ranges: bytes
etag: "f66ed-5f7fc494382ff"
content-length: 1009389
content-type: image/gif

GET
H2 200 mr-name.jpg
everardoherrera.com/templates/beez3/images/personal/ 5 KB
6 KB 425ms
424ms Image
image/jpeg 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/personal/mr-name.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/beez3/css/layout.css?id=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

91ad643975bebcc9ede8150c15a74e9020c1f5c85f756144b5f8772f338f507f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/beez3/css/layout.css?id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 19 Sep 2016 23:16:09 GMT
accept-ranges: bytes
etag: "1561-53ce47f452040"
content-length: 5473
content-type: image/jpeg

GET
H2 200 sdk.js Show response
connect.facebook.net/es_LA/ 3 KB
3 KB 451ms
96ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/sdk.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49b8c7cde5b387f403f643d25a8c3bf0a87de6ae37aa1610594c323643e72aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 16:17:30 GMT
content-md5: GwVRJkixB3y7F3M/hbTY4Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: uQzX3uo/5dJzgAsVE3riNRK1FrMXEiEhht0TnOrzkMcmSkrz8Bv/c9vU2NO+iexn9Bmc+MPden2ZcOaSAHz6Ng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f04970b76812b6eb384269f510bbb752
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "4faf45c773421ec3a089df49818016b2"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:18:14 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 148ms
90ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ejs.mowplayer.com
URL: https://ejs.mowplayer.com/js/player/mqP6dEWIkE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd6f90179eefc4b670f32b9fcd39f17d7b4fc905b038f68ca5b5c237cf1adc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29691
x-xss-protection: 0
server: cafe
etag: 230 / 19765 / m202402060101 / config-hash: 9575138415227355514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:17:30 GMT

GET
H2 200 mowplayer.css
cdn.mowplayer.com/dist/ui/css/ 112 KB
16 KB 537ms
216ms Stylesheet
text/css 51.79.85.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mowplayer.com/dist/ui/css/mowplayer.css
Requested by: Host: ejs.mowplayer.com
URL: https://ejs.mowplayer.com/js/player/mqP6dEWIkE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.79.85.170 , United States, ASN16276 (OVH, FR),
Reverse DNS: c1061.cloud.wiroos.net
Software: nginx/1.14.2 /
Resource Hash: 04a5dc2220c07444b6e9eb69c0f933310fd7bef366a12bf00136228d12c3616a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
last-modified: Mon, 16 Oct 2023 16:03:17 GMT
server: nginx/1.14.2
etag: W/"652d5ec5-1c14e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 379 KB
131 KB 168ms
107ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ejs.mowplayer.com
URL: https://ejs.mowplayer.com/js/player/mqP6dEWIkE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea5e83246f6639bb89d6ac5e7b5d5597d5d05eee7b5dcb7996fbffaf6297f3e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133145
x-xss-protection: 0
expires: Mon, 12 Feb 2024 16:17:30 GMT

GET
H2 200 title_yellow.png
everardoherrera.com/templates/beez3/images/personal/ 648 B
831 B 386ms
386ms Image
image/png 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/personal/title_yellow.png

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/beez3/css/personal.css?id=?Monday_12th_of_February_2024_04:17:29_PM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

a39143e97a0e177e107614a753f0cf29a395e01a8204dbcd8faae3ab2d731f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/beez3/css/personal.css?id=?Monday_12th_of_February_2024_04:17:29_PM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 19 Sep 2016 23:16:09 GMT
accept-ranges: bytes
etag: "288-53ce47f452040"
content-length: 648
content-type: image/png

GET
H2 200 sv-name.jpg
everardoherrera.com/templates/beez3/images/personal/ 6 KB
6 KB 385ms
384ms Image
image/jpeg 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/personal/sv-name.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/beez3/css/layout.css?id=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

47a0975c28380d148475c1367aa3a3d350f25d0beacf22539f031d1e4f89ae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/beez3/css/layout.css?id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 19 Sep 2016 23:16:09 GMT
accept-ranges: bytes
etag: "1645-53ce47f452040"
content-length: 5701
content-type: image/jpeg

GET
H2 200 ml-name.jpg
everardoherrera.com/templates/beez3/images/personal/ 4 KB
4 KB 386ms
385ms Image
image/jpeg 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/personal/ml-name.jpg

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/beez3/css/layout.css?id=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

22edc20acee6e8c9008d45f1fcb653cf2386470c0b7fbabd83b56b534605d899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/beez3/css/layout.css?id=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 19 Jan 2017 19:59:08 GMT
accept-ranges: bytes
etag: "10a5-54677f752bb00"
content-length: 4261
content-type: image/jpeg

GET
H2 200 footer_bg1.gif
everardoherrera.com/templates/beez3/images/images-pag/ 7 KB
7 KB 384ms
383ms Image
image/gif 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/images-pag/footer_bg1.gif

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/beez3/css/position.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

295861dca535f4283acdcfb3e7b721c91b57067963171fbe38cae6828799548f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/beez3/css/position.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 19 Sep 2016 23:16:09 GMT
accept-ranges: bytes
etag: "1d3c-53ce47f452040"
content-length: 7484
content-type: image/gif

GET
H2 200 footer_sprite1.png
everardoherrera.com/templates/beez3/images/images-pag/ 54 KB
54 KB 386ms
385ms Image
image/png 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/templates/beez3/images/images-pag/footer_sprite1.png

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/templates/beez3/css/position.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

133d488a67813f2e8917fa38b8ebf233c7ccd0500d6e6048178704f1564b77bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/templates/beez3/css/position.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 19 Sep 2016 23:16:09 GMT
accept-ranges: bytes
etag: "d805-53ce47f452040"
content-length: 55301
content-type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 72ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-17T41Q3037&gtm=45je4270v872976508za200&_p=1707754649043&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1389964320.1707754650&ecid=989502123&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1707754649&sct=1&seg=0&dl=https%3A%2F%2Feverardoherrera.com%2F&dt=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4669
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17T41Q3037&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 18ms
17ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17T41Q3037&cid=1389964320.1707754650&gtm=45je4270v872976508za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17T41Q3037&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 173ms
72ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17T41Q3037&cid=1389964320.1707754650&gtm=45je4270v872976508za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1375207027

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load-102880.js Show response
amer.hhkld.com/tag/ 23 KB
7 KB 81ms
80ms Script
application/javascript 141.94.202.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://amer.hhkld.com/tag/load-102880.js?page_url=https%3A%2F%2Feverardoherrera.com%2F
Requested by: Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-102880.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31491888.ip-141-94-202.eu
Software: nginx /
Resource Hash: cca229012d7f2f02e9c1a2bd43b9e1dc6d47b803bdb413c2d044044e4714ef11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 logoMobile.png
everardoherrera.com/images/images-pag/ 15 KB
15 KB 413ms
412ms Image
image/png 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everardoherrera.com/images/images-pag/logoMobile.png

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

33c95e1f1dd2d68d92144a7c48551e2aa6fb5fe86386704c1da3d3589ae86679

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Sep 2020 16:59:08 GMT
accept-ranges: bytes
etag: "3b66-5aed040de9c95"
content-length: 15206
content-type: image/png

GET
H2 200 prebid.js Show response
embi-media.com/prebids/production/ 366 KB
117 KB 35ms
35ms Script
application/javascript 18.245.46.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embi-media.com/prebids/production/prebid.js
Requested by: Host: embi-media.com
URL: https://embi-media.com/hb_resources/everardo_herrera-com/test/e6fb2272.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-54.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b7be9dd0535fb2167d678feea250020cc9129a29dde27cd5c520cf08ed639d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:14:50 GMT
x-amz-version-id: 7s6DB4CUXZ4iWgGqSqqGobfRbqpoL7Nd
content-encoding: gzip
last-modified: Mon, 06 Nov 2023 20:32:26 GMT
server: AmazonS3
via: 1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
etag: W/"6ea7bbb28418ec8bcf31a30f1a5350c2"
age: 160
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: PWA45VhlQUKSsYjeFsLcYclKyTbTVTsVmpy1Fn-7Z3u4WcCukeoT1A==

GET
H2 200 5766-6216-01.js Show response
t.seedtag.com/t/ 42 KB
14 KB 346ms
42ms Script
application/javascript 104.16.80.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/5766-6216-01.js
Requested by: Host: embi-media.com
URL: https://embi-media.com/hb_resources/everardo_herrera-com/test/e6fb2272.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d70e19a4783c56a3e015d637bc85274c3f70fb0b3fa49f7f8df9c2f0ffbbee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 12 Feb 2024 11:56:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 85462465185f4d2e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 Feb 2024 16:37:30 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 286 KB
71 KB 578ms
433ms Script
application/javascript 18.245.144.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embi-media.com
URL: https://embi-media.com/hb_resources/everardo_herrera-com/test/e6fb2272.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.144.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-144-237.lhr5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
via: 1.1 01f803d1e7c713d110bffe7b82d3cb2c.cloudfront.net (CloudFront), 1.1 54b736c8a06d70ac689481ee738cbc60.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:08 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C4, LHR5-P1
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: yKwse-jHVC1NNhgDivrAP8Fvzulu0IO1-_BzU8_RHw4c-TW1Ax6UqQ==

GET
H2 200 loader Show response
api.retargetly.com/ 15 KB
5 KB 307ms
260ms Script
application/javascript 2606:4700:10::6816:118d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.retargetly.com/loader?id=1679
Requested by: Host: embi-media.com
URL: https://embi-media.com/hb_resources/everardo_herrera-com/test/e6fb2272.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7e84613975c40660e030cca5f43d5652e1e69f4dd13023a5160fab0681d244f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: public, max-age=604800
cf-ray: 854624648f2b3a8c-FRA
expires: Mon Feb 19 2024 16:17:30 GMT+0000 (Coordinated Universal Time)

GET
H2 206 video03.mp4
everardoherrera.com/images-banners/ocampo/ 2 MB
2 MB 386ms
386ms Media
video/mp4 143.244.215.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://everardoherrera.com/images-banners/ocampo/video03.mp4

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.215.166 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

d0d428223b8744c3f507f4e0a82f0023208feedafe5f84db4d53c832a6e8a02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://everardoherrera.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 23 Oct 2020 01:35:55 GMT
etag: "25b23a-5b24c9a0c4583"
content-type: video/mp4
Content-Range: bytes 0-2470457/2470458
accept-ranges: bytes
Content-Length: 2470458

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 406 KB
138 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6530008089495715&plah=everardoherrera.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d7807a1ba725e86a3da42d995dfa23b403a7c9c71332ca1094c4aa5b83892fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140919
x-xss-protection: 0
server: cafe
etag: 2663001737807577812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:17:29 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/ Frame 9282 9 KB
4 KB 39ms
32ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 06:03:42 GMT
etag: 9539045072340585784
expires: Mon, 26 Feb 2024 06:03:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ui.cleverwebserver.com/ 173 B
412 B 51ms
32ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f308cd5c09f3066a6fc5e09a256aabbecf19b7021b2e63a28e9ab65beabba485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 85462464682e9bb9-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 index.js Show response
cdn2.viads.net/player/2.4.8/ 138 KB
58 KB 222ms
83ms Script
application/javascript 185.106.140.246
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.viads.net/player/2.4.8/index.js
Requested by: Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-102880.js?page_url=https%3A%2F%2Feverardoherrera.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.140.246 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 31bb95d67bbca4d8536af9ae26112d9bb6241978a5ebb245df3cf21046e28b1f

Request headers

Referer: https://everardoherrera.com/
Origin: https://everardoherrera.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 11:48:11 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://everardoherrera.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000, public, no-transform
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
rtb.hhkld.com/sync/config/ 3 KB
1 KB 75ms
61ms Fetch
application/json 141.94.202.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.hhkld.com/sync/config/?zone=102880
Requested by: Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-102880.js?page_url=https%3A%2F%2Feverardoherrera.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31491888.ip-141-94-202.eu
Software: nginx /
Resource Hash: 3e1bb6cd3f187a4c070eba43ed18965efe829a3fec5bbb96e400fd0f10cb37ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 63ms
60ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=27662829&t=pageview&_s=1&dl=https%3A%2F%2Feverardoherrera.com%2F&ul=en-us&de=UTF-8&dt=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=32895106&gjid=782494814&cid=1389964320.1707754650&tid=UA-22613876-1&_gid=1270494683.1707754650&_r=1&gtm=457e4270za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=516635923

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 65ms
65ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=27662829&t=pageview&_s=1&dl=https%3A%2F%2Feverardoherrera.com%2F&ul=en-us&de=UTF-8&dt=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=302404115&gjid=430759575&cid=1389964320.1707754650&tid=UA-22613876-1&_gid=1270494683.1707754650&_r=1&_slc=1&z=1267127815

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4fd0c5b1add2a3068f0c44f04802f4ee6290735a64831ed04ba94f8566f8cd48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
574 B 285ms
117ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
569 B 200ms
32ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:29 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
1 KB 672ms
157ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d2022370e84c3d78a09147b56de50029a766fd1796bf97f9a7a3187007cc444a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
an-x-request-uuid: 8eee3612-1e4d-4422-bf93-9a9e90d4b7db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.130; 178.162.209.130; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST /
shb.richaudience.com/hb/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
416 B 112ms
12ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://everardoherrera.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
623 B 423ms
13ms XHR
application/json 52.58.67.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.3.0&referrer=https%3A%2F%2Feverardoherrera.com%2F&tmax=3000

Requested by

Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.58.67.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-67-45.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
accept-ch: sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status: 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
710 B 150ms
52ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Feverardoherrera.com%2F&PageUrl=https%3A%2F%2Feverardoherrera.com%2F&PageReferrer=https%3A%2F%2Feverardoherrera.com%2F

Requested by

Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

fe4c73c09754efdec4232cccbc9d378d7c176c0da81bc2ea5632014a6e53611a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 35
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 358
expires: 0

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 94 B
370 B 475ms
102ms XHR
application/json 54.76.165.90

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.3.0
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.165.90 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-76-165-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d64f57b3d8a9befc21deefc2143357a92706ed6f111519d1b6f2f57423bfa48c

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 98

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
182 B 333ms
103ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://everardoherrera.com
date: Mon, 12 Feb 2024 16:17:30 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK / Show response
pub.admanmedia.com/ 2 B
291 B 122ms
21ms XHR
application/json 91.227.144.128
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.admanmedia.com/?c=o&m=multi
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 91.227.144.128 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 12 Feb 2024 16:17:30 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: https://everardoherrera.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 22

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
372 B 450ms
30ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
383 B 228ms
56ms XHR
application/json 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://everardoherrera.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 12 Feb 2024 16:17:30 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
399 B 413ms
36ms XHR
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:30 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 854624664d3c1c73-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
172 B 102ms
17ms XHR
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Mon, 12 Feb 2024 16:17:29 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://everardoherrera.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
311 B 410ms
36ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 854624664fa9900a-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 418ms
44ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 854624664fab900a-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 95ms
21ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-22613876-1&cid=1389964320.1707754650&jid=32895106&gjid=782494814&_gid=1270494683.1707754650&_u=YADAAUAAAAAAACAAI~&z=1528137192

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Feb 2024 16:17:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 95ms
22ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-22613876-1&cid=1389964320.1707754650&jid=302404115&gjid=430759575&_gid=1270494683.1707754650&_u=YADAAUABAAAAACAAI~&z=1936742641

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Feb 2024 16:17:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everardoherrera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
93 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-17T41Q3037&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84b485a6cb44e4021f7b4cc0bdc34bb495f4b51fd79af4ce488968763bf76830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 16:17:30 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ 436 KB
137 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 12:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13180
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 16226629560626727405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 11 Feb 2025 12:37:50 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/es_LA/ 303 KB
87 KB 152ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/sdk.js?hash=ac7b6c34cca50dc9f8480224d1203a95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e72db12b9808617fdf65c322f9e6542d4d8bd0cd5e31cf23bd017b92b81ddabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://everardoherrera.com/
Origin: https://everardoherrera.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 16:17:30 GMT
content-md5: taOE2cl1G9w84kBJ9ic9iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88710
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: /KrntKCKuM57QRDfxaTXwQ/L/38E2LAZY/CMWAMckCffVDchHYKrHyDHiZA1BUYdpRMnN0CoDWcmXV0g6dxxTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4fb051712be7e45733e503f3e68ae3b1
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b3e2a76c0593356e4d8ad830099d660e"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 11 Feb 2025 14:11:31 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD8F 333 KB
72 KB 1204ms
1204ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&adk=818887759&adf=845068020&lmt=1707754649&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Feverardoherrera.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~11&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649926&bpp=3&bdt=906&idt=399&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2009621240441&frm=20&pv=2&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=426

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6530008089495715&plah=everardoherrera.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eb370f64af97e965a40fb49230196e5a3c8a132248fd95398c1f8e9d780700a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 73347
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 16:17:31 GMT
expires: Mon, 12 Feb 2024 16:17:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBF1 871 B
440 B 644ms
644ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=90&slotname=5715959960&adk=2143527120&adf=432176807&pi=t.ma~as.5715959960&w=728&lmt=1707754649&format=728x90&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649929&bpp=1&bdt=909&idt=432&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=448

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

804122a17ceb64c8eddccccc8bbfaf68a16d3178fd9231d8030e39a4be2fdc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 16:17:31 GMT
expires: Mon, 12 Feb 2024 16:17:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C4C 23 KB
10 KB 890ms
890ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f810f0ed9f71186e5aa2ba8bb17d180fd17e623c2f9f6da75af946f339b01bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 16:17:31 GMT
expires: Mon, 12 Feb 2024 16:17:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 22562061343 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 97ms
52ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22562061343?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cb83cbc52d60a12d7a7c9c414a6b13966aa753e09d8ead2d4b33a27a32a6f59

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-43mv7ygwbTvApGgzEjt7CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-43mv7ygwbTvApGgzEjt7CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsKoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6OWZ0r17EJbHi9v5EJACh7Ses"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

stickyfooter.html Show response
lp.cleverwebserver.com/betano/de/sports/sports_de/ Frame B19C
Redirect Chain

https://sender.cleverwebserver.com/group/76459?id=860758&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D&ruri=&t=1707754650&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1...
https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yN...

2 KB
828 B

124ms
103ms

Document
text/html

2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56014fafb5c8a7fa8c0d8b1c12feae3923bc8266cbb3fc59d0b52c1620bd6266

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=28800
cf-cache-status: MISS
cf-ray: 854624673cac9bb9-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Feb 2024 16:17:30 GMT
expires: Tue, 13 Feb 2024 00:17:30 GMT
last-modified: Mon, 12 Feb 2024 16:03:48 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: 6cTwLCdaPebx5OKpSK9qovk3EIOmeGku/CLXQlJxe5ffXwtKqGdcmeLfmybw9ddnKcHmIp8PeXk=
x-amz-request-id: N17CXC9ZQE5P792E

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 85462465aa399bb9-FRA
content-type: text/html
date: Mon, 12 Feb 2024 16:17:30 GMT
location: https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D
server: cloudflare

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 69ms
49ms Image
image/gif 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=76459&c=DE&r=RP&l=413&b=Chrome&os=Win10&mob=0&v=1.65.3&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 854624661b3b9bb9-FRA
content-length: 43
content-type: image/gif

GET
H2 200 st_1.deb91c50da82803fe859.js Show response
t.seedtag.com/c/ 59 KB
18 KB 27ms
25ms Script
application/javascript 104.16.80.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_1.deb91c50da82803fe859.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5766-6216-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c47937e8b71c472c95d3d31468e6384a7a22e954c145edc9c375eb33d191ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 18471
x-guploader-uploadid: ABPtcPqcKZcXpUJLGWVqCBRZTFUN0cGBTKazO-9E9woS43YX-RDf9lpmrZR6hgvR_JoR048kGLT8LZFfmQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 11:09:25 GMT
server: cloudflare
etag: W/"46f2df5acd790b0bec69c8f366de8231"
vary: Accept-Encoding
x-goog-generation: 1707736165469840
content-type: application/javascript
x-goog-hash: crc32c=4k4iKQ==, md5=RvLfWs15CwvsacjzZt6CMQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 17574
cf-ray: 854624666a234d2e-FRA
expires: Sun, 14 Apr 2024 16:17:30 GMT

GET
H2 200 st_0.f43a5bfe4c554098e387.js Show response
t.seedtag.com/c/ 309 KB
88 KB 38ms
36ms Script
application/javascript 104.16.80.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5766-6216-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81a5b16189a64b452483a35388c93052717e8df65902252b6fcbca64a1441160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 18471
x-guploader-uploadid: ABPtcPouRIHHRVIS7VpVdq7hQz4raAF5s14kiJ2bK8JeHJVeDVgDTwAMyodWcbwCeBxmshfuWMo
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 11:09:25 GMT
server: cloudflare
etag: W/"93d30e9addb72d1523cc44e6764c5195"
vary: Accept-Encoding
x-goog-generation: 1707736165554839
content-type: application/javascript
x-goog-hash: crc32c=TzUrag==, md5=k9MOmt23LRUjzETmdkxRlQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 91206
cf-ray: 854624666a244d2e-FRA
expires: Sun, 14 Apr 2024 16:17:30 GMT

GET
H2 200 st_2.32893653881561af67e2.js Show response
t.seedtag.com/c/ 7 KB
3 KB 19ms
17ms Script
application/javascript 104.16.80.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.32893653881561af67e2.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5766-6216-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904440a613768420de3c14bcab8adbb7fa7fdeb669d54931b7d676aba78deb1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 18471
x-guploader-uploadid: ABPtcPog0Rp1PGe-rdGiXglJl2_AoKFxP_ll2qOJOsZnhMeiy3Ks-Y-T1XhpfyIreHpJ9-b8bVg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 11:09:25 GMT
server: cloudflare
etag: W/"482f4c2bd44b4cb642445bc57e07aacf"
vary: Accept-Encoding
x-goog-generation: 1707736165208737
content-type: application/javascript
x-goog-hash: crc32c=U0X6gw==, md5=SC9MK9RLTLZCRFvFfgeqzw==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 2469
cf-ray: 854624666a254d2e-FRA
expires: Sun, 14 Apr 2024 16:17:30 GMT

GET
H2 200 st_3.6813aca45080eef815d6.js Show response
t.seedtag.com/c/ 41 KB
12 KB 37ms
35ms Script
application/javascript 104.16.80.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_3.6813aca45080eef815d6.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5766-6216-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73513b879d0edd7741cafb3dd08786590fec66fd71b24e544173163c6b9ecf2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 18471
x-guploader-uploadid: ABPtcPpbFFExL_d0vaIXHHeZYxK0G1U0FZzx4CWc51DsG030wvuuxmG467yH1PRRVjx4FJt2YyvZ9P3wAA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Feb 2024 11:09:26 GMT
server: cloudflare
etag: W/"59a34e76def5d0c6ffc4f796ae8b0554"
vary: Accept-Encoding
x-goog-generation: 1707736166520515
content-type: application/javascript
x-goog-hash: crc32c=O8xNqw==, md5=WaNOdt710Mb/xPeWrosFVA==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 11890
cf-ray: 854624666a274d2e-FRA
expires: Sun, 14 Apr 2024 16:17:30 GMT

GET
H2 200 AGSKWxUiWVvjduLX2A7jwXgnp12pfnxTtVxP99z6lZZ1eUahq5HQjcjlcKo9oShWPJSnD61QIOhnUq14lI1Q_USA9OB-YDAHYcGMQh3WCQBueIbj_dIZAmh8cCrDVu8lHC6TpiVj4Qux-A== Show response
fundingchoicesmessages.google.com/f/ 399 KB
61 KB 100ms
99ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUiWVvjduLX2A7jwXgnp12pfnxTtVxP99z6lZZ1eUahq5HQjcjlcKo9oShWPJSnD61QIOhnUq14lI1Q_USA9OB-YDAHYcGMQh3WCQBueIbj_dIZAmh8cCrDVu8lHC6TpiVj4Qux-A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NzU0NjUwLDY4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLyIsbnVsbCxbWzgsIk0wWmdkYW1PTk5zIl0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMxdLTz2qXDoSDjoP5G-9Wfg5kG_5A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33222b3fd00b98512aec287420b87d60c773a9b6a3db2dc7bac7720d85cb0c12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7kMUx_BNrzhoKyj6sD_13A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-7kMUx_BNrzhoKyj6sD_13A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4KwhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8fUlkwQQqwHxO8lXTN-AeIePB8ub8OmsbBHTWePqprPmADHfuumsmuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWACD-nDmD9TcQ-9TPYI0CYiEejlmdK9exCVyYvv89EwCg2k8m"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t2.min.js Show response
pdp-cdn.retargetly.com/ 11 KB
5 KB 68ms
48ms Script
text/javascript 2606:4700:10::6816:118d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pdp-cdn.retargetly.com/t2.min.js

Requested by

Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6744050bae69a47a6bc42d3e765b2dc6c53482290f1f4f122a8ca55bb94e9577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
x-amz-version-id: zA8m9yUa8kXO0JdRGQ2tVYvmk4jLLMmn
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA50-C1
age: 4888
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-cache-status: HIT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Jan 2024 16:16:57 GMT
server: cloudflare
etag: W/"84ae0195efd03b8e657c03f338667d49"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cf-ray: 854624671b6e3a8c-FRA
x-amz-cf-id: Y0C2w1tasfN0L8Jw6RIzzHyDoo7nLXhMIG0wVtj36xLxMWUJYSRvEw==

GET
H2 200 hls.light.min.js Show response
cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.12/ 261 KB
68 KB 60ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.12/hls.light.min.js

Requested by

Host: cdn2.viads.net
URL: https://cdn2.viads.net/player/2.4.8/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18268689d4d2c9a61373b3e56e1e70cb60628494602c9bd4b37f5e736b76d412

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2682242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 69117
last-modified: Wed, 06 Sep 2023 12:37:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64f872a6-10dfd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKBcrhMWXmkRxAnoO9FW1ussSk3fOe7HQOmwEdPsNIQQx6ZKhvtWIpPeyRi6EVjTb6s7AUhw6lBA5DbZNQqeAEfoOkhMt40uliK1HTISG%2FkjJRAAk9hoMuIaFJbKefSdwv9cb6N%2FZ1PGQtyDNaKJTP06"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85462467288568f5-FRA
expires: Sat, 01 Feb 2025 16:17:30 GMT

GET
H2 200 dsp Show response
logs.hhkld.com/logs/event/ 2 B
270 B 90ms
20ms Fetch
text/plain 141.94.202.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=102880&tids=17911&pos=1&imp=0&run=1&cd=1707754650708&v=2.4.8&rqid=477c42c8323d70ed7f9b1629cbffcce0&t_page_load=5567&t_player_start=149
Requested by: Host: cdn2.viads.net
URL: https://cdn2.viads.net/player/2.4.8/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31491888.ip-141-94-202.eu
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H2 200 bridge3.619.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0ADF 756 KB
242 KB 21ms
20ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450574a0b2790cb089d690ab58940cb4816906a05ced1b4df116073dec25acbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 318499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247627
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:49:11 GMT
expires: Fri, 07 Feb 2025 23:49:11 GMT
last-modified: Thu, 08 Feb 2024 23:41:37 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 site Show response
logs.hhkld.com/logs/req/ 2 B
271 B 81ms
20ms Fetch
text/plain 141.94.202.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/req/site?event=playerLoaded&uid=50b80a04-b567-4a9f-b1e3-47fb35fb0986&cd=1707754650717&sid=102880&v=2.4.8&rqid=477c42c8323d70ed7f9b1629cbffcce0&t_page_load=5576&t_player_start=158
Requested by: Host: cdn2.viads.net
URL: https://cdn2.viads.net/player/2.4.8/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31491888.ip-141-94-202.eu
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4771 40 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 12 Feb 2024 17:04:01 GMT

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 88ms
49ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Feb 2024 16:17:30 GMT

GET
H2

200

api Show response
api.retargetly.com/ Frame 26F3
Redirect Chain

https://api.retargetly.com/api?id=1679&src=0&url=https%3A%2F%2Feverardoherrera.com%2F&browserUrl=undefined&ref=&utmz=&n=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&md...
https://api.retargetly.com/api?id=1679&src=0&url=https%3A%2F%2Feverardoherrera.com%2F&browserUrl=undefined&ref=&utmz=&n=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&md...

0
77 B

120ms
120ms

Document
application/javascript

2606:4700:10::6816:118d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.retargetly.com/api?id=1679&src=0&url=https%3A%2F%2Feverardoherrera.com%2F&browserUrl=undefined&ref=&utmz=&n=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&md=Everardoherrera.com%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica%20%2C%20deporte%20y%20el%20entretenimiento.&mk=futbol%20de%20Costa%20Rica%2C%20futbol%20nacional%2C%20futbol%20internacional%2C%20Everardo%20Herrera%2C%20se%C3%B1ales%20en%20vivo%2C%20futb&il=0&limit_drop=&userid=11ec98f0-9a54-4b7d-b365-a679a417e0fa&fullVersionList=&platform=&_rlid=11ec98f0-9a54-4b7d-b365-a679a417e0fa
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1679
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 85462467ccad3a8c-FRA
content-encoding: gzip
content-type: application/javascript
date: Mon, 12 Feb 2024 16:17:30 GMT
expires: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma: no-cache
server: cloudflare

Redirect headers

access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 854624671b743a8c-FRA
content-type: application/javascript
date: Mon, 12 Feb 2024 16:17:30 GMT
expires: 0
location: /api?id=1679&src=0&url=https%3A%2F%2Feverardoherrera.com%2F&browserUrl=undefined&ref=&utmz=&n=Everardo%20Herrera%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica&md=Everardoherrera.com%2C%20lo%20mejor%20del%20f%C3%BAtbol%20de%20Costa%20Rica%20%2C%20deporte%20y%20el%20entretenimiento.&mk=futbol%20de%20Costa%20Rica%2C%20futbol%20nacional%2C%20futbol%20internacional%2C%20Everardo%20Herrera%2C%20se%C3%B1ales%20en%20vivo%2C%20futb&il=0&limit_drop=&userid=11ec98f0-9a54-4b7d-b365-a679a417e0fa&fullVersionList=&platform=&_rlid=11ec98f0-9a54-4b7d-b365-a679a417e0fa
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma: no-cache
server: cloudflare

GET
H2 200 pv Show response
s.seedtag.com/c/ 988 B
807 B 36ms
33ms Fetch
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=5766-6216-01&device=desktop&fullUrl=https%3A%2F%2Feverardoherrera.com%2F&cmp=true&cv=__tcfapi&cache=1707754650764&v=-&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 255d8e8c64dab925a60a26d1952ab2033dadabf50f8ae4f0044840868a651c3f

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

event_collector_cookies Show response
pdp-service.retargetly.com/
Redirect Chain

https://pdp-service.retargetly.com/event_collector_cookies
https://pdp-service.retargetly.com/event_collector_cookies?redirect=true

19 B
129 B

118ms
117ms

Fetch
application/json

2606:4700:10::6816:118d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdp-service.retargetly.com/event_collector_cookies?redirect=true
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Server: 2606:4700:10::6816:118d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403fc8964790196476ff4e888d6e806f4099a6d573f306182b1802c1c3d9e546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
request_id: 390b3ed7-c9c2-11ee-b98a-6e71887f3a58
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, OPTIONS, GET, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
cf-ray: 8546246a38743a8c-FRA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 19

Redirect headers

date: Mon, 12 Feb 2024 16:17:31 GMT
request_id: 38f964e2-c9c2-11ee-8345-3aef89138bb5
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, OPTIONS, GET, PUT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
location: /event_collector_cookies?redirect=true
access-control-allow-credentials: true
cf-ray: 85462467ac6a3a8c-FRA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With

GET
H2 200 102880.m3u8 Show response
hhkld.com/vi/102880/ 233 B
669 B 36ms
16ms XHR
application/vnd.apple.mpegurl 141.94.202.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hhkld.com/vi/102880/102880.m3u8
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.12/hls.light.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31491888.ip-141-94-202.eu
Software: nginx /
Resource Hash: 673c48f2060e42698b6082f6fd1ea6a677a8bd8180af515f15ad7d6a4b828d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
last-modified: Fri, 11 Aug 2023 11:12:01 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://everardoherrera.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=315360000, public, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 233
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame B19C 12 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Feb 2024 16:52:27 GMT
server: cloudflare
etag: W/"65c3b54b-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 854624680d9b9bb9-FRA
expires: Wed, 14 Feb 2024 16:17:30 GMT

GET
H3 200 css
fonts.googleapis.com/ 107 KB
5 KB 25ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyE3UapaKQU2CxqIS_ZLb834q8VDw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 16:17:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 16:17:30 GMT

GET
H2 200 bg-1490x300.webp
lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/ Frame B19C 40 KB
40 KB 28ms
27ms Image
binary/octet-stream 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/bg-1490x300.webp?v=33
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2024 18:48:35 GMT
server: cloudflare
x-amz-request-id: 3T2YRRA6NARACXT2
age: 18586
etag: "36d580ed1582db1c3722787924fc00d3"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 854624684def9bb9-FRA
content-length: 41072
x-amz-id-2: LnljPO/67HDAnSOU6xqXxxma14BGiHtq0BUWQGUZQoE6oCs1lq1txfvJk1AI1+bRjH2JCFmq5Ns=
expires: Tue, 13 Feb 2024 00:17:30 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 42ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Origin: https://everardoherrera.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 00:05:44 GMT
x-content-type-options: nosniff
age: 231106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Feb 2025 00:05:44 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 48ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Origin: https://everardoherrera.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 02:19:49 GMT
x-content-type-options: nosniff
age: 568661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:19:49 GMT

POST
H3 204 AGSKWxVIOWwGSrH4a2v7_b2v5YYKpXf7EBxIftnH6fVlfhyfDn_M8NiXDu4uKcHNa94pa0-9LSYqrPXOAYt_s0ULfFkkq-lWxYWGGHDXSSwSNKmZRNtueIgGwt0Rld-JtFy5lh_JlLOiZA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 49ms
25ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVIOWwGSrH4a2v7_b2v5YYKpXf7EBxIftnH6fVlfhyfDn_M8NiXDu4uKcHNa94pa0-9LSYqrPXOAYt_s0ULfFkkq-lWxYWGGHDXSSwSNKmZRNtueIgGwt0Rld-JtFy5lh_JlLOiZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g6BKnVRy9huTmz00AqO0pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-g6BKnVRy9huTmz00AqO0pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABALcXPM7ly5jk3gxqm5TADlpReb"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clever-core-other.js Show response
lp.cleverwebserver.com/ Frame B19C 1 KB
871 B 25ms
25ms Script
text/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/clever-core-other.js
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc75c92c970b9b9b4ea98bdce25142d32aee462d66d6e04090e78e299957f365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/stickyfooter.html?id=860758&group=76459&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzI0Nzg1Yl8yOTMxY18mYWZmaWQ9NDMxJnNpdGVpZD0yNDc4NSZhZGlkPTI5MzEmYz1DQUJBRUZMQUZDREFBREU%3D&ctr=de&reg=rp&ref=aHR0cHM6Ly9ldmVyYXJkb2hlcnJlcmEuY29tLw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: E5S8F8W3P068TEE3
age: 794
cf-polished: origSize=2002
x-amz-id-2: biE98lLcNejA07X04JXK1azsMPs4yaFYyYFSVMPQqain61NzUNdyqKx79Spd/210GMmht9nzxqI=
cf-bgj: minify
last-modified: Mon, 12 Feb 2024 16:03:59 GMT
server: cloudflare
etag: W/"0625f7f83d53fd3b06d4460137a2bc86"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=28800
cf-ray: 854624689e449bb9-FRA
expires: Tue, 13 Feb 2024 00:17:30 GMT

GET
H2 200 19a8aecb-17ff-4540-b954-e0197f439f7d Show response
config.aps.amazon-adsystem.com/configs/ 564 B
839 B 63ms
17ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/19a8aecb-17ff-4540-b954-e0197f439f7d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3b6e461fce3ae2eb55430e7e37a8df843d1b3dcd2e3e467224a7b1a4b9a89171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 15:33:03 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2668
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: 9TAFpIzXSQBCCTQXu-WFN7WhR5C6y012wqJ4aw91lgJ7GIZiT_4YCg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 591 B
942 B 101ms
101ms XHR
application/json 18.245.144.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Feverardoherrera.com&pubid=19a8aecb-17ff-4540-b954-e0197f439f7d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.144.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-144-237.lhr5.r.cloudfront.net
Software: Server /
Resource Hash: bed7edd7bf22878824fc9017f768af11716d536d3825913d0c25b3be5a4ed7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
via: 1.1 54b736c8a06d70ac689481ee738cbc60.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR5-P1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 591
x-amz-cf-id: KT_75iUD4UZhIuIz7nycLX4YVcs1jx07jWVWhFzXd1Mfyr6f1dhZng==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
360 B 173ms
65ms XHR
text/javascript 3.161.124.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Feverardoherrera.com%2F&pid=OywewonFVhyB9&cb=0&ws=1600x1200&v=24.205.1508&t=4000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1606315754745-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22562061343%2Feverardoherrera_HB_Article_Leaderboard%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1606317939529-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F22562061343%2Feverardoherrera_HB_Interactive_Content%22%7D%5D&schain=1.0%2C1!embi-media.com%2C0020%2C1%2C%2C%2C&pubid=19a8aecb-17ff-4540-b954-e0197f439f7d&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.124.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-124-29.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:30 GMT
via: 1.1 2f7f18f98d1604cf94a8543646364946.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: OweKAiMMOicrSrVayeGt3RivJf0XHb7Bmay6j6iZXJEmaLflWvBaLg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 93ms
32ms XHR
application/javascript 18.245.144.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.144.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-144-237.lhr5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 55bef38e734117ff8ff4a83214717dc8.cloudfront.net (CloudFront)
date: Mon, 12 Feb 2024 03:19:01 GMT
x-amz-cf-pop: LHR5-P1
age: 46711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: TgBS-6NsKHbvW8LfgfA0RSOYk9vgmtccSN_H6xoQejPf69WYPt27mw==

GET
H2

200

index.html Show response
promos.betano.de/willkommenspaket/ Frame 6010
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_24785b_2931c_&affid=431&siteid=24785&adid=2931&c=CABAEFLAFCDAADE
https://gml-grp.com/C.ashx?btag=a_24785b_2931c_&affid=431&siteid=24785&adid=2931&c=CABAEFLAFCDAADE&AutoR=1
https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

12 KB
4 KB

130ms
84ms

Document
text/html

2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c5b5263064dff51b841888d8a58ba669935b1c38c6b7f692cbce22603e81846

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 337055
cache-control: public, max-age=900, immutable
cf-cache-status: DYNAMIC
cf-ray: 8546246adbde18b3-FRA
content-encoding: gzip
content-md5: zCG71qJcHRZH/mc2t7Yl4Q==
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 16:17:31 GMT
last-modified: Thu, 08 Feb 2024 14:25:27 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 8355d91a-201e-0039-47be-5ae91e000000
x-ms-version: 2014-02-14

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8546246a3a1f3a8b-FRA
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 16:17:31 GMT
location: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hkr4iuD0RFesleYalFDyDtnBykNhvmqd5FaRVlGl42Yq188kNjMT1OsM%2BLKQ10lRiLGaISknEyGiFcGk3H40KFyYy%2Fh8k%2F1TTCD6a1sPo3Qbj7sIkP98V3OeUZ2uwaHxulJdZy0eXKscFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.3
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 services.js Show response
js.gumgum.com/ 111 KB
41 KB 83ms
32ms Script
application/javascript 52.222.169.43

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.43 , United States, ASN (),
Reverse DNS: server-52-222-169-43.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f8c9692ce7d57e98e63975fad1c106be433e9ffa6cc7bc35ddc90b9c20492dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: UHzzCJ6C0ucREA9GJD16dSV8VNPvKCfV
content-encoding: gzip
via: 1.1 72b94a25bcecdbda64f33818ad380f7e.cloudfront.net (CloudFront)
date: Mon, 12 Feb 2024 16:17:31 GMT
x-amz-cf-pop: CDG52-P2
age: 11241
x-cache: Hit from cloudfront
x-amz-meta-access-control-allow-origin: *
last-modified: Sat, 10 Feb 2024 00:42:51 GMT
server: AmazonS3
x-amz-meta-timing-allow-origin: *
etag: W/"1c48450bcadaae0b57e41a411c3a0c13"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: WsGDB-ezra6zEeMv24ZpFqREs18umDkVR8hP_MIPWNu6aeNIAujD_Q==

GET
H2 200 / Show response
s.richaudience.com/vid/M42OUGyN2O/1707754650725/ Frame 0ADF 160 B
384 B 175ms
109ms XHR
text/xml 195.201.193.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/vid/M42OUGyN2O/1707754650725/?consentString=&_timestamp=1707754650725
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.193.117 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.193.201.195.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C4C 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cd0p7FGcFoVWv6AdunNsWqcyyMfN5zPzdsu79WaWNg2JFweNfx_rwxDY4Yy0FXExmhmLwTL37JJWSm8u8Wrw5mtJkSUsvL5K3OABmtyzC8Az-4TQs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1C4C 93 KB
33 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:17:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1C4C 3 KB
1 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:23:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 14:23:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 1C4C 20 KB
9 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 22:58:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1C4C 203 KB
61 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 15:23:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:23:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 03FE 0
20 B 45ms
45ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGI2v1YACMAE&v=APEucNXk2A-fxKqmyEDBMyxVMM4Q0nDoi4FlCgf-xjUoNC-VAO7Ip0f_zdFy26J1Ri4jhkCduQHRzhvPHB6Z7Q1ktoxFoi4D5NRuAIdiXMTZ6Dow36d6j34CrbN57EXmkDqPKRtJPvzavyD-c60sVahgPhBFD2QaW8s6-bXjj7wyc4Fi-KokLjM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 16:17:31 GMT
expires: Mon, 12 Feb 2024 16:17:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 event_collector Show response
pdp-service.retargetly.com/ 90 B
391 B 183ms
182ms Fetch
application/json 2606:4700:10::ac43:8f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdp-service.retargetly.com/event_collector
Requested by: Host: pdp-cdn.retargetly.com
URL: https://pdp-cdn.retargetly.com/t2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d757bbd4b2571119bda37ec17700baa07ba25c114bb3d29dae7b8fae4b3c0b85

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
request_id: 39623a08-c9c2-11ee-ad65-72380da9d70f
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, OPTIONS, GET, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
cf-ray: 8546246dcf1a6939-FRA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With

OPTIONS
H2 200 event_collector
pdp-service.retargetly.com/ Frame 0
0 440ms
418ms Preflight 2606:4700:10::ac43:8f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pdp-service.retargetly.com/event_collector
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://everardoherrera.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8546246b3c856939-FRA
content-length: 0
date: Mon, 12 Feb 2024 16:17:31 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C4C 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1884406447533&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C4C 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1884406447533&version=m202401290101&ct=76&x=1&cor=9803343979658904000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1C4C 112 KB
42 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnKzIKUJ8UU3_sNtCrkLDBERGTenhrH7MZoQsCJEpBzYpxxd41Q7KerzjvoLkpN31RbJt6B2BFCM3uG9RpjaHg63SGtpm0nwkDyIJkaUFErnLES802IBualsEiyz-xtaEqt0YpsPqdVKZnI22eYgpXL1gLQt9EZ1xODxtAoF6O2t9d9dU&dbm_d=AKAmf-CRfI7VbK5962ud9MxZWbYUxgkmBtjHc_I3xm503R-oAtK1orvibiZgXRnZ18z77eaRsGNWzsziPgeBGcdwiQiYh7Iw6hehEjymYeD8vD3q-N65Wehd5PjjpT5MfNniGiv58f_HQnu69-e-o6-dBLhoEI5uqKKaqxVt9Iukc6mY-XVW5hrh4dXkX5nSTETUSCG1Oweyr8_M7UK0btHAGqSNhII1igRrA8IliLyfX3dxEAFcU7MAWn-qCYDN-DvosXbmigu8Y9DzaR6ZNJ5fV8XyY6Q_AWNiYQqugnLImhuE48f3k6EChKPBfBd20Ja_Bvx6bpR2KpAXm6GGLYuJLx6O13j1gkUXc-wjJoT1zCuXnufQtkNziL0naAQlVg0Uc4a0RS_kpc9eyqFKNU6mWpQJ27hZvjdiFuQhLN59iPVlsoFc2T31OeQ6--es8qbmT_8H2p1Nrhdfw08Qspe4H_OWfLZU2urOFclqQoj1KWr8aAjxxaUq3oQKdh8pSP0Voew79lQZDq3vV0-C_70GYVccWE7G_Qd-d1MVLlszNBsgkj5Wo_aWlDg2z8uq7kE1iJ1nTTj5Z0gzfeJRYOS96eHv0KHnczDonsCABuHs6xagdbAZ8C8KnsXlNpsBoeOalurDdKYndVxz0T6f3p-NINrOZsGD1dgD4HMo5rw9HWuFAJQVLXbeZim7f-BgOzBKsSflhDiFMfAy5lDWRiDk59sHX12Enfnt49y0noKAJzPdl6snNspgEIgPaftQEoHX5LOf5qmnfKB5LyDU85lhP4N2DClD1ZsPSd54BVb8y7tOB5J2JQ0609eoyJ0VhP-QO6MbSdeF4nPjYeXA9_VAVzEA0bfj__vy85ATP_XI_3bz9DsfVy8fsl_VMDi8GetPNehJualjCSYTMo6rYI1hdlogOjKqHnrDm_kizg_tjcU2FHAwzplB1X4HEu13HEK2tU-K5Ur5JFs991xH1tiDQm-66pj7a3062GjxkArPZv846SeVNOqCZb0eXdUka8uEvxLWE3PIkD5lgNu532TiCg60hPWw_-k4q-5nAHg3BnRZrGwZc6nOhxpjrzeOWsgQhpr4t2vHEXDHVPP9JqNAvzAAS6wolduPdfzC7DM5VxUQGH9tAnFwZ6MXoyIQTu6J36L-hAibNmgZgcY2tAPfO0eUVrSR3B_YyU1yA9bC8i9VI8joUZ8Q69a1dYt_ZV0IBm9cQj7mYeZ_TGxF5uYPFxE4AVMgzor8DpCYV2tHQkcAwxhQhb3MpqBSM76dpSaAGjiAS1xXFmPQTMHnnQWkxryyWtko3x9oTrPYb56GHHsRtZi6kIPZyMycQLJYD29qfCu3KRawBcYZY5ea0wyxeQtTcEKvclNet6EPi-tAl5_N7W8DuTM1cckJDrBoVMVxv_lwi1Wqz5W-oxhHIfChitWFZL__5UB3SU6GtIy9AVtrMWwc2n4C1s-lQgo28PL4ZjpWVExjcrrsmjfeNz3ZNbUWdegHbOIgECx0e5mF7FaBctdXiwpxMLS4PlgGBtK9lmPqDBpjyHgEW2QIlIGmej5AHIUb25UU8XtrivUQljjYQ1Tf2WlXwGZWgGH68yxWSoOuKbB4R-rQnZVehX0EeavSt3Nqq6ehfjqqSHZ1UIcOEO2RS9rOxp_SSgTkH1Hz4Ljh9urc8XLDRCy28D3f6OtdHUliFZC0UvKylSHYcUz2K_ZlmXfvFywLz7c4SvMOQ37T5e_MpYgsXjhc0v6nPMV7ZbIngE4GAQ3reLyl7Y2MA5oiHsJQiarrlsGCSopB1egnBxaIYnM67nS4bpTLKyTvfwczKju8Zf3nznfD-_vcbyssxBwwtoTUm2Rodm5xoij2zruHXbhKuCBeWnu4wdKXZw6Fm_fh1slb5GGToBAUatDDatrFsKidf1vEFT97KWt6SBCW8HMpPWnRidxomwVD5U_lbCodc-urxCvdVw28w9yUkIuGBkSpYnKBYcLb-8RVve83VUTI5-N02d-G3EX_LiyaMtZBMQz55-Wu-zr6m_TEp-pivM7VYUCIvfpfaC8Yq-ovqx2sAc_7mtaxF3P5XNK1DH6gh6YZOBzgxPGo8fVJ_UlHx6-5NYWMGhB3E17MV8Nm38YjIaTDUSQsZilEcS1Lp1Rz4257FZbemKo3c5pow2iAddal4EiatPJSktA2N-JL7UbLEVJV9Y7_Mwt8oyEH_1aK_etV313Oloq0AX0ePvwbMVvLD3sJb0B2YW5tC6M_f-2pVkIf4LdUPgNUAgDOYW8ygpqqY7CXiXNSlaR0Rlt36sivFANkGMjXac3Lmcq1ieLGGxfJ9lcGqDW0vH-t4M8yjTDMsv1oZC1_dv_OWvtCs3L_VxH_L4d4QCYuK3a41vv905bpgJHqIha27-u1qF8zgmwd-KFu_4Yname4kR0o9oIWtpiEkvcQj0lhSUVIqwPywML3CD5OWbDeYTmsP-qgYOQ6TzjCgQnqcbTYQiJhAkwRaPazD8g2oFIq8jfE07DZBT5Y3thm0RDI_RYyoE9YiIDF8yv1PfvCGNfhGSxySFyS_zjgml3sukr5Kw0JKyUz3nkazQx19cxO3TElDZ7JK6DpB2-NCJCEISQlfhaag_4RPw1wX3vMBkIwNFg-BdotocIWqw0mgwmrlDQjuGQvGAGHS7RawkmRcnkS_9pONiKORBRRdu7COLHsZdnp0wBhOfC_kWUl8GJJtJaawgRGm6HHpw2RKvObybfk6EXEPaBXCkelaKmjpbNt8POK4n7Z903ozVxeAOUI6dc4xlMDrE40O1ipQH9673Xtji6s_0zSxZMCd487sH7stjw0XdY4lDmnmRNSRS6qJ5Jy8xE14sdMam0wwqg3xztvbL1R_QcPSyN2Jcejlx-9fDdIzBlk2JfOTOOdhc818bP6-r4zAdaDDMfcFtl2-pc2N2mZAfQdi-t0zmlmiF-4r9_x-VYxFm60hxVHid_TPBw8-VNPHoUMaipqUmts9aW_sjT0RgD-ELT0hatAy7rkbyRv59ho5S7yCS2eGTnd_F2EIz02ppG5dbooEvr47jaH1wrepvbmaE6UNADaX7iPPJ90l-Hv1ri4REPwgcVqImwPLF6q4BUW32lco_JEymRfXnc5hgu-k3OXSl8nZx5_zE09PP2_GBzG3QoVTYu8jFYmR4q3t0HeYSOcIej4j8dJco1KQhKzUkJbgi2X_k9xxxBCTDAZxoPj7h6UGn93j8aXa-XtYX5PWQvXsTYJSAgroqCfjddpZgn1fqCMe0i38X9tRrEDPvUOEOILK0Dj-nfb5G-UWEkl81NZAZvCeJt-QFDMk74qWN07RnChQ_U8idgmNmeZtYPXyO-kJNawFTl4mFFhiUYCaOWSHo41YCNxR4S3OLRNWoGiyKmvayjJCHk5K_ORO0YJKFF1ONbPyJSZykTRmOLCLJGhohNh1AUO7ULWqK41qWhpPjZu-ItB8omgn6hUGVOkRbvLx0yavC3nWtod6cJ7s15YHwOA6gLbQpF6boqq7AAJ-ZIqW8RdJexknt_OUOvQBoftlK9QDt6xs2cYO-TQoKmEKCyVoDj5nSsrnsvNhqdHLdc6FD-ndc4ntxvLomvQV9UBDz92LNY4BevKh7lbJRm1MPl_HRIzLQ1vZcXCWYWXH5XeG0rUq-ZoABBRvIAVhJucaPwPRq_fVNqbunhWpWLzBTsQbxbjlcaHsJJmfni6vES-3kAb0-vABXZWvPFFZlyDsRV0WAdMiaGhX78_ee7Fjl8RaTyDJLI8qKvUEXImFhoWtj7uaOxHup0Dn2hlgLzejbbqwqGGWI9Aor9T8aegSOaO65UbjmrXDc-HGgU5IVcxcON7ooMPsCif2er7UfPV3feE8ml0R8dLCSjdlrwaLFFVs35cmzftUOMO0P_NHnZtS6JTqFjxLG7yOtuVBtlXzGujxf9gQqBwlh6UbyjE4dixq1cyexK7d0Fm1EtUS-JiLfl4iI8-&cid=CAQSTwAvHhf_fq-6bqlYTh1_GeGOAL4VvLNaibCFP32MApjeluhkFrRi57jKqiW6tZYo-Txi5oTTjUq-xmTvMlunEZkFde75RdpChmm6gydmXQoYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Feverardoherrera.com%2F&ds=l&xdt=1&iif=1&cor=9803343979658904000&adk=250412561&idt=61&cac=0&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c9aa2604bb7e2d2f3ff989220565452ad51b643cf32ffaa9027f9826333ccc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r4JQVZETZTeQtnzawJh5s2Wbw6I.js Show response
promos.betano.de/cdn-cgi/apps/head/ Frame 6010 4 KB
2 KB 41ms
39ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-version-id: 3sraLaHyO3PY1q7UPyU188EJJRO793MA
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KQYMQYA2KA55NTTK
age: 293
content-length: 1344
x-amz-id-2: LkdzbdLwhUzB8UarM/+/AWGDGW0onYko0cgwShL78RS2WQbsmx/i4S0rOiTZNpwfl/J/Uxu4bh4=
last-modified: Thu, 21 Dec 2023 12:52:13 GMT
server: cloudflare
etag: "30cf280ac36d10da9b831b91729cc23c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8546246b7cb418b3-FRA
expires: Tue, 11 Feb 2025 16:17:31 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 6010 86 KB
30 KB 39ms
10ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3071734
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21923-LGA, cache-fra-eddf8230062-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707754651.460021,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 34, 1155850

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 6010 42 KB
11 KB 43ms
22ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 870139
x-jsd-version: 1.8.1
content-encoding: br
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-lga21934-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTKPjMxgO%2F9xCxOA9bRf79m6%2BSzSvpV14E%2BMitxLYJogETYQWrbZhuPAY0SZ01uKbLhmptNheo%2B0NrW8iHt1Q2o31nJwnrAIHO599IYEbxvmeNnd9KE0kMUeHbT9ozJlPpiqP2v2HZWKlTYA174%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8546246b9abc9249-FRA

GET
H2 200 Init.js Show response
promos.betano.de/willkommenspaket/ Frame 6010 2 KB
919 B 54ms
52ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Init.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 265
content-md5: MU2fLrkr53Ix09vSPFEwZA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:25:27 GMT
server: cloudflare
etag: W/"0x8DC28B1CBF7C259"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 0d6d0fef-f01e-0067-5f9b-5a02fe000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 8546246b7cb618b3-FRA
expires: Mon, 12 Feb 2024 16:32:31 GMT

GET
H2 200 Landing.js Show response
promos.betano.de/willkommenspaket/ Frame 6010 614 B
427 B 87ms
86ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Landing.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 265
content-md5: IVOxqm2c5AfGSPYura3A9A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:25:27 GMT
server: cloudflare
etag: W/"0x8DC28B1CC00E8B8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3c6184cb-901e-0061-559b-5a3141000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 8546246b7cbb18b3-FRA
expires: Mon, 12 Feb 2024 16:32:31 GMT

GET
H2 200 custom.js Show response
promos.betano.de/ Frame 6010 8 KB
3 KB 60ms
59ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/custom.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 418
content-md5: IACfhqsuxFK5etAGqh7MRA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 20 Oct 2023 08:33:32 GMT
server: cloudflare
etag: W/"0x8DBD1473EA630C7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14981d54-301e-0057-7798-16bc31000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8546246b7cbd18b3-FRA
expires: Mon, 12 Feb 2024 16:22:31 GMT

GET
H2 200 tagline.png
promos.betano.de/willkommenspaket/ Frame 6010 219 KB
220 KB 62ms
61ms Image
image/png 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/tagline.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2k9YU1t/lIEgNgYbwdE88A==
age: 109
content-length: 224661
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:25:27 GMT
server: cloudflare
etag: "0x8DC28B1CC197615"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: fad19a57-501e-0051-319b-5a8f8e000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8546246b7cbf18b3-FRA
expires: Mon, 12 Feb 2024 16:32:31 GMT

GET
H2 404 Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 6010 215 B
215 B 50ms
50ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/Rectangle.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bfaaccc4f43f593006dcb37ad9c961e034642bbb90595c9ad23bcbf7da937f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 195
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: b9383fdc-e01e-0044-78ce-5d983d000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8546246b7cc018b3-FRA
expires: Mon, 12 Feb 2024 16:22:31 GMT

GET
H2 404 bullet.svg
promos.betano.de/willkommenspaket/ Frame 6010 215 B
215 B 50ms
50ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/bullet.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853b59969d5f64cef35aeb50e6e289ebf2545e37dade01bb5ad963abc04daf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 20
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: c5f8d9f4-b01e-0066-61ce-5d5d22000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8546246bcd2318b3-FRA
expires: Mon, 12 Feb 2024 16:22:31 GMT

GET
H2 404 banner1.png
promos.betano.de/willkommenspaket/ Frame 6010 215 B
215 B 62ms
62ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner1.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e6dc79a8452122cee93283b5be666130ac90fbe224410eb27f8c7806b59234e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 132
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 7877dff4-601e-0017-3fce-5dbb09000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8546246cae4f18b3-FRA
expires: Mon, 12 Feb 2024 16:22:31 GMT

GET
H2 404 banner2.png
promos.betano.de/willkommenspaket/ Frame 6010 215 B
215 B 48ms
47ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner2.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6da103560c99cb6ba625fa942cb9a22278bdd9412f94da7859f6f6cb2aca7005

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 264
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: e50b1240-301e-0078-4cce-5db1fa000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8546246ceea118b3-FRA
expires: Mon, 12 Feb 2024 16:22:31 GMT

GET
H2 404 banner3.png
promos.betano.de/willkommenspaket/ Frame 6010 215 B
215 B 55ms
55ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner3.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c77a04ea95214e81af9d3a76ab76e3d60b9d81390dc79f37fd483cd3727bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 97
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 3d1c4e35-f01e-003a-45ce-5d087a000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8546246d0eca18b3-FRA
expires: Mon, 12 Feb 2024 16:22:31 GMT

POST csi
csi.gstatic.com/ Frame 0ADF 0
0

GET
H2 200 player Show response
logs.hhkld.com/logs/event/ 2 B
270 B 20ms
19ms Fetch
text/plain 141.94.202.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/player?error=303_303&event2=destroy_empty&run=1&cd=1707754651453&sid=102880&event=rtb&tid=17911&t_dsp_request=745&v=2.4.8&rqid=477c42c8323d70ed7f9b1629cbffcce0&t_page_load=6312&t_player_start=894
Requested by: Host: cdn2.viads.net
URL: https://cdn2.viads.net/player/2.4.8/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31491888.ip-141-94-202.eu
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

POST csi
csi.gstatic.com/ Frame 0ADF 0
0

GET
H2 200 dsp Show response
logs.hhkld.com/logs/event/ 2 B
270 B 18ms
18ms Fetch
text/plain 141.94.202.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://logs.hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=102880&tids=15809&pos=2&imp=0&run=1&cd=1707754651457&v=2.4.8&rqid=477c42c8323d70ed7f9b1629cbffcce0&t_page_load=6316&t_player_start=898
Requested by: Host: cdn2.viads.net
URL: https://cdn2.viads.net/player/2.4.8/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31491888.ip-141-94-202.eu
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H3 200 bridge3.619.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 034D 756 KB
242 KB 10ms
9ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450574a0b2790cb089d690ab58940cb4816906a05ced1b4df116073dec25acbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 318500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247627
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 23:49:11 GMT
expires: Fri, 07 Feb 2025 23:49:11 GMT
last-modified: Thu, 08 Feb 2024 23:41:37 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FFE3 40 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 12 Feb 2024 17:04:01 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1874223/77019499/ Frame 1C4C 271 KB
79 KB 135ms
33ms Script
application/javascript 52.211.3.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1874223/77019499/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-6530008089495715&ias_chanId=1&ias_placementId=20839934288&bidurl=https://everardoherrera.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h9SX8aTLsNTUhDdW3ugNhf
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.3.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-3-71.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d0c5307785d554259b8fd2fffcbb51f910175f8cf1c8d9c5f2ce87cdde42e5d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1C4C 111 KB
39 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 22:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Feb 2024 22:34:08 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 1C4C 12 KB
4 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnKzIKUJ8UU3_sNtCrkLDBERGTenhrH7MZoQsCJEpBzYpxxd41Q7KerzjvoLkpN31RbJt6B2BFCM3uG9RpjaHg63SGtpm0nwkDyIJkaUFErnLES802IBualsEiyz-xtaEqt0YpsPqdVKZnI22eYgpXL1gLQt9EZ1xODxtAoF6O2t9d9dU&dbm_d=AKAmf-CRfI7VbK5962ud9MxZWbYUxgkmBtjHc_I3xm503R-oAtK1orvibiZgXRnZ18z77eaRsGNWzsziPgeBGcdwiQiYh7Iw6hehEjymYeD8vD3q-N65Wehd5PjjpT5MfNniGiv58f_HQnu69-e-o6-dBLhoEI5uqKKaqxVt9Iukc6mY-XVW5hrh4dXkX5nSTETUSCG1Oweyr8_M7UK0btHAGqSNhII1igRrA8IliLyfX3dxEAFcU7MAWn-qCYDN-DvosXbmigu8Y9DzaR6ZNJ5fV8XyY6Q_AWNiYQqugnLImhuE48f3k6EChKPBfBd20Ja_Bvx6bpR2KpAXm6GGLYuJLx6O13j1gkUXc-wjJoT1zCuXnufQtkNziL0naAQlVg0Uc4a0RS_kpc9eyqFKNU6mWpQJ27hZvjdiFuQhLN59iPVlsoFc2T31OeQ6--es8qbmT_8H2p1Nrhdfw08Qspe4H_OWfLZU2urOFclqQoj1KWr8aAjxxaUq3oQKdh8pSP0Voew79lQZDq3vV0-C_70GYVccWE7G_Qd-d1MVLlszNBsgkj5Wo_aWlDg2z8uq7kE1iJ1nTTj5Z0gzfeJRYOS96eHv0KHnczDonsCABuHs6xagdbAZ8C8KnsXlNpsBoeOalurDdKYndVxz0T6f3p-NINrOZsGD1dgD4HMo5rw9HWuFAJQVLXbeZim7f-BgOzBKsSflhDiFMfAy5lDWRiDk59sHX12Enfnt49y0noKAJzPdl6snNspgEIgPaftQEoHX5LOf5qmnfKB5LyDU85lhP4N2DClD1ZsPSd54BVb8y7tOB5J2JQ0609eoyJ0VhP-QO6MbSdeF4nPjYeXA9_VAVzEA0bfj__vy85ATP_XI_3bz9DsfVy8fsl_VMDi8GetPNehJualjCSYTMo6rYI1hdlogOjKqHnrDm_kizg_tjcU2FHAwzplB1X4HEu13HEK2tU-K5Ur5JFs991xH1tiDQm-66pj7a3062GjxkArPZv846SeVNOqCZb0eXdUka8uEvxLWE3PIkD5lgNu532TiCg60hPWw_-k4q-5nAHg3BnRZrGwZc6nOhxpjrzeOWsgQhpr4t2vHEXDHVPP9JqNAvzAAS6wolduPdfzC7DM5VxUQGH9tAnFwZ6MXoyIQTu6J36L-hAibNmgZgcY2tAPfO0eUVrSR3B_YyU1yA9bC8i9VI8joUZ8Q69a1dYt_ZV0IBm9cQj7mYeZ_TGxF5uYPFxE4AVMgzor8DpCYV2tHQkcAwxhQhb3MpqBSM76dpSaAGjiAS1xXFmPQTMHnnQWkxryyWtko3x9oTrPYb56GHHsRtZi6kIPZyMycQLJYD29qfCu3KRawBcYZY5ea0wyxeQtTcEKvclNet6EPi-tAl5_N7W8DuTM1cckJDrBoVMVxv_lwi1Wqz5W-oxhHIfChitWFZL__5UB3SU6GtIy9AVtrMWwc2n4C1s-lQgo28PL4ZjpWVExjcrrsmjfeNz3ZNbUWdegHbOIgECx0e5mF7FaBctdXiwpxMLS4PlgGBtK9lmPqDBpjyHgEW2QIlIGmej5AHIUb25UU8XtrivUQljjYQ1Tf2WlXwGZWgGH68yxWSoOuKbB4R-rQnZVehX0EeavSt3Nqq6ehfjqqSHZ1UIcOEO2RS9rOxp_SSgTkH1Hz4Ljh9urc8XLDRCy28D3f6OtdHUliFZC0UvKylSHYcUz2K_ZlmXfvFywLz7c4SvMOQ37T5e_MpYgsXjhc0v6nPMV7ZbIngE4GAQ3reLyl7Y2MA5oiHsJQiarrlsGCSopB1egnBxaIYnM67nS4bpTLKyTvfwczKju8Zf3nznfD-_vcbyssxBwwtoTUm2Rodm5xoij2zruHXbhKuCBeWnu4wdKXZw6Fm_fh1slb5GGToBAUatDDatrFsKidf1vEFT97KWt6SBCW8HMpPWnRidxomwVD5U_lbCodc-urxCvdVw28w9yUkIuGBkSpYnKBYcLb-8RVve83VUTI5-N02d-G3EX_LiyaMtZBMQz55-Wu-zr6m_TEp-pivM7VYUCIvfpfaC8Yq-ovqx2sAc_7mtaxF3P5XNK1DH6gh6YZOBzgxPGo8fVJ_UlHx6-5NYWMGhB3E17MV8Nm38YjIaTDUSQsZilEcS1Lp1Rz4257FZbemKo3c5pow2iAddal4EiatPJSktA2N-JL7UbLEVJV9Y7_Mwt8oyEH_1aK_etV313Oloq0AX0ePvwbMVvLD3sJb0B2YW5tC6M_f-2pVkIf4LdUPgNUAgDOYW8ygpqqY7CXiXNSlaR0Rlt36sivFANkGMjXac3Lmcq1ieLGGxfJ9lcGqDW0vH-t4M8yjTDMsv1oZC1_dv_OWvtCs3L_VxH_L4d4QCYuK3a41vv905bpgJHqIha27-u1qF8zgmwd-KFu_4Yname4kR0o9oIWtpiEkvcQj0lhSUVIqwPywML3CD5OWbDeYTmsP-qgYOQ6TzjCgQnqcbTYQiJhAkwRaPazD8g2oFIq8jfE07DZBT5Y3thm0RDI_RYyoE9YiIDF8yv1PfvCGNfhGSxySFyS_zjgml3sukr5Kw0JKyUz3nkazQx19cxO3TElDZ7JK6DpB2-NCJCEISQlfhaag_4RPw1wX3vMBkIwNFg-BdotocIWqw0mgwmrlDQjuGQvGAGHS7RawkmRcnkS_9pONiKORBRRdu7COLHsZdnp0wBhOfC_kWUl8GJJtJaawgRGm6HHpw2RKvObybfk6EXEPaBXCkelaKmjpbNt8POK4n7Z903ozVxeAOUI6dc4xlMDrE40O1ipQH9673Xtji6s_0zSxZMCd487sH7stjw0XdY4lDmnmRNSRS6qJ5Jy8xE14sdMam0wwqg3xztvbL1R_QcPSyN2Jcejlx-9fDdIzBlk2JfOTOOdhc818bP6-r4zAdaDDMfcFtl2-pc2N2mZAfQdi-t0zmlmiF-4r9_x-VYxFm60hxVHid_TPBw8-VNPHoUMaipqUmts9aW_sjT0RgD-ELT0hatAy7rkbyRv59ho5S7yCS2eGTnd_F2EIz02ppG5dbooEvr47jaH1wrepvbmaE6UNADaX7iPPJ90l-Hv1ri4REPwgcVqImwPLF6q4BUW32lco_JEymRfXnc5hgu-k3OXSl8nZx5_zE09PP2_GBzG3QoVTYu8jFYmR4q3t0HeYSOcIej4j8dJco1KQhKzUkJbgi2X_k9xxxBCTDAZxoPj7h6UGn93j8aXa-XtYX5PWQvXsTYJSAgroqCfjddpZgn1fqCMe0i38X9tRrEDPvUOEOILK0Dj-nfb5G-UWEkl81NZAZvCeJt-QFDMk74qWN07RnChQ_U8idgmNmeZtYPXyO-kJNawFTl4mFFhiUYCaOWSHo41YCNxR4S3OLRNWoGiyKmvayjJCHk5K_ORO0YJKFF1ONbPyJSZykTRmOLCLJGhohNh1AUO7ULWqK41qWhpPjZu-ItB8omgn6hUGVOkRbvLx0yavC3nWtod6cJ7s15YHwOA6gLbQpF6boqq7AAJ-ZIqW8RdJexknt_OUOvQBoftlK9QDt6xs2cYO-TQoKmEKCyVoDj5nSsrnsvNhqdHLdc6FD-ndc4ntxvLomvQV9UBDz92LNY4BevKh7lbJRm1MPl_HRIzLQ1vZcXCWYWXH5XeG0rUq-ZoABBRvIAVhJucaPwPRq_fVNqbunhWpWLzBTsQbxbjlcaHsJJmfni6vES-3kAb0-vABXZWvPFFZlyDsRV0WAdMiaGhX78_ee7Fjl8RaTyDJLI8qKvUEXImFhoWtj7uaOxHup0Dn2hlgLzejbbqwqGGWI9Aor9T8aegSOaO65UbjmrXDc-HGgU5IVcxcON7ooMPsCif2er7UfPV3feE8ml0R8dLCSjdlrwaLFFVs35cmzftUOMO0P_NHnZtS6JTqFjxLG7yOtuVBtlXzGujxf9gQqBwlh6UbyjE4dixq1cyexK7d0Fm1EtUS-JiLfl4iI8-&cid=CAQSTwAvHhf_fq-6bqlYTh1_GeGOAL4VvLNaibCFP32MApjeluhkFrRi57jKqiW6tZYo-Txi5oTTjUq-xmTvMlunEZkFde75RdpChmm6gydmXQoYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Feverardoherrera.com%2F&ds=l&xdt=1&iif=1&cor=9803343979658904000&adk=250412561&idt=61&cac=0&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 01:46:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 1C4C 31 KB
12 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:55:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11930
x-xss-protection: 0
server: cafe
etag: 15760894069517589058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 01:55:17 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C4C 41 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 247240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
DATA 200
OK truncated
/ Frame 1C4C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a80ecf30a77a93e985c57a3d5b410ec969a4a25d123a015955b28c826ee6b3da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 6010 404 KB
118 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4166e243b0dc12f29c55b5bfd8b2fc8d02ce1389ba1b9396840bea434c1d215a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120303
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 15:49:17 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 16:17:31 GMT

GET
H2 200 tags.js Show response
dd.betano.de/ Frame 6010 148 KB
27 KB 121ms
8ms Script
text/javascript 18.245.46.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.betano.de/tags.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-49.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

acacdefbaa034a0ac06f764ef3899fd583f9517eaeb2d53fe64df3e2f1925b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
date: Mon, 12 Feb 2024 15:20:16 GMT
x-amz-cf-pop: FRA56-P9
age: 3435
x-cache: Hit from cloudfront
content-length: 27494
last-modified: Mon, 05 Feb 2024 18:46:39 GMT
server: Apache
etag: "24efc-610a6e1d6ebe7-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: NxcmcgQtWHGOLE6fqa-EqRKjuq-WG1-lpcCs5hORJMOW5_MEL14leQ==
expires: Mon, 12 Feb 2024 16:20:16 GMT

GET
H2 404 Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 6010 215 B
215 B 60ms
60ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/Rectangle.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bfaaccc4f43f593006dcb37ad9c961e034642bbb90595c9ad23bcbf7da937f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 195
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: b9383fdc-e01e-0044-78ce-5d983d000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8546246d1ede18b3-FRA
expires: Mon, 12 Feb 2024 16:22:31 GMT

GET
H2 404 bullet.svg
promos.betano.de/willkommenspaket/ Frame 6010 215 B
215 B 53ms
53ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/bullet.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853b59969d5f64cef35aeb50e6e289ebf2545e37dade01bb5ad963abc04daf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 20
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: c5f8d9f4-b01e-0066-61ce-5d5d22000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8546246d1edf18b3-FRA
expires: Mon, 12 Feb 2024 16:22:31 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E39D 38 KB
13 KB 9ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 229601
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/13837033311016982479/ Frame 8222 7 KB
2 KB 10ms
9ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b0b2404dc7ad31fd725c8e5f009453ef05588f59f9c2e3aa26565c54680b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 232029
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2310
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 23:50:22 GMT
expires: Sat, 08 Feb 2025 23:50:22 GMT
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C4C 0
0 102ms
49ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIVQOm8bUxcTRxBnytrPlbbRkL_M1b6rNwMOPThd25kQlarORwILxjOap1WjFE3NEsoYfkkXaqFkQ6VnxZuMk8XybnEK_ClxxI7Eu_WTT4qmBs849jKiXPPD-v8MZtY6jpKLgRAqFhak7hkdMx2FK9vcxIam0hCntJ3Lw_jGGIejfYmjrAN-CLKrCLg3lJCjHDLzv6eZGc7V4cHk0zVNSaVQ9lJW_nCIKrOaoshfXfCqvo1AVbPn-7OV2CFLLl2J2G4Uf98zjlYXTCXW8dYUEQRuZk3l_yxhugZw3Scx7fPnLR-I_hg2jwT20e-6PuwqRVke9k98uN8kF9vhPOe1Bn1nahyz2lVIWfqV2w7iK3FOIzX4vr2OEt0OGoBdst9EHTuCQmcY9MeX-aB1YB9XjUs2a7gBMrGqOz02HiyB-xXb_ym3bFvXkvKN1aL8OVVWv9ONDoOkMUWVCvgcABrmAmXn4WUqxuu4RXGtQzyZ03C1njfqHaHgSzIGV0R-XVL3wNKUlEfsRtLH5OabHc3daoeuknLSF8rcHKwfwcPUUQDelCMdFsf8m7WS5P1oAe4aEzzePQ5pm7mUl1_gDp7eInvDyIC-4Tef74Jsb0o6vvFDzwYt8FUu2WEKfHr-J2aPCiaAwqf-0UmKqw3xrLgB9iWmotPyVEJXoJYeR-2aTQQrr0YKInYBJQQbVX5aZj_huQJf5JNsWUcleTE71iXejkJyFuRfB1g4UoYo7HqnZptAntUlLQ8BQaSMXT63v01Gf1tWpw9Ek5zUtm9ubb1oEFct1hidJKoQmCD_7sghZn7eTGqj-WYu36PcQE8FNFupQYNNfxgdkzhse-pGNASEbGsp_Ywh-joUGtbaITkhWZDGMZMR5sCDFc-ycXPPd9qlpXnN467Vn5cyTW4ccxHYQOdT49p-GhikCv1eAr-vHeIBY7NFNfnc6f94nm5I7zkL2ZBNybMPVZ1RNmFLR05vO3Bd9Hh6j2TxJjY5-dvJwFfAs7_K2104U46BQYNK9TzRp-S2NuYF6yIHf7x47vDJ38Kx4Y4X5KdY4rtImcgix9zX1r1ig8g1APhnm0XqRDUr_3KpQm6dI7vfx8APHRXVdQGKX-KtuHQoOPUi1n-N6nhNwvoO9U5_V60kiphfiSHsUPN5vFWzKUJXN0jVUyln1K_aGcWWfg1gbQBb9KanN-qkLbfIPEbRYMeP5dJ04H2xGzm6s40GK4vtwZYd0-hrdGhbwCqjZFUnnQhOZAP3X5zhTwMwdltpS_cZUDZLca-3-NoH1tjfW3gzEyefQ7XrxQbiO9zryvYeh6WCus3ae-3L4LjSEkgMzVYjOVeUsr1VIErrkuysJ7K50s4D8YjuvsnWiYqmyFu_JI9ls60bcUUdIgFwHaSViIy9rkBMlOBvZNyPlO7CDJ3CcajSNok3CFJ_I&sai=AMfl-YQsSFDts2yZkc4yZlPxcMZzyyAloQdq61jfVpxUaIliB3ayZsWU9Ccd1-Kz27CfDYRDVjMH03uMif4ZS5VWVGdVNSj7K4AErg28BST238mMvy8DgaHzsAe3Cn4E3C55ExSAnqeugZX5qclnYBvPw45xqxNPtCtfE9nPt7VyoGF2WoBushtMakBDZNtuq7L1-WQmaGGWGf8c3na_1kJDFes1Eu8jn5XTH0N_CeU4tPXGAG85P7xujkaZ8IJOoh4JU_PRJe-fF_x0nrgGuczqsjiGy2tmMyExMV3qnTSqFg&sig=Cg0ArKJSzIDYrHt-NJmMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=221&cbvp=1&cstd=218&cisv=r20240207.12091&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 12 Feb 2024 16:17:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:17:31 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 165 KB
56 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b2cb4a37f103da5c10a3468567dcc30ba6bcc5edfaf3f2b4ae1fff72197e16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57064
x-xss-protection: 0
server: cafe
etag: 13082592262207345643
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:17:31 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 91 KB
31 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1aa661b26b4e650976a9262eafc754dd725410a495a8c86527311cd9bd3a3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32194
x-xss-protection: 0
server: cafe
etag: 17576735081747486578
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:17:31 GMT

GET
H3 200 ns.html Show response
www.googletagmanager.com/ Frame 9145 692 B
344 B 19ms
18ms Document
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/custom.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d8958f4d19f06bf91606f4214e438d2bf25b603f08e83b6b487b1a6e2765ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 322
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 16:17:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2

200

main.js Show response
promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 5F55
Redirect Chain

https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

45ms
44ms

Script
application/javascript

2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31c1a3974efdf3f3af80aa6570aa3c05100ce40bc7f6a3091f41fabdd0b95aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8546246e88de18b3-FRA

Redirect headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control: max-age=300, public
cf-ray: 8546246d9f9818b3-FRA

GET
H3 200 style.css
s0.2mdn.net/sadbundle/13837033311016982479/css/ Frame 8222 5 KB
2 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

645a8cedb47e8b9f20c7ada187dd609511577292172a1ababb1b10a35fca1229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Tue, 11 Feb 2025 00:16:36 GMT
date: Mon, 12 Feb 2024 00:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1763
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 8222 70 KB
25 KB 21ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2837630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 09 Jan 2024 01:45:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "659c9715-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4%2Fa%2BLhU1Pl1iOV6kz9doJz6TdouV36t2Nlev%2FAEQ7c%2BcENbP9vedXGWlS4qMhajMG%2F%2Bmxrwqvy%2FcnlmFK%2F8f4qOeENMIWMyGtYi6fkSOpFpB3ewtTEhLlf%2BT1w9ha4Ir%2FKxTyD%2F9g%2BW9PevBEqOt9cV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8546246da80c68f5-FRA
expires: Sat, 01 Feb 2025 16:17:31 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 8222 7 KB
4 KB 19ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3687104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1AOYAP6z%2FIPqI4t%2BKJSMJv8Ncgy2loV%2BELm%2BOJOB6eceUEA8q%2Fx%2FjRP4l%2BRUZfLI1oAIiruJETH4pUCPeZPbgC4RvsyavHPHfNH19pNVJJXVShd9VgnYeoCApROW5wgKD9cY5yT0qKLRhMD1NPo6Dgd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8546246da80e68f5-FRA
expires: Sat, 01 Feb 2025 16:17:31 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 23:55:06 GMT
date: Wed, 07 Feb 2024 23:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 2 KB
801 B 11ms
11ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 01:37:45 GMT
date: Sat, 10 Feb 2024 01:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 16 KB
5 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/dyson-v15s-submarine.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29513a76a58d066e958c5942d64999007df95b8493e9e200cfbcd0aa7202862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 20:17:00 GMT
date: Tue, 06 Feb 2024 20:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5496
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 38 KB
38 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef77885b940f1b5a00aa3b92aa15920ba9a736c885abde556ea51bab0329bde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Tue, 11 Feb 2025 00:16:36 GMT
date: Mon, 12 Feb 2024 00:16:36 GMT
x-content-type-options: nosniff
age: 57655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38711
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 29 KB
29 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b2f5bdcdce2be370fb2d9904f872b101a79f56583948143329b7ea14a33162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Mon, 10 Feb 2025 07:59:21 GMT
date: Sun, 11 Feb 2024 07:59:21 GMT
x-content-type-options: nosniff
age: 116290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29664
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 21 KB
21 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ebf62863164301ab0e735168824bdc36c33b24f80364f3ed7320cd94b93e260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 06:23:28 GMT
date: Sat, 10 Feb 2024 06:23:28 GMT
x-content-type-options: nosniff
age: 208443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21543
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 32 KB
33 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510748fc7494515a58521b444287e068e588764bcde0a6f7ca9b0019e6b4cd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:02:34 GMT
date: Thu, 08 Feb 2024 00:02:34 GMT
x-content-type-options: nosniff
age: 404098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33259
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 192 B
191 B 12ms
10ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Tue, 11 Feb 2025 00:16:36 GMT
date: Mon, 12 Feb 2024 00:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/13837033311016982479/script/ Frame 8222 4 KB
966 B 13ms
12ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94698f87ae32fd13a4aa0775e039e10234fba7f77119a4ad7534b21c778edee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:02:34 GMT
date: Thu, 08 Feb 2024 00:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 936
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 css-betano.css
landingpages.kaizengaming.com/layout/ Frame 6010 266 B
562 B 89ms
46ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: VV0mNMQdoST1edPAjk1m6w==
age: 103
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:08 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1339F5D"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 29375f46-401e-003f-5b67-22daa1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246e4b642bf3-FRA

GET
H2 200 css-theme.css
landingpages.kaizengaming.com/de-sport/ Frame 6010 799 B
796 B 88ms
44ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/de-sport/css-theme.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kJMidRkqsO72r6TQLkoSKQ==
age: 103
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:37 GMT
server: cloudflare
etag: W/"0x8DC28B313C4C7A7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 0d8b2875-f01e-0067-349f-5a02fe000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246e4b632bf3-FRA

GET
H2 200 css-betano_worldcup.css
landingpages.kaizengaming.com/layout/ Frame 6010 3 KB
1 KB 90ms
47ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano_worldcup.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: k3d6Yiaa8bmwIFFDC1yKKQ==
age: 103
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1452901"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: fd2e1df7-101e-0050-3b57-23d052000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246e4b622bf3-FRA

GET
H2 200 css-iframe.css
landingpages.kaizengaming.com/layout/ Frame 6010 2 KB
896 B 88ms
45ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-iframe.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 39E7RXrp/bQVuYTQHPOHVg==
age: 103
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D385763B"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 270c4b48-101e-001d-0ba3-211fbe000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246e4b5f2bf3-FRA

GET
H2 200 Theme.css
promos.betano.de/willkommenspaket/ Frame 6010 4 KB
1 KB 52ms
51ms Stylesheet
text/css 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Theme.css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 495
content-md5: iEQB/4Da+za49y9++eEi0A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:25:27 GMT
server: cloudflare
etag: W/"0x8DC28B1CBB17527"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f3c8dc2e-801e-0052-579b-5a6eea000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 8546246e082418b3-FRA
expires: Mon, 12 Feb 2024 16:32:31 GMT

GET
H2 200 common.js Show response
landingpages.kaizengaming.com/layout/ Frame 6010 7 KB
2 KB 73ms
32ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/common.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Tt1r+v6iV6U4snwCJhK1bQ==
age: 103
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:08 GMT
server: cloudflare
etag: W/"0x8DBA4A5D12AEE0B"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 20c38c19-601e-0007-6baf-217e61000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246e4b652bf3-FRA

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 1C4C
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1874223/77019499/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-6530008089495715&ias_chanId=1&ias_placementId=20839934288&bidurl=https://everardoherrera....
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

9ms
8ms

Script
application/javascript

2600:9000:223f:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468
Protocol: H2
Server: 2600:9000:223f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 14:23:19 GMT
x-amz-version-id: N7g_Y8GKdwkf7j66lPv2SEjHkWKcaXnn
content-encoding: gzip
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 266053
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 09 Feb 2024 14:23:17 GMT
server: AmazonS3
etag: W/"2105f244154aad4862ff53a961b1f1a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ADHJnKi2bB8fd4p4LcuPjUsN-FXX4myqKOgSiu8ujCoebfAgV7LWEA==

Redirect headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:31 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 4ABB 91 KB
23 KB 52ms
8ms Script
application/javascript 2600:9000:223f:4400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12499701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 8gnCmDJKwJTmacL_w0l15CqXJFkaJjwTGGPC22dzD_ORRNJL86hHFw==

GET
H2

200

/
www.google.de/pagead/1p-conversion/763238947/ Frame 9145
Redirect Chain

https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=nETKZb9Ino-IzQ-6qYW4Bw&random...
https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2104856002&sscte=1&crd=COy7sQI&pscrd=IhMIv4aW65mmh...
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2104856002&sscte=1&crd=COy7sQI&pscrd=IhMIv4aW65mmhA...

42 B
154 B

23ms
22ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2104856002&sscte=1&crd=COy7sQI&pscrd=IhMIv4aW65mmhAMVngeiAx26VAF3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=nETKZb9Ino-IzQ-6qYW4Bw&cid=CAQSKQAvHhf_j8tdrU7g-9b3mtHm5a4xpva3h_BRtadAAzyUeqQ438ohU7jb&random=3617946776&ipr=y

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6

Protocol

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2104856002&sscte=1&crd=COy7sQI&pscrd=IhMIv4aW65mmhAMVngeiAx26VAF3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=nETKZb9Ino-IzQ-6qYW4Bw&cid=CAQSKQAvHhf_j8tdrU7g-9b3mtHm5a4xpva3h_BRtadAAzyUeqQ438ohU7jb&random=3617946776&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C4C 43 B
215 B 336ms
109ms Image
image/gif 2600:1f18:1aca:4280:bdb4:8050:697b:3322
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=c8c81e48-f1fd-b903-e5d2-6ffdf707d718&tv=%7Bc:41NhdO,pingTime:-3,time:92,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:45%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:92,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u45CtSw+11%7C12%7C13%7C14*.1874223-77019499%7C141%7C142%7C143%7C15%7C1611%7C1612%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2,idMap:14*,rmeas:1,rend:0,renddet:na,siq:46%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bdb4:8050:697b:3322 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C4C 43 B
215 B 333ms
110ms Image
image/gif 2600:1f18:1aca:4280:bdb4:8050:697b:3322
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=c8c81e48-f1fd-b903-e5d2-6ffdf707d718&tv=%7Bc:41NhdQ,pingTime:-6,time:94,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:94,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B82~0%5D,as:%5B82~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u45CtSw+11%7C12%7C13%7C14*.1874223-77019499%7C141%7C142%7C143%7C15%7C1611%7C1612%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2,idMap:14*,rmeas:1,rend:0,renddet:na,siq:46%7D&tpiLookup=ao:everardoherrera.com*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bdb4:8050:697b:3322 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET

activityi;dc_pre=CPaMmOuZpoQDFUrHOwId6cEPWA;src=12738953;type=despo0;cat=despo0;ord=1337654614;~oref=https%3A%2F%2Fpromos.betano.de%2F
12738953.fls.doubleclick.net/ Frame 247D
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=1337654614;~oref=https%3A%2F%2Fpromos.betano.de%2F?
https://12738953.fls.doubleclick.net/activityi;dc_pre=CPaMmOuZpoQDFUrHOwId6cEPWA;src=12738953;type=despo0;cat=despo0;ord=1337654614;~oref=https%3A%2F%2Fpromos.betano.de%2F?

0
0

GET
H2 200 slick.css
landingpages.kaizengaming.com/layout/ Frame 6010 2 KB
667 B 35ms
32ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/slick.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: WZ31BB/YyxPVIgu7I3iKsw==
age: 174
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D32ED756"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 2424738d-201e-0016-5a65-22e4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc0a2bf3-FRA

GET
H2 200 slick-theme.css
landingpages.kaizengaming.com/layout/ Frame 6010 3 KB
1000 B 35ms
33ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/slick-theme.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: UpLamLxcSvAJaktpLARRvQ==
age: 174
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D316E60C"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3d33fbf6-201e-004b-13b0-21ee51000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc0f2bf3-FRA

GET
H2 200 css-fonts.css
landingpages.kaizengaming.com/layout/ Frame 6010 4 KB
670 B 28ms
26ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-fonts.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: pvSNyxtpXpV4jwDcVBs+8g==
age: 174
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1600014"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ee9e2a2e-d01e-002d-2e75-22a171000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc152bf3-FRA

GET
H2 200 css-common.css
landingpages.kaizengaming.com/layout/ Frame 6010 944 B
600 B 45ms
44ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-common.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 5eGR2sXfZgOapde0CV8YSg==
age: 175
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D14E9D7C"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 4ea1a3c7-001e-003e-6135-23857d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc182bf3-FRA

GET
H2 200 css-landing.css
landingpages.kaizengaming.com/layout/ Frame 6010 8 KB
2 KB 37ms
36ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-landing.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: JDqCfcVQtN58am64kAmqvg==
age: 174
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D168B161"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5a13d07d-a01e-0055-6bb0-210289000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc192bf3-FRA

GET
H2 200 css-desktop.css
landingpages.kaizengaming.com/layout/ Frame 6010 5 KB
1 KB 29ms
28ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-desktop.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: AOVpmo2f/4Wn1SoTquvjVA==
age: 174
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1574ECA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a952017e-a01e-0037-4e9f-21c0ae000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc1c2bf3-FRA

GET
H2 200 css-tablet.css
landingpages.kaizengaming.com/layout/ Frame 6010 4 KB
1 KB 44ms
43ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-tablet.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Mr2IdhRK+4IeBy7KcyoBtQ==
age: 174
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D18E0E3F"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6d2ca778-201e-0016-624b-23e4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc1d2bf3-FRA

GET
H2 200 css-mobile.css
landingpages.kaizengaming.com/layout/ Frame 6010 3 KB
1 KB 29ms
28ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-mobile.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: y0J3Tr1dgXYbzTPMrvAM5Q==
age: 174
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D171FED7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7337b64a-201e-0029-558c-222c76000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc1e2bf3-FRA

GET
H2 200 css-betano_theme.css
landingpages.kaizengaming.com/layout/ Frame 6010 8 KB
1 KB 44ms
43ms Stylesheet
text/css 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano_theme.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: D6htD+uya4gpW6XLW/HaDw==
age: 174
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D13C50A6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: efe62049-e01e-0054-5cbf-215d55000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246ecc232bf3-FRA

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C4C 43 B
216 B 305ms
106ms Image
image/gif 2600:1f18:1aca:4280:bdb4:8050:697b:3322
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=c8c81e48-f1fd-b903-e5d2-6ffdf707d718&tv=%7Bc:41Nheh,pingTime:-2,time:121,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1449,beZ:1450,mfA:1459,cmA:1460,inA:1461,inZ:1464,prA:1465,prZ:1489,si:1494,poA:1496,poZ:1517,cmZ:1517,mfZ:1517,loA:1543,loZ:1546,ltA:1570,ltZ:1570%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:45%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:121,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u45CtSw+11%7C12%7C13%7C14*.1874223-77019499%7C141%7C142%7C143%7C15%7C1611%7C1612%7C1613%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:46,sinceFw:74,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6530008089495715&output=html&h=600&slotname=6887580780&adk=1666921911&adf=343901277&pi=t.ma~as.6887580780&w=300&lmt=1707754649&format=300x600&url=https%3A%2F%2Feverardoherrera.com%2F&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707754649930&bpp=1&bdt=910&idt=464&shv=r20240208&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2009621240441&frm=20&pv=1&ga_vid=1389964320.1707754650&ga_sid=1707754650&ga_hid=27662829&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080795%2C31081024%2C31081035%2C44809005%2C95322745%2C95324581%2C95320870%2C95324154%2C95324160%2C95324260&oid=2&pvsid=283109826932713&tmod=1144195827&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=468
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bdb4:8050:697b:3322 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E39D 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7oEUkR-0Uy9FIahscmU7Lq7lgP_YvsNEVpm_VpMj8bQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 21:42:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19829
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 21:42:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6010 277 KB
92 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55bca248b12943b3ce2a739ad7094ff306882a1764c84c58b4b564b3c0c82a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 16:17:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6010 277 KB
90 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SJLCV23YJW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51867f53373cb61a5797633285d236a4237c0f419f0f927fa10753d04b9bd547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 16:17:32 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6010 52 KB
21 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1763
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 12 Feb 2024 17:48:09 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 6010 41 KB
18 KB 77ms
38ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 48ce5810e9c37aaf2076f84ffe1cd46b0ea4e6458811c3b310cf9bf39342619b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 18069
x-amz-cf-id: PqL3sH5FsJ19AAo7Ngy1ynbj7lXuAh78CmNKAn5PNxY-mHqtvJ1XkA==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 6010 81 KB
31 KB 197ms
49ms Script
application/javascript 37.157.2.250
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000322062e90ffa8910-0065ba2321-32959ea8-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 6010 214 KB
57 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Feb 2024 16:17:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: dpTozjsw9T+B1Eue/TDvrAGGv9cwTmXy40Ve/FxGvC0ukd4XYPekvw3VCjfBkZTFyuzQMW2mOnW+9T+NaoZJOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 6010 45 KB
13 KB 73ms
38ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 12 Feb 2024 16:17:31 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5AA5921F32354A199AAAE943999C31F4 Ref B: FRAEDGE1406 Ref C: 2024-02-12T16:17:32Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame 6010 15 KB
5 KB 167ms
116ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1707754652007

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11c5a22dd9019075ebe82b053243bda7bbadd0d5e57f67f11148c723f946bf14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8e4d2ccf-53a1-4be2-b4af-ddeb4191cf37
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8546246f68d46650-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/13837033311016982479/assets/ Frame 8222 8 KB
8 KB 10ms
10ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13837033311016982479/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13837033311016982479/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13837033311016982479/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 06:17:06 GMT
date: Sat, 10 Feb 2024 06:17:06 GMT
x-content-type-options: nosniff
age: 208826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame 6010 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1707754651999&cv=11&fst=1707754651999&bg=ffffff&guid=ON&async=1&gtm=45He4270v79977643za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&tcfd=10001&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&top=https%3A%2F%2Feverardoherrera.com&hn=www.googleadservices.com&frm=2&tiba=BETANO%20MODE&npa=0&pscdl=noapi&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329c2e29867438d2a4ac3e7a75f715d48b6c322cb4e0e46797247fcb67bd3239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1405
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;ua... Show response
12738953.fls.doubleclick.net/ Frame 011A
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=...
https://12738953.fls.doubleclick.net/activityi;dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dm...

641 B
414 B

50ms
49ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12738953.fls.doubleclick.net/activityi;dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

28e73c81683ead48bd62eed86b39440f1e11e2d6ddff38e50886df6ed7fe9223

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 390
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 16:17:32 GMT
expires: Mon, 12 Feb 2024 16:17:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 16:17:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12738953.fls.doubleclick.net/activityi;dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C4C 0
0 42ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIVQOm8bUxcTRxBnytrPlbbRkL_M1b6rNwMOPThd25kQlarORwILxjOap1WjFE3NEsoYfkkXaqFkQ6VnxZuMk8XybnEK_ClxxI7Eu_WTT4qmBs849jKiXPPD-v8MZtY6jpKLgRAqFhak7hkdMx2FK9vcxIam0hCntJ3Lw_jGGIejfYmjrAN-CLKrCLg3lJCjHDLzv6eZGc7V4cHk0zVNSaVQ9lJW_nCIKrOaoshfXfCqvo1AVbPn-7OV2CFLLl2J2G4Uf98zjlYXTCXW8dYUEQRuZk3l_yxhugZw3Scx7fPnLR-I_hg2jwT20e-6PuwqRVke9k98uN8kF9vhPOe1Bn1nahyz2lVIWfqV2w7iK3FOIzX4vr2OEt0OGoBdst9EHTuCQmcY9MeX-aB1YB9XjUs2a7gBMrGqOz02HiyB-xXb_ym3bFvXkvKN1aL8OVVWv9ONDoOkMUWVCvgcABrmAmXn4WUqxuu4RXGtQzyZ03C1njfqHaHgSzIGV0R-XVL3wNKUlEfsRtLH5OabHc3daoeuknLSF8rcHKwfwcPUUQDelCMdFsf8m7WS5P1oAe4aEzzePQ5pm7mUl1_gDp7eInvDyIC-4Tef74Jsb0o6vvFDzwYt8FUu2WEKfHr-J2aPCiaAwqf-0UmKqw3xrLgB9iWmotPyVEJXoJYeR-2aTQQrr0YKInYBJQQbVX5aZj_huQJf5JNsWUcleTE71iXejkJyFuRfB1g4UoYo7HqnZptAntUlLQ8BQaSMXT63v01Gf1tWpw9Ek5zUtm9ubb1oEFct1hidJKoQmCD_7sghZn7eTGqj-WYu36PcQE8FNFupQYNNfxgdkzhse-pGNASEbGsp_Ywh-joUGtbaITkhWZDGMZMR5sCDFc-ycXPPd9qlpXnN467Vn5cyTW4ccxHYQOdT49p-GhikCv1eAr-vHeIBY7NFNfnc6f94nm5I7zkL2ZBNybMPVZ1RNmFLR05vO3Bd9Hh6j2TxJjY5-dvJwFfAs7_K2104U46BQYNK9TzRp-S2NuYF6yIHf7x47vDJ38Kx4Y4X5KdY4rtImcgix9zX1r1ig8g1APhnm0XqRDUr_3KpQm6dI7vfx8APHRXVdQGKX-KtuHQoOPUi1n-N6nhNwvoO9U5_V60kiphfiSHsUPN5vFWzKUJXN0jVUyln1K_aGcWWfg1gbQBb9KanN-qkLbfIPEbRYMeP5dJ04H2xGzm6s40GK4vtwZYd0-hrdGhbwCqjZFUnnQhOZAP3X5zhTwMwdltpS_cZUDZLca-3-NoH1tjfW3gzEyefQ7XrxQbiO9zryvYeh6WCus3ae-3L4LjSEkgMzVYjOVeUsr1VIErrkuysJ7K50s4D8YjuvsnWiYqmyFu_JI9ls60bcUUdIgFwHaSViIy9rkBMlOBvZNyPlO7CDJ3CcajSNok3CFJ_I&sai=AMfl-YQsSFDts2yZkc4yZlPxcMZzyyAloQdq61jfVpxUaIliB3ayZsWU9Ccd1-Kz27CfDYRDVjMH03uMif4ZS5VWVGdVNSj7K4AErg28BST238mMvy8DgaHzsAe3Cn4E3C55ExSAnqeugZX5qclnYBvPw45xqxNPtCtfE9nPt7VyoGF2WoBushtMakBDZNtuq7L1-WQmaGGWGf8c3na_1kJDFes1Eu8jn5XTH0N_CeU4tPXGAG85P7xujkaZ8IJOoh4JU_PRJe-fF_x0nrgGuczqsjiGy2tmMyExMV3qnTSqFg&sig=Cg0ArKJSzIDYrHt-NJmMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=591&vt=11&dtpt=370&dett=3&cstd=218&cisv=r20240207.12091&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Feb 2024 16:17:32 GMT

GET
H2 200 iframe Show response
visuals.kaizengaming.com/scripts/ Frame 1F7A 3 KB
2 KB 104ms
64ms Document
text/html 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c3503fa40192c928239a3b337f722fa4e9f2fb4fc3c838216ce5893929b4b58

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
age: 3227
cache-control: public, max-age=14400
cf-cache-status: DYNAMIC
cf-ray: 8546246feaf89b83-FRA
content-encoding: gzip
content-md5: pRIJ2/N21dbBjDWXiJP+cQ==
content-type: text/html
date: Mon, 12 Feb 2024 16:17:32 GMT
expires: Mon, 12 Feb 2024 20:17:32 GMT
last-modified: Wed, 29 Mar 2023 06:31:05 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d451581a-901e-003d-763c-23a3c8000000
x-ms-version: 2011-08-18

GET
H2 200 index.html Show response
landingpages.kaizengaming.com/de-sport/ Frame 6010 11 KB
4 KB 93ms
73ms XHR
text/html 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/de-sport/index.html
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cda6d1b677e9611646e73ecaae5b0c7fe752d193a1c8cd055151d75927d79e1

Request headers

Accept: */*
Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
content-md5: QDAqGSWITQqGHGr8ID3+KQ==
age: 351758
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: de627cf4-b01e-0066-709b-5a5d22000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8546246fcd6f2be6-FRA

POST
H2 200 8546246adbde18b3 Show response
promos.betano.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5F55 0
314 B 54ms
52ms XHR
text/plain 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/challenge-platform/h/b/jsd/r/8546246adbde18b3

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
cf-ray: 854624704bb518b3-FRA
content-type: text/plain; charset=UTF-8

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C4C 0
26 B 53ms
52ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuowA6NLJTPP7q-WbdJDkyOCt56ExZVMJUU6ticm8-AwxBQEYUs2jlTJHBSQu3Y0BYkLBKnvoCxOem9Qr12y9hrcq6XGtiM40oHMpSl8pQSxcRjTolmVYIp1RkhS3a1oe1xMLjIASuIc3Ggdi6jHFZGJXfKoWBhWOpzMLWF0jOjJ22_uH-SHUDK5NRSFLCO9Ns7DMn53Tw&sai=AMfl-YTqv8XjuflYXHENIQUq2CgxYimhzfcOwJT9b0T5zn41hN_Xftoka21LN3COlZ7wrWP4oy6DOxpUUR8XWXTPnXMudDocGWiB1qp58CoHMtTvOxN2y7ORWy9K_aT-EeQ&sig=Cg0ArKJSzMGlQS1Wb50fEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;...
adservice.google.com/ddm/fls/z/ Frame 011A 42 B
401 B 103ms
54ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785

Requested by

Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CNiSm-uZpoQDFXbLOwIdPnkMJg;src=12738953;type=despo0;cat=despo0;ord=4207355388047;npa=0;pscdl=noapi;gtm=45He4270v79977643za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;tcfd=10001;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12738953.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spn_Sporting_CP2_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 19 KB
19 KB 53ms
41ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Sporting_CP2_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: mwHkbVJHeMadNj4jxLZolA==
age: 1798
content-length: 19119
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B314B28634"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c5a40253-b01e-0014-4a9f-5a5a6d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470cef82bf3-FRA

GET
H2 200 spn_Benfica_2021_8_13_15_24_29_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 28 KB
28 KB 63ms
51ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Benfica_2021_8_13_15_24_29_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: oEUX3HqfuPUvYFG+QZJ9tQ==
age: 18
content-length: 28849
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B31444B9C7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: fad4d721-001e-0063-329f-5a8ff9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470cef92bf3-FRA

GET
H2 200 spn_FC_Porto_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 24 KB
24 KB 63ms
52ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_FC_Porto_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: jSdk+PY50XexolMJPt5Q0Q==
age: 1798
content-length: 24710
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B31470F339"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5954e600-401e-0010-4a9f-5ad76a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470cefc2bf3-FRA

GET
H2 200 spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 25 KB
25 KB 51ms
40ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: JhbPFXjZywCGfmkqf6Kweg==
age: 18
content-length: 25859
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B314A3E269"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a706504d-401e-005d-3d9f-5a1886000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470deff2bf3-FRA

GET
H2 200 spn_Logo_Panathinaikos-01-3%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 19 KB
20 KB 65ms
54ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Logo_Panathinaikos-01-3%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: XMp6ffG72oNhRO1DDx+D8g==
age: 18
content-length: 19885
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B3148E88E0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f9c73969-601e-0038-279f-5ab6c2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df012bf3-FRA

GET
H2 200 spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 19 KB
20 KB 53ms
42ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: ZWskDbpA4tguY75DycNraw==
age: 1798
content-length: 19873
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B314B9B10B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 57a6d0d0-e01e-0044-6a9f-5a983d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df042bf3-FRA

GET
H2 200 spn_apoel%20footer_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 18 KB
18 KB 97ms
86ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_apoel%20footer_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: bqT5Gi69cDmYsDYa4bEKsQ==
age: 18
content-length: 18469
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B3142E9D10"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 66621109-901e-004e-219f-5a3c8a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df082bf3-FRA

GET
H2 200 spn_apollon-logo-210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 23 KB
23 KB 58ms
48ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_apollon-logo-210x210_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: GASNhmiazNjE2gYaQyS6Dg==
age: 1798
content-length: 23572
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B314368B16"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d536ae25-601e-0017-0e9f-5abb09000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df0b2bf3-FRA

GET
H2 200 spn_fcsb%20210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 22 KB
23 KB 63ms
54ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_fcsb%20210x210%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: SBVluZQtT7yiLEiEDAA5aQ==
age: 18
content-length: 22894
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B31477F708"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 3c88553d-901e-0061-729f-5a3141000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df0e2bf3-FRA

GET
H2 200 spn_Sparta.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 5 KB
5 KB 49ms
41ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Sparta.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: /0mt5FHZVIAjX94uZVR7dA==
age: 18
content-length: 5318
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B31508FD92"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d6bf5059-f01e-0058-029f-5aca5d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df102bf3-FRA

GET
H2 200 spn_FC%20Viktoria%20Plzen.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 17 KB
17 KB 58ms
50ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_FC%20Viktoria%20Plzen.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: QZwghOjpQSeiH/VC0Pp+5g==
age: 1798
content-length: 17257
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B314692C33"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5954e613-401e-0010-5a9f-5ad76a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df152bf3-FRA

GET
H2 200 spn_PFC%20Locomotiv.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 17 KB
17 KB 59ms
51ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_PFC%20Locomotiv.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: n8zLW8cpLiU4kbUrGnwtDw==
age: 1798
content-length: 17581
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B314AB344E"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 189ca6cc-901e-003c-3f9f-5a3bc5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df172bf3-FRA

GET
H2 200 spn_atleticologo_whiteoutline_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 15 KB
15 KB 62ms
54ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_atleticologo_whiteoutline_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: exAxLiOKF1ZQ22Z4FzBs+g==
age: 1798
content-length: 15119
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B3143DB5FA"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a1b3452a-901e-0071-429f-5af429000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df1f2bf3-FRA

GET
H2 200 spn_logo_fluminense%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 23 KB
23 KB 59ms
51ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_logo_fluminense%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: 3yDwl8syJHaDX8oSywlAEw==
age: 1798
content-length: 23395
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B3148625B8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: dd11aca9-801e-0020-259f-5a69a5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df252bf3-FRA

GET
H2 200 FBCMELGAR.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 31 KB
31 KB 63ms
56ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/FBCMELGAR.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: laAoZTUUiqFTjoKqlD93JA==
age: 10
content-length: 31523
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B314F5036C"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 19fef9e7-701e-0079-399f-5aee26000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df2a2bf3-FRA

GET
H2 200 KOMETA.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 6 KB
6 KB 63ms
56ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/KOMETA.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: X1Is2lD/8CCkI96L9PqC6Q==
age: 1798
content-length: 6098
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B314FEECF9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 65235e3d-301e-0047-7c9f-5a7959000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df2f2bf3-FRA

GET
H2 200 logo_pce2.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 9 KB
9 KB 92ms
85ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/logo_pce2.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: Wdb5g3cD4eZh2Tm0CyXe6A==
age: 18
content-length: 8998
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B315100165"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 666210db-901e-004e-7c9f-5a3c8a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df322bf3-FRA

GET
H2 200 logo-betano.svg
landingpages.kaizengaming.com/de-sport/ Frame 6010 22 KB
6 KB 61ms
55ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/logo-betano.svg
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: /8PMtJkMzUjtMFEegZIHcw==
age: 18
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: W/"0x8DC28B314277233"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 47855f99-f01e-0048-2e9f-5a0f35000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 85462470df352bf3-FRA

GET
H2 200 topsportsv2.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 17 KB
17 KB 58ms
52ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/topsportsv2.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a318681fde56e313642fb18b5f43413670c66009e33d08cd702c2188ea3efa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: 13sG8fYnsh/QEnU+7VxHAA==
age: 257
content-length: 16986
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:40 GMT
server: cloudflare
etag: "0x8DC28B31538B8F0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: face9430-001e-0063-4f9e-5a8ff9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df3a2bf3-FRA

GET
H2 200 Platzv2.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 18 KB
18 KB 58ms
51ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/Platzv2.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2123cae11f16a1fdf4dc1307a0c6b841a8c574fd25573db5031933e7d24e1736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: Pu+X0y+3Nl184AVhWHvv5Q==
age: 257
content-length: 18292
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B315200488"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 3c7e36cc-901e-0061-059e-5a3141000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df3f2bf3-FRA

GET
H2 200 q12award.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 19 KB
19 KB 94ms
88ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/q12award.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabadc16eecdb46598f1ff3fa33ddfbc9240ca394d4dc49f7fee3637f352e441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: +pH+ucudJ7a4euGLLq175w==
age: 257
content-length: 19130
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B315297900"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8e7b1eb2-401e-0000-299e-5a1202000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df402bf3-FRA

GET
H2 200 q13award.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 19 KB
19 KB 72ms
66ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/q13award.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437ebe9ecca548ef80036ad6e6926f905be50d023b00aaa5d362f6842f4cfda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: j43lOlzzcSq2nhtg7ySvJA==
age: 257
content-length: 19304
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B31531B51B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 480b07e7-001e-0001-589e-5a4dde000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df432bf3-FRA

GET
H2 200 egr_awardv2.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 7 KB
8 KB 94ms
89ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/egr_awardv2.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 402b34b1282c4f27d2e8d6a20b71d48f161592427db4adf7dfe5b947bc457cd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: PZUc7sX0qn18Wtwigyc92w==
age: 257
content-length: 7675
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B31516DE29"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d7ddd71c-f01e-0005-179e-5ac0d9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df442bf3-FRA

GET
H2 200 awd_egr-award-2022-operator-of-the-year.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 4 KB
5 KB 70ms
65ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-operator-of-the-year.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: aXcrchTaRow4V+J4yNZSjQ==
age: 18
content-length: 4512
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B314DD393E"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c45ab554-d01e-002d-5c9f-5aa171000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df452bf3-FRA

GET
H2 200 awd_egr-award-2022-sports-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 5 KB
5 KB 70ms
65ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-sports-betting-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: eXjGNE64RFjnYc6aOBQYqw==
age: 18
content-length: 4692
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:39 GMT
server: cloudflare
etag: "0x8DC28B314E4641C"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f5a21cc8-e01e-0026-219f-5a5a1a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df472bf3-FRA

GET
H2 200 awd_egr-award-2021-football-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 6 KB
6 KB 70ms
66ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-football-betting-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: QL48N56WPpNnD2BJCbdfrQ==
age: 18
content-length: 6010
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:37 GMT
server: cloudflare
etag: "0x8DC28B313A5AB9B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c5a4022b-b01e-0014-289f-5a5a6d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df482bf3-FRA

GET
H2 200 icon-ios.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 6 KB
6 KB 93ms
88ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-ios.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: j0GjjlDNvp6PdAbk4d+Rqg==
age: 18
content-length: 5932
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:37 GMT
server: cloudflare
etag: "0x8DC28B313FA4E82"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 147eeaf3-101e-0050-599f-5ad052000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df4b2bf3-FRA

GET
H2 200 icon-android.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 6 KB
6 KB 60ms
56ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-android.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: Xcsdo6ehQR3VQfTMT595Zw==
age: 18
content-length: 5944
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:37 GMT
server: cloudflare
etag: "0x8DC28B313E36E9D"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 7060a8fb-101e-0040-679f-5a153a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df4f2bf3-FRA

GET
H2 200 icon-instagram.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 2 KB
2 KB 90ms
86ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-instagram.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: AUubypnMN2JeRlPkf9zpnQ==
age: 1798
content-length: 2235
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:37 GMT
server: cloudflare
etag: "0x8DC28B313F1EB61"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 3016cc78-001e-002e-4e9f-5a4015000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df502bf3-FRA

GET
H2 200 icon-facebook.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 1 KB
2 KB 91ms
87ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-facebook.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: DmyyMSlBYTT52o9Zn45TeA==
age: 1798
content-length: 1446
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:37 GMT
server: cloudflare
etag: "0x8DC28B313EA7268"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6e51ce12-d01e-003d-5f9f-5a6419000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df512bf3-FRA

GET
H2 200 icon-youtube.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 2 KB
2 KB 70ms
66ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-youtube.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: Io37aBC4ERo7T8rJ2LvIeQ==
age: 1798
content-length: 1674
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:38 GMT
server: cloudflare
etag: "0x8DC28B3140FF620"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d6bf5038-f01e-0058-659f-5aca5d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df542bf3-FRA

GET
H2 200 icon-linkedin.png
landingpages.kaizengaming.com/de-sport/ Frame 6010 2 KB
2 KB 69ms
66ms Image
image/png 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-linkedin.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: HIT
content-md5: T9Bl2/9ajIjSJ/Oj1zQkFw==
age: 10
content-length: 1615
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Feb 2024 14:34:37 GMT
server: cloudflare
etag: "0x8DC28B314015252"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: fd00e635-501e-006e-049f-5a472d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 85462470df582bf3-FRA

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 56ms
39ms Fetch
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 / Show response
servg.playstream.media/api/adserver61/vast/ Frame 034D 855 B
1 KB 218ms
134ms XHR
text/xml 2a02:26f0:480:25::1726:6211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://servg.playstream.media/api/adserver61/vast/?AV_PUBLISHERID=6298968cb046bd3825475e07&AV_CHANNELID=62e3d3baa053aa728e1e24a7&AV_URL=https%3A%2F%2Feverardoherrera.com%2F&cb=1707754651465&AV_WIDTH=432&AV_HEIGHT=243&logo=false&hidevpaid=1&vad_type=linear&_timestamp=1707754651465
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8411d2ecdd0e4d5587eea7f76890cbfa391f2c223ed3faa9f518d622099b648e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
date: Mon, 12 Feb 2024 16:17:32 GMT
x-bamboo-wl-track: track1.aniview.com
content-length: 528
pragma: no-cache
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-wl-player: https://player.aniview.com
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-bamboo-wl-serve: gov.aniview.com
access-control-allow-origin: https://imasdk.googleapis.com
content-type: text/xml
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Mon, 12 Feb 2024 16:17:32 GMT

GET
BLOB 200
OK fcb5a977-6409-4615-8e6e-5db66d10aa96
https://promos.betano.de/ Frame 6010 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promos.betano.de/fcb5a977-6409-4615-8e6e-5db66d10aa96
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 6010 2 KB
722 B 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 15:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 12 Feb 2024 16:44:15 GMT

GET
H3 200 234568464078651 Show response
connect.facebook.net/signals/config/ Frame 6010 53 KB
11 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234568464078651?v=2.9.145&r=stable&domain=lp.cleverwebserver.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb4b06c59d51551337b736103850a2eca99f90b8ea64557ea8753b38fe784a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Feb 2024 16:17:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11013
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: nl3GqErQ4UDK+PoBfPK5Jnq0gCNd4Bq9CWiIrMVTNAnYQ3D6+bWXiX1nDrH8iSFSbEBjEBqL7L0gq1D7AH0UjA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 64ee070c262380ef28e936b2 Show response
visuals.kaizengaming.com/a/ Frame 1F7A 64 KB
21 KB 64ms
64ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
cache-control: public, s-maxage=10
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 854624718d559b83-FRA
content-type: application/javascript

GET
H2 204 137000673.js Show response
bat.bing.com/p/action/ Frame 6010 0
116 B 33ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137000673.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 12 Feb 2024 16:17:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A471A2D4FEEE4D638CBDFB13700E88FA Ref B: FRAEDGE1406 Ref C: 2024-02-12T16:17:32Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 6010 0
285 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=fc947ac8-5793-4fa7-b2db-10f39139edde&sid=39b5e340c9c211ee9ea7519a9a8caa35&vid=39b61040c9c211eeabb04119c036fb79&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BETANO%20MODE&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=661&evt=pageLoad&ifm=1&sv=1&rn=572241

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 16:17:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5652485122684686BB3551AB82E43A24 Ref B: FRAEDGE1406 Ref C: 2024-02-12T16:17:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/763238947/ Frame 6010 42 B
108 B 31ms
30ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763238947/?random=1707754651999&cv=11&fst=1707753600000&bg=ffffff&guid=ON&async=1&gtm=45He4270v79977643za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_q0jyIxUTLandthglye6jUE0-dGkGXbt5-YiVBM_Rx7-zOmN-&random=4174085813&rmt_tld=0&ipr=y

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/763238947/ Frame 6010 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763238947/?random=1707754651999&cv=11&fst=1707753600000&bg=ffffff&guid=ON&async=1&gtm=45He4270v79977643za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_q0jyIxUTLandthglye6jUE0-dGkGXbt5-YiVBM_Rx7-zOmN-&random=4174085813&rmt_tld=1&ipr=y

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

main.js Show response
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 91F3
Redirect Chain

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

18ms
18ms

Script
application/javascript

2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=

Protocol

Server

2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce732e8eb9c298987ed913e7363bb5f0b101dd6d792b2ec5c01b70effee1b98f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 854624726e909b83-FRA

Redirect headers

date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control: max-age=300, public
cf-ray: 85462471eddc9b83-FRA

GET
H2 200 59013e41-1b63-4d8e-a887-ea6d3795d988.js Show response
tr.snapchat.com/config/de/ Frame 6010 177 B
446 B 185ms
114ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js?v=3.10.0-2402092239

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
Origin: https://promos.betano.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://promos.betano.de
x-envoy-upstream-service-time: 95
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 7697 0
201 B 90ms
22ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=b8b8c17b-7e54-4141-bef4-f1de910d5146&u_sclid=687dc384-d717-4391-af82-de157ea700f9

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 12 Feb 2024 16:17:32 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ Frame 6010 68 B
299 B 90ms
22ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pids=59013e41-1b63-4d8e-a887-ea6d3795d988&u_c1=091d8ab1-5cf6-4cab-b571-8d47bb2bd513&u_sclid=687dc384-d717-4391-af82-de157ea700f9&u_scsid=b8b8c17b-7e54-4141-bef4-f1de910d5146&bt=1d53c387&d_bvs=%5B%5D&huah=true&if=true&m_dcl=661&m_ic=true&m_pi=648&m_pl=0&m_pv=2&m_rd=1406&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=a7f2156f-d89d-4570-aa0a-1082ece6b953&ts=1707754652522&v=3.10.0-2402092239

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H2 204 csi
csi.gstatic.com/ Frame 034D 0
54 B 241ms
241ms Ping
image/gif 2404:6800:4005:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lsj50yjb&c=2009621240441&slotId=1004810620220.5&eee=missing-element&bi=missing-id&vast_v=2.0&vmfc=1&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:801::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1C4C 43 B
215 B 108ms
108ms Image
image/gif 2600:1f18:1aca:4280:bdb4:8050:697b:3322
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=c8c81e48-f1fd-b903-e5d2-6ffdf707d718&tv=%7Bc:41Nhoi,pingTime:-10,time:742,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE2MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1707754652589%7C%7C80592e09f515d4e5b97b495db997eda3%7C%7Ccb83d64b66ce79c8180112a4f5eea90d%7C%7C89afc9bcb6146cea76bd8a8d98ee8ccb%7C%7Cfe1bc3dc887bf9453895fc606761646f%7C%7C6514bcd34d4b8a38a00ef2a9d369c87f%7C%7C03f43e86e66cea3443fc8d0b92043d18%7C%7C547901a55d812a41be4900f6dfaa1032%7C%7C1663701684,im:%7Bpci:%7Btdr:207%7D%7D,env:%7Bgcd2:%7Bappl:1,cnst:na%7D%7D%7D
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bdb4:8050:697b:3322 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ Frame 6010 0
185 B 32ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1707754652602&sw=1600&sh=1200&v=2.9.145&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.2.1707754652601.1034785953&ler=other&cdl=API_unavailable&it=1707754652348&coo=false&exp=e3&rqm=GET

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Feb 2024 16:17:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
api-js.datadome.co/js/ Frame 6010 230 B
408 B 60ms
9ms XHR
application/json 3.66.83.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: dd.betano.de
URL: https://dd.betano.de/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.83.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-83-174.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 8f4a80b296569a5464392a12d3ccb034a39dd07a644a87a7dab84d12314e162d

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 230
expires: 0

GET
H2 200 document.000000CF16561F.js Show response
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/ Frame 1F7A 177 KB
27 KB 28ms
27ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/document.000000CF16561F.js
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: rIrlDQ43Y2HScKgRpGejWA==
age: 1243
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 15:35:17 GMT
server: cloudflare
etag: W/"0x8DBE6B9A2912048"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d8cfdf75-801e-006c-57c0-213e44000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2011-08-18
cf-ray: 85462472df3b9b83-FRA
expires: Tue, 11 Feb 2025 15:56:49 GMT

GET
H2 200 animated-creative.381532d5d5de3962867f.js Show response
visuals.kaizengaming.com/scripts/ Frame 1F7A 156 KB
53 KB 25ms
25ms Script
application/javascript 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 7/+J+TpFL/6K7/yG6MNwEg==
age: 1243
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 09:16:12 GMT
server: cloudflare
etag: W/"0x8DBE4F258FA183A"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4cf06cbc-901e-005f-1b83-2261ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2011-08-18
cf-ray: 85462472df3d9b83-FRA
expires: Tue, 11 Feb 2025 15:56:49 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 034D 0
54 B 240ms
240ms Ping
image/gif 2404:6800:4005:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lsj50z9g&c=2009621240441&slotId=1004810620220.5&fb=ima_html5-lima&sdkv=h.3.619.0&mrd=4&aab=1&itv=1&ghmsh_eids=44731965%2C44772139%2C44777649%2C44781409%2C44797014%2C44806075%2C95321947%2C95322027
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:801::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 5643592
c.bannerflow.net/tr/blocked/64ee070c262380ef28e936b2/ Frame 1F7A 0
141 B 82ms
47ms Ping
text/plain 2606:4700::6811:c96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/blocked/64ee070c262380ef28e936b2/5643592
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visuals.kaizengaming.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 854624734ac40404-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 57A2 58 KB
20 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70a084c2b59a56c677430b1c0dbcd7d114dce2702774c103ca2a400c3ebeff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20906
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 23:32:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Mon, 12 Feb 2024 16:27:06 GMT

POST
H2 200 8546246feaf89b83 Show response
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 91F3 0
295 B 37ms
36ms XHR
text/plain 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/b/jsd/r/8546246feaf89b83
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 85462473a8989b83-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 1x1.gif
a.mgid.com/ Frame 6010 43 B
107 B 165ms
164ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Flp.cleverwebserver.com%2F&nv=0&clid=&d=1707754652762

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_24785b_2931c_CABAEFLAFCDAADE&utm_medium=431&utm_source=2&siteid=24785

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 85462473dfb56650-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 034D 0
54 B 240ms
240ms Ping
image/gif 2404:6800:4005:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lsj50zbc&c=2009621240441&slotId=1004810620220.5&fb=ima_html5-lima&sdkv=h.3.619.0&mrd=4&aab=1&itv=1&ua_e=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.619.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:801::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr6.snapchat.com/ Frame 6010 0
42 B 50ms
22ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
14 B 58ms
25ms Fetch 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E39D 0
25 B 40ms
39ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5xqrm0TKZdvuGdrRjuwPgYa_-AoAAAAAOAHgBAI&bg=!MDOlM3zNAAY9UbWqHVE7ADQBe5WfOLNxh-66mcyNG0SczdB9NlnMOmOkPbDtrpLSJjAQflG3iB0ehiDWGhkZp7fGgL31AgAAAjtSAAAABGgBBwoATkufbRt2SUZYjKl_dcnfjVLC1gbl-I_Pxk8Kbdv9bomFixIkV-F3n1mtsgydqqYxfxBvsprdHR1JDL968CDxkHAw_tj5UfN9pWgOT5Ne75kC6_vK0H7awHr6FWNZ3ce0tJKGcQp0lpdOrvyi_v3yCTbg3PJK5GEFgisEK8S-eaquCWlssM06Bl_2ofortdsxLmSp0fc28tLl_4w9sQYQlqRm6zsn_HDp5mrAqXtZ7goktbbsALJ5QvPzKN8oVRWK4MdT9unXWCy1vI7-NtnH_MAkFy7_2JGgc5hF1xsTNwhDpAlRDgnqst4vVytFM0XrymksfJGv-_m8CYeBDSsy80fLzBHFjhEuS3V_MZvpvioETzQqbbdwYq2FriWWcHuIwSNetfLd42_cIWcdCxe2X3iosakLCjj5J1gdUj2Xu0lChdRGMs2rySdCwQiO0WjVH_hxKqiB41S3DCP1Py8y4Tl2Ll2Arh39joDDpu2cuEhh8jfDnVeC1qjZFI8mG5_T53FGj3J0YSDxhTqddZZXHuX00J10lMI0c9TWODjdScPg2yFQl55DuJkUBXykt4nWnDxCXwmBHF2G-0Tpg2QigQTXm_Rk65lFjCIB6Vac8yc9wKeNhwWUOLQxZnxujFi9C8wcrAWMeiJpr3XJ03hPOXoymurC_kEeJ9NWLd1vwas3M-rsG4g7CcvRhV-Z1noROtBVVp5_xEt_oCmRGGOEaQ65s6vr5ugp9aBNZg71iCL6fnSGUWO_G0sVt-txL9nKkx-LhDDNZOX9v_iSELtMD5e5Egy06NozAnRpajr7ldmcY5p1ug6COBlRKgSPgKU0ZMm-EZj_Ol8GRbwCd65IOZW_7QiCfnCImUA6b50ZFOh6F3ENj8TumlQCcMUW05Aew5zrlcsQcqfAKUdHNzjz_KGDUvU7xR7QHSDi8eIszxYOgcAyHkFQkskSLorVB-xz95g4hdIpih2v8FmIhd-32X7ZHPA_ZW_-Q-dvbleoojw7i7jE2irUFzstxHbF_aodqlveG11e_Mhdq1hdLuSG95trYeTGDP02YZ35HiIlTAxprepybfBamcldAlE-SOyQLA8-dzeoRReZuLgCyw

Requested by

Host: everardoherrera.com
URL: https://everardoherrera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 57A2 473 KB
136 KB 89ms
8ms Script
text/javascript 2a02:26f0:480:33::212:40c5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=6298968cb046bd3825475e07
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40c5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8db8b0d4ea3c0aafaee31fb6e68ba840c8f95096923bc986a6e7bf96daeb3ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 16:17:32 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABPtcPonEsRkwbDqLmAAYLOSxVjPzhgj286gBWdhaLSrTJIvgEEfstGkI003_xi1vm51F6Cyxcs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 138816
Last-Modified: Mon, 12 Feb 2024 15:32:24 GMT
Server: UploadServer
ETag: "fd2dcce3ca3ca1db6d59323899a049a8"
Vary: Accept-Encoding
x-goog-generation: 1707751944118273
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-goog-hash: crc32c=Oaf9aQ==, md5=/S3M48o8odttWTI4maBJqA==
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, no-transform, max-age=900
x-goog-stored-content-length: 138816
Accept-Ranges: bytes
Expires: Mon, 12 Feb 2024 16:32:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240208&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c1be6136a1c866d7ec41cb7adf5fc83fc5b964ac391f3f692f6add0da49c2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12138
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1F7A 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 464d820d-dc87-4a3f-a653-b0d6ffff7a67 Show response
https://visuals.kaizengaming.com/ Frame 721E 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://visuals.kaizengaming.com/464d820d-dc87-4a3f-a653-b0d6ffff7a67
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H3 200 a
www.googletagmanager.com/ Frame 6010 0
11 B 15ms
15ms Image
text/html 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1234011142&rv=4270&u=AAAAggAIAAAAACAAAAAAEA&h=Ag&gtm=45je4270v9169229084za200&ccid=169229084&cid=G-SJLCV23YJW&l=L576.S26.B19.E617.I648.EC7.TC33.HTC0~gtm.init.S0.V0.E159.TS5ogtcrossdomain.TI16.TE3.TS5ogtautoevents.TI18.TE0.TS5ogtreferralexclusion.TI19.TE0.TS5ogt1pdatav2.TI20.TE0.TS5ccdgalast.TI21.TE0.TS5ccdautoredact.TI22.TE0.TS5ogteventcreate.TI23.TE0.TS5ogteventcreate.TI24.TE0.TS5ogteventcreate.TI25.TE0.TS5ogteventcreate.TI26.TE0.TS5ogteventcreate.TI27.TE0.TS5ogteventcreate.TI28.TE0.TS5ogteventcreate.TI29.TE0.TS5ogteventcreate.TI30.TE0.TS5ogteventcreate.TI31.TE0.TS5ogteventcreate.TI32.TE0.TS5ogteventcreate.TI33.TE0.TS5ogteventcreate.TI34.TE0.TS5ogteventcreate.TI35.TE0.TS5ogteventcreate.TI36.TE0.TS5ogteventcreate.TI37.TE0.TS5ogteventcreate.TI38.TE0.TS5ogteventcreate.TI39.TE0.TS5ogteventcreate.TI40.TE0.TS5ogteventcreate.TI41.TE0.TS5ccdconversionmarking.TI42.TE0.TS5ccdempageview.TI43.TE1.TS5ccdgaregscope.TI44.TE0.TS5ogtgooglesignals.TI45.TE0.TS5ccdgaadslink.TI46.TE0.TS5setproductsettings.TI47.TE0.TS5ccdgafirst.TI48.TE0~gtm.js.S0.V0.E144.TS5gct.TI13.TE0~*.S0.V0.E52~gtm.dom.S0.V0.E52~gtm.scrollDepth.S0.V0.E95~gtm.load.S0.V0.E13~gtm.init_consent.S1.V0.E69

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:32 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 1F7A 3 KB
4 KB 41ms
41ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F4391e467-37b3-4742-bea0-3fd8d7724a46.woff&t=%20EGIJNRSTZ
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497348e51ea27e714889eaab2cd8486a0b12ecf269ea35f3f7c35d1250b457b9

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:36:01 GMT
server: cloudflare
age: 5294492
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=4391e467-37b3-4742-bea0-3fd8d7724a46-subset.woff
cf-ray: 854624754b239b83-FRA
expires: Tue, 11 Feb 2025 16:17:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 16:17:33 GMT

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 573 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 528 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 224 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 / Show response
gov.aniview.com/api/adserver/tag/ 16 KB
3 KB 678ms
267ms XHR
application/json 173.0.146.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Feverardoherrera.com%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=6298968cb046bd3825475e07&AV_CHANNELID=62e3d3baa053aa728e1e24a7&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=everardoherrera.com&AV_DADPOS=1&AV_GPID=/6298968cb046bd3825475e07/62e3d3baa053aa728e1e24a7/everardoherrera.com&d36=6.2.173&responsive=1&sver=4&avtoken=653069&omv=1.0.1&clsid=48b5e11a-2d6e-4ab0-8704-42f8f756a282&rando=81&scnt=1&AV_WIDTH=432&AV_HEIGHT=243&AV_DNT=0&cb=1707754653072&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=6298968cb046bd3825475e07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.0.146.5 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 3b5783a70f7eeddfbf56b3c0c17ec8ede985c196cf9f2c2591150484381c55a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://everardoherrera.com
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Thu, 01 Feb 2024 02:30:53 GMT

GET
H2 200 track
track1.aniview.com/ 0
143 B 313ms
95ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=everardoherrera.com&sn=&ic=0&tgt=1&app=&wi=432&he=243&test=&d36=6.2.173&apppkg=&fv=1&proto=https&clsid=48b5e11a-2d6e-4ab0-8704-42f8f756a282&rando=81&scnt=1&pid=6298968cb046bd3825475e07&cid=62e3d3baa053aa728e1e24a7&stagid=&stplid=&e=inventory&vi=100&cb=1707754653071
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 p
tr.snapchat.com/ Frame 6010 0
89 B 20ms
19ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://promos.betano.de
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 1F7A 17 KB
17 KB 44ms
43ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F043e3f84-365c-4321-9c90-7c1294855724.woff&t=%2008ACDEHILNSTVabcdefghilnorstuz%E2%82%AC
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4400edf65fd8568a5cbb075ba6163f107075cb3f88ce6ce2472383d6309ff989

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:37:20 GMT
server: cloudflare
age: 5294413
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=043e3f84-365c-4321-9c90-7c1294855724-subset.woff
cf-ray: 85462475cbf19b83-FRA
expires: Tue, 11 Feb 2025 16:17:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 992F 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 14:59:30 GMT
expires: Tue, 11 Feb 2025 14:59:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A755 829 B
559 B 28ms
27ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9bf8e1c20f70bb4045945ba461f19c17579ba40d4beffb657145b3d04c21c40b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YVdPu4hbu4zMBLNuX47osg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YVdPu4hbu4zMBLNuX47osg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 16:17:33 GMT
expires: Mon, 12 Feb 2024 16:17:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 992F 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 14:23:13 GMT

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 1F7A 6 KB
6 KB 34ms
34ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Fb2261d2b-270d-4a56-995b-9f25df05ffcd.woff&t=%20%25-012ABEFINORSTUW%E2%82%AC
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4e3e58eddeee41095d85f963a15fadbfe38517d06b418710059637840c9f6a

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:37:22 GMT
server: cloudflare
age: 5294411
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=b2261d2b-270d-4a56-995b-9f25df05ffcd-subset.woff
cf-ray: 854624764c9e9b83-FRA
expires: Tue, 11 Feb 2025 16:17:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A755 0
0 41ms
41ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240208&jk=283109826932713&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 1F7A 5 KB
5 KB 54ms
54ms Font
font/woff 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F0ff439d2-b12a-430f-bbee-4de7ec22a2af.woff&t=%20ACDEHIKLMNOPRSTW
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb588f9a7cda5153f6b4b89358fcc21afd8775a8225d00f961d4f8f821ac7c1

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:37:23 GMT
server: cloudflare
age: 5294410
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=0ff439d2-b12a-430f-bbee-4de7ec22a2af-subset.woff
cf-ray: 85462476bd4f9b83-FRA
expires: Tue, 11 Feb 2025 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 331 KB
331 KB 43ms
38ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e92197129aecaf35c518bc000e28387636830eaf53b04df541b65d957e30187

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 03:58:53 GMT
api-supported-versions: 2.0
server: cloudflare
age: 44320
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8546247898119b83-FRA
content-length: 338488
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 52 KB
52 KB 73ms
69ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe77d9c26-6f64-4321-aa40-30bf97eaa85e.png&w=264&h=327&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40714c38741e78da35a34e2f973eaf1f4d69956ba9dd827340609eaff188a6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 06:00:49 GMT
api-supported-versions: 2.0
server: cloudflare
age: 37004
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a8149b83-FRA
content-length: 53582
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 27 KB
27 KB 76ms
72ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F251cd259-6273-46b5-bbf2-d9de173c45ee.png&w=217&h=217&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 417186ebb1382dd7464e229087604d82adbebc20ac5c1352d07260c305982313

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 03:58:52 GMT
api-supported-versions: 2.0
server: cloudflare
age: 44321
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a8169b83-FRA
content-length: 27282
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 9 KB
10 KB 42ms
38ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fd8aa5a9f-d88c-48e4-816d-106a562da729.png&w=133&h=185&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da3d58398fd23ffd5438cfc241ec3848bd1a8954f1ca43c0664821d85e1501b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 03:58:52 GMT
api-supported-versions: 2.0
server: cloudflare
age: 44321
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a8179b83-FRA
content-length: 9694
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 8 KB
8 KB 55ms
51ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fc0d9d4c9-d111-4df6-949b-4916fa35a25c.png&w=125&h=120&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd057077df0f8d73f7541c6dd4d1661fbfddc96a42fc6efac960fdb9ea2eca2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 03:21:24 GMT
api-supported-versions: 2.0
server: cloudflare
age: 46569
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a8199b83-FRA
content-length: 7956
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 3 KB
3 KB 75ms
71ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F6fa76e81-1a2f-4336-a8b6-1baee8c06025.png&w=90&h=37&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0bc77d2a675a45821a556c87577281cb43b78ea841918353c853fcb46343d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 09:52:25 GMT
api-supported-versions: 2.0
server: cloudflare
age: 23108
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a81a9b83-FRA
content-length: 3274
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 13 KB
13 KB 63ms
60ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff9124f75-1c52-4bea-af06-084d845e611d.png&w=162&h=164&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d117e8e27c53de89a9a745b4ec6b81b67bd34dedce47299f03f63ec36f6f1703

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 03:21:24 GMT
api-supported-versions: 2.0
server: cloudflare
age: 46569
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a81c9b83-FRA
content-length: 12836
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 25 KB
25 KB 77ms
73ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fcb9e21a8-9abc-4102-a538-be570b2404b3.png&w=356&h=254&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3c7a06af8cbcc57ab1357cf2aee09a8a5c4b1ca952fd04574d74e39c16b9de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 04:40:48 GMT
api-supported-versions: 2.0
server: cloudflare
age: 41805
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a81f9b83-FRA
content-length: 25686
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 169 KB
169 KB 69ms
65ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F532cefbc-9131-47e7-b840-a3e13b61dfe8.png&w=604&h=697&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d13fa16dd90c9a98adad742297f52d8734587ca23ec50854d8357dce976aee9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 03:58:53 GMT
api-supported-versions: 2.0
server: cloudflare
age: 44320
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a8219b83-FRA
content-length: 173194
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 6 KB
6 KB 66ms
63ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff1514e3a-d99a-4082-a246-cf6c57fa525d.png&w=150&h=80&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f845ec41f8be39d4cf392d2c46479979f8a4c75d36d0c85e9f9a1de3d9fbf5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 06:00:50 GMT
api-supported-versions: 2.0
server: cloudflare
age: 37003
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a8229b83-FRA
content-length: 5970
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 8774 7 KB
7 KB 74ms
70ms Image
image/webp 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F7a763a39-7916-445d-8fae-a6216e685905.png&w=174&h=69&q=99&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b58821d59cf28d91179aaa00128e9badc6073f09a71e432923c54edf2d27326

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Feb 2024 05:57:21 GMT
api-supported-versions: 2.0
server: cloudflare
age: 37212
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 85462478a82c9b83-FRA
content-length: 6708
expires: Tue, 13 Feb 2024 16:17:33 GMT

GET
H2 200 a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 462 B
483 B 65ms
62ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: db1RviXCYsfCGJyPhdZBgQ==
age: 1684
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB98082775296F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4cf01a87-901e-005f-6783-2261ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a82e9b83-FRA
expires: Mon, 12 Feb 2024 19:49:29 GMT

GET
H2 200 e97b0b38-2076-4e93-b438-b20020972f61.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 712 B
543 B 74ms
72ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/e97b0b38-2076-4e93-b438-b20020972f61.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Wj2Rm4rI4ts1bvK6/OwKuA==
age: 1735
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808278220AD"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8861cae2-201e-004a-155e-14765c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a82f9b83-FRA
expires: Mon, 12 Feb 2024 19:48:38 GMT

GET
H2 200 6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 716 B
545 B 37ms
34ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: wOI1kvcZ2lxVvarwrZkpVw==
age: 1720
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827807321"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 494b58cc-901e-003d-7dfe-23a3c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a8309b83-FRA
expires: Mon, 12 Feb 2024 19:48:53 GMT

GET
H2 200 44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 699 B
516 B 36ms
34ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 6T5iHY4kR/cqRXlJfcIgeg==
age: 1667
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827A0A29B"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cac10844-a01e-006b-1a6f-555227000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a8329b83-FRA
expires: Mon, 12 Feb 2024 19:49:46 GMT

GET
H2 200 50881c1d-287e-498a-abef-0967eee64053.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 705 B
519 B 64ms
61ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/50881c1d-287e-498a-abef-0967eee64053.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: OGNNML/bbmYzG3WVI4K2vw==
age: 1667
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB98082797A2B0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b10b840e-501e-0050-42f9-231783000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a8339b83-FRA
expires: Mon, 12 Feb 2024 19:49:46 GMT

GET
H2 200 68caeb64-8770-4732-8cdc-b287d26e232f.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 711 B
805 B 35ms
33ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/68caeb64-8770-4732-8cdc-b287d26e232f.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: H8vQZgECIVhMUK6iBn/x3A==
age: 1667
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808278D9165"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9fb587c9-a01e-0054-3c49-149a84000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a8369b83-FRA
expires: Mon, 12 Feb 2024 19:49:46 GMT

GET
H2 200 c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 713 B
521 B 61ms
59ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: PGPRbIvWC6EgP2XMl5G9Xw==
age: 1720
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808279A137F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4f744b49-101e-0041-0abe-218d37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a8379b83-FRA
expires: Mon, 12 Feb 2024 19:48:53 GMT

GET
H2 200 d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 701 B
521 B 39ms
38ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kbsYe45EOgyN0lklvpvsrA==
age: 1720
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808279B4BE1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 63adbf05-701e-0025-6059-237caf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a83a9b83-FRA
expires: Mon, 12 Feb 2024 19:48:53 GMT

GET
H2 200 4d170477-b2d8-4716-ba89-5383a384fb5e.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 701 B
548 B 69ms
67ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/4d170477-b2d8-4716-ba89-5383a384fb5e.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: CP5dckuzFGRJ6dKK7x8ltA==
age: 1725
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827905047"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e33954ca-501e-0022-05d2-2110cc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a83b9b83-FRA
expires: Mon, 12 Feb 2024 19:48:48 GMT

GET
H2 200 721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 2 KB
1 KB 75ms
74ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: dIIZsAgREGCk+L7z+CtKvA==
age: 1476
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 10:33:34 GMT
server: cloudflare
etag: W/"0x8DB998D3FC6613A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ae207750-d01e-0013-7140-23f1df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a83d9b83-FRA
expires: Mon, 12 Feb 2024 19:52:57 GMT

GET
H2 200 7d019101-6c40-47bf-b456-9289e9bf3d69.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 454 B
493 B 38ms
37ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/7d019101-6c40-47bf-b456-9289e9bf3d69.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Fe9zUTUCieFRBF6mOTWgjw==
age: 1720
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 09:01:14 GMT
server: cloudflare
etag: W/"0x8DB97EE04CD7BF6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 69271daa-601e-0064-1565-0c1cbe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a83f9b83-FRA
expires: Mon, 12 Feb 2024 19:48:53 GMT

GET
H2 200 f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 8774 2 KB
1 KB 63ms
62ms Image
image/svg+xml 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 52m6i3E5yoDqe8bIckaoJg==
age: 1476
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 09:01:14 GMT
server: cloudflare
etag: W/"0x8DB97EE04CF5095"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: cef65eb4-101e-0033-361b-198a78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 85462478a8409b83-FRA
expires: Mon, 12 Feb 2024 19:52:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 992F 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?M8o0KQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C4C 0
25 B 47ms
47ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1884406447533&version=m202401290101&ct=76&x=1&cor=9803343979658904000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
visuals.kaizengaming.com/tr/v2/pixel/ Frame 1F7A 0
84 B 48ms
48ms Ping
text/plain 2606:4700:4400::6812:28b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/tr/v2/pixel/
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 85462479490c9b83-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 track
track1.aniview.com/ 0
142 B 97ms
97ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=everardoherrera.com&rs=everardoherrera.com&sid=83984&t=1707754653&cip=178.162.209.130&sn=&tgt=1&osv=10&bv=121.0&brn=Chrome&wi=432&he=243&app=&AV_PUBLISHERID=6298968cb046bd3825475e07&test=&d64=77881cdef6a7573d8824ba5d802e0af5&d63=77881cdef6a7573d8824ba5d802e0af5&aafaid=&proto=https&uid=1707754653548-172024139007-000821-012-008213&stagid=&stplid=&d35=&d36=6.2.173&cb=5222986144&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=432&AV_HEIGHT=243&&ppid=6298968cb046bd3825475e07&nid=5e7b9048180bd02ded4b0937&pcid=62e3d3baa053aa728e1e24a7&ncid=62e3d35f70b32833b66ab5c4&pasid=62e3d3baa053aa728e1e24a6&e=request&cb=1707754653763&asid=657842899c9a3f9c65078d04%2C65784292acfe33a1fc0eddd5%2C65784284f4354bcff70c47f7&ofpr=%2C%2C&fpo=%2C%2C&ri=1%2C1%2C1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 3261 286 KB
71 KB 29ms
29ms Script
application/javascript 18.245.144.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=6298968cb046bd3825475e07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.144.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-144-237.lhr5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:31 GMT
content-encoding: gzip
via: 1.1 01f803d1e7c713d110bffe7b82d3cb2c.cloudfront.net (CloudFront), 1.1 54b736c8a06d70ac689481ee738cbc60.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:08 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C4, LHR5-P1
age: 3
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: pBItiA7d5YlHVZdDyyaJDAMU-fQ_0fYsfF2NmEICu8MzdSH_ZsLFoA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3261 6 KB
3 KB 28ms
28ms XHR
application/javascript 18.245.144.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.144.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-144-237.lhr5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 55bef38e734117ff8ff4a83214717dc8.cloudfront.net (CloudFront)
date: Mon, 12 Feb 2024 03:19:01 GMT
x-amz-cf-pop: LHR5-P1
age: 46713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: MuUqTa9fEcfKvim6ni6PlXeQzJ7sbaqdwO17MTSyBlEOqZ_BKZIDYQ==

GET
H2 200 5d8ed25e-57cc-441a-b62a-127b34faae4e Show response
config.aps.amazon-adsystem.com/configs/ Frame 3261 564 B
829 B 9ms
8ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/5d8ed25e-57cc-441a-b62a-127b34faae4e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7791e42b68f5ba132a4766364f63afb24c3d3f1f61be9f42ced5f2ae65e6dcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 15:55:26 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1327
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: eB7_E9WtSkoPJeXnLBgePVT2okKKXXnvTSPDBlQTTvjCvq4_nnilHQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 3261 0
303 B 103ms
103ms XHR
text/plain 18.245.144.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Feverardoherrera.com&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.144.237 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-144-237.lhr5.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
via: 1.1 54b736c8a06d70ac689481ee738cbc60.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: LHR5-P1
x-cache: Miss from cloudfront
access-control-allow-origin: https://everardoherrera.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: fR8vTbKXoDWQt8j-arj49nTqT-Yetac4SfstDEUlq8Qy5fif3L_yjQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 3261 23 B
359 B 64ms
64ms XHR
text/javascript 3.161.124.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Feverardoherrera.com%2F&pid=kohBTZD41NMyx&cb=0&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22id%22%3A%22PS_Video_Instream_400x300_Web%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!playstream.media%2C6298968cb046bd3825475e07%2C1%2C%2C%2C!playstream.media%2C5d8ed25e-57cc-441a-b62a-127b34faae4e%2C1%2C%2C%2C&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.124.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-124-29.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
via: 1.1 2f7f18f98d1604cf94a8543646364946.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: s-Q4WA-huQy8gxSBOevBBTkFstjZa6J780pCkNKoNdRtgHWEqwg9AQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 3261 23 B
359 B 81ms
80ms XHR
text/javascript 3.161.124.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Feverardoherrera.com%2F&pid=kohBTZD41NMyx&cb=1&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22id%22%3A%22PS_Video_Instream_400x225_Web%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!playstream.media%2C6298968cb046bd3825475e07%2C1%2C%2C%2C!playstream.media%2C5d8ed25e-57cc-441a-b62a-127b34faae4e%2C1%2C%2C%2C&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.124.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-124-29.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
via: 1.1 2f7f18f98d1604cf94a8543646364946.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1F7AstU2aRW5JiLkPh7ji9xKCIGoCI650LPdF1IdjNGWyKYvA7ow4w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 3261 23 B
359 B 72ms
72ms XHR
text/javascript 3.161.124.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Feverardoherrera.com%2F&pid=kohBTZD41NMyx&cb=2&ws=1600x1200&v=24.205.1508&t=8000&slots=%5B%7B%22id%22%3A%22PS_Video_Instream_640x480_Web%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!playstream.media%2C6298968cb046bd3825475e07%2C1%2C%2C%2C!playstream.media%2C5d8ed25e-57cc-441a-b62a-127b34faae4e%2C1%2C%2C%2C&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.124.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-124-29.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:33 GMT
via: 1.1 2f7f18f98d1604cf94a8543646364946.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: CA6vI0cAJRXUWFoEhuiVPTxkqAjhN7tLDN_0lf0xfzJg6g7v8-SWbQ==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240208&jk=283109826932713&bg=!PzylPHPNAAaxkZ3akZE7ADQBe5WfOFZtlSSDEJ5ph2barQMQ9eZL17aaBPJkP6tTPmQ2LyARgb2zMrRV6EsQQQiufP-aAgAAAb5SAAAAAmgBB5kCzg57pQtnC-ab61FOym5XHubKnU3dy9SkIpgiUmHK_3vX2xJ9p92GTbjJH3Sop0cD7mlrdSm-RKELnz3a_EmVSF0RAPCpEofmriXSu_B2BUfnMBeVzsmPRJaIcSEhm9GWlH4bnSg6vYXsEKOaVEXcM_jDIgAN9KZBLOtbvS50IBOev-SzKRhthzrpWZQu3nZR_7xbhPwQUmrI_pze55Qg2xOhbgPRPXDHMaamQY8BL5jOGP5G6wIYKW4_A2HIz8p_2MEziDHNAtlWRcH7c1MvWj65J2d1R2G75HRs_6yJlG1-U1KCPtjYMOZsAGh_y-NEjKG5qXMB2szhiyaBoFJT20MlaJuVZoAV-L8Nwh_5yAvKDJJjoGkv7FXxsfmGJrq8H4EYD7DkOiCKGLFwkfQ2UhooEW1hZ6dU996rn2_3CQHY3PA30vJcjzGmyhGV46eJj6THgYfGvWyIaxg7jGySrhUfgNsv7apXSHKnIqqM53O3Hfp48dHbM53abW_M4lnBT3UkU4e8bW82iEz_5i_-fMoqWxIUVqK1EahVWhi3IZs5GCP8cUU6nlZ_ZIyDE-5S1CE0uX0ZWAtTOkuYIAH2yxSgRVV95xcdvl8Z3MNeY3E6WucQapih6bfSNsQCCxJXsakvG3kMIaRWfkKjKMbO9C08F0xhzhp5jF82X55ddmytbmVIePO8pEshjfxekZw5q_K8RowGP_s-woF2usOolXX7ocL51itLEdVHFXHJtI3Wm62XLCDYqFdaGUGTwAho90ePkBWwq6AnGyNbzDu5DwP2hh1wU8wXcZd-SLsN9HMz217SJeQQC0Za-omTt9DFu6OTnGj-BAgHMVJuvqfkEChHzO1RjTQFFqHfJXW3SpfUUyeUY8deZnxbsC6TdKp0PuEWF1qOmNqZjQxWS-mBTPTkGLdguw-0-rz--0JgAb5WkxUIXtPqMG2GRkX5njk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 services Show response
g2.gumgum.com/publishers/15583/ 325 B
561 B 125ms
40ms XHR
application/json 52.49.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/publishers/15583/services?dp=https%3A%2F%2Feverardoherrera.com%2F&pu=https%3A%2F%2Feverardoherrera.com%2F&rf=&r=3.88.20&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A16%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.20%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=dbe9638cea470e7b3f714c4e4b6b7713fdaa45f1&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1707754655808&to=-60&vpii=false&vph=1200&vpw=1600&productIds=1&gdprApplies=1
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.19.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-19-18.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c2832d556b76884b26bc9905c164c2af2d8c7e98bb287e3132cfb2debb3e39a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:35 GMT
content-encoding: gzip
server: nginx
etag: W/"03a190ee687eb073eeaa6db37595d073f"
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 6BFD 37 B
140 B 45ms
9ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 12 Feb 2024 16:17:36 GMT

GET
H/1.1 400
Bad Request iframe Show response
sync.admanmedia.com/ Frame 06DC 60 B
226 B 278ms
88ms Document
text/plain 8.2.110.17
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.admanmedia.com/iframe?pbjs=1&coppa=0
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 60
Content-Type: text/plain
Date: Mon, 12 Feb 2024 16:17:36 GMT
Server: nginx/1.18.0 (Ubuntu)

GET /
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame A9C7 0
0

GET
H2 204 isyn
prebid.a-mo.net/ Frame B508 0
0 15ms
15ms Document
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 12 Feb 2024 16:17:35 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 5386 6 KB
2 KB 62ms
51ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 349ca649c01e5a4db13580cbca75c92b18151f8261f921f89502bb66fbb1c4cb

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 85462489ced6900a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 16:17:36 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

204

beacon
ce.lijit.com/ Frame 952B
Redirect Chain

https://ap.lijit.com/beacon?informer=13406112
https://ce.lijit.com/beacon?informer=13406112

0
0

119ms
30ms

Document
text/plain

63.32.206.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon?informer=13406112
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.206.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-206-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date: Mon, 12 Feb 2024 16:17:36 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache

Redirect headers

content-length: 110
content-type: text/html
date: Mon, 12 Feb 2024 16:17:36 GMT
location: https://ce.lijit.com:443/beacon?informer=13406112
server: awselb/2.0

GET
H2 204 /
onetag-sys.com/usync/ Frame 7E2D 0
0 11ms
9ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1707754650356

Requested by

Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1CE1 52 KB
17 KB 52ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: embi-media.com
URL: https://embi-media.com/prebids/production/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://everardoherrera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 39255
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Feb 2024 16:17:36 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 08 Feb 2024 05:23:14 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 303, 278666
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230110-FRA
X-Timer: S1707754656.322794,VS0,VE0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 1CE1 0
922 B 14ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 16:17:36 GMT
an-x-request-uuid: 159b0034-7c64-45e1-ab94-fd005b972586
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.130; 178.162.209.130; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 5386 48 KB
12 KB 39ms
21ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2342708
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8546248aafdd900a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 45B1 0
319 B 27ms
25ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8546248ad815900a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 16:17:36 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 908C
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

14ms
13ms

Document
text/plain

81.17.55.173

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.173 , Netherlands, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 12 Feb 2024 16:17:35 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Mon, 12 Feb 2024 16:17:35 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H2

200

7092236699868605649 Show response
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame A8B3
Redirect Chain

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7092236699868605649

0
380 B

38ms
37ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7092236699868605649
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8546248b68c4900a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 16:17:36 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 00057ab7-f104-4c26-9ae4-c3010c87feb8
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 16:17:36 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7092236699868605649
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 178.162.209.130; 178.162.209.130; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 19AF 0
0 44ms
8ms Document
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B3FA 16 KB
6 KB 99ms
26ms Document
text/html 23.34.232.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.34.232.193 Stockholm, Sweden, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-232-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=93352
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 12 Feb 2024 16:17:36 GMT
expires: Tue, 13 Feb 2024 18:13:28 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 server_match Show response
ice.360yield.com/ Frame 63B3 43 B
199 B 121ms
32ms Document
image/gif 54.194.182.120

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.182.120 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-194-182-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-length: 43
content-type: image/gif
date: Mon, 12 Feb 2024 16:17:36 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

610ebffa-24d0-484c-8dd0-294e5a902f30 Show response
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 1F48
Redirect Chain

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://csync.smilewanted.com/set_partner_userid_get/openx/610ebffa-24d0-484c-8dd0-294e5a902f30

0
405 B

23ms
23ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/openx/610ebffa-24d0-484c-8dd0-294e5a902f30
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8546248d1b6b900a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 16:17:36 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Mon, 12 Feb 2024 16:17:36 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/openx/610ebffa-24d0-484c-8dd0-294e5a902f30
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B3FA 0
42 B 57ms
13ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63849783&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:35 GMT
content-length: 0

GET
H2 204 pixel
ap.lijit.com/ Frame DB26 0
0 31ms
30ms Document
text/plain 54.76.165.90

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.165.90 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-76-165-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
date: Mon, 12 Feb 2024 16:17:36 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
14 B 27ms
27ms Fetch 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f43a5bfe4c554098e387.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Feb 2024 16:17:36 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cookie Show response
cm.adform.net/ Frame A011 43 B
106 B 92ms
27ms Document
image/gif 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Mon, 12 Feb 2024 16:17:36 GMT
server: nginx

GET
H2

200

5f7b6f93-b7e2-4b6d-bab2-825cabd58d05 Show response
csync.smilewanted.com/set_partner_userid_get/adwmg/ Frame 5FFC
Redirect Chain

https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CON...
https://csync.smilewanted.com/set_partner_userid_get/adwmg/5f7b6f93-b7e2-4b6d-bab2-825cabd58d05

0
480 B

23ms
23ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/adwmg/5f7b6f93-b7e2-4b6d-bab2-825cabd58d05
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8546248fae93900a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 16:17:37 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 12 Feb 2024 16:17:37 GMT
Expires: 0
Keep-Alive: timeout=5
Location: https://csync.smilewanted.com/set_partner_userid_get/adwmg/5f7b6f93-b7e2-4b6d-bab2-825cabd58d05
Pragma: no-cache

GET
H2 204 /
s.ad.smaato.net/c/ Frame C245 0
0 62ms
8ms Document
text/plain 2600:9000:211e:6a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53
cache-control: no-cache, must-revalidate
date: Mon, 12 Feb 2024 16:16:43 GMT
server: CloudFront
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-id: Zq04_RIsx2t1CCKBWBDEek54jZdHu6slXiLr0nuLPOWP4cZD1hRMqA==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

POST
H2 200 track
track1.aniview.com/ Frame 57A2 0
145 B 106ms
104ms Ping
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=everardoherrera.com&rs=everardoherrera.com&sid=83984&t=1707754653&cip=178.162.209.130&sn=&tgt=1&osv=10&bv=121.0&brn=Chrome&wi=432&he=243&app=&AV_PUBLISHERID=6298968cb046bd3825475e07&test=&d64=77881cdef6a7573d8824ba5d802e0af5&d63=77881cdef6a7573d8824ba5d802e0af5&aafaid=&proto=https&uid=1707754653548-172024139007-000821-012-008213&stagid=&stplid=&d35=&d36=6.2.173&cb=5222986144&d39=&d65=&d66=&d74=&d56=&d86=&d87=&d88=&d89=&d90=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=432&AV_HEIGHT=243
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=6298968cb046bd3825475e07
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everardoherrera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 12 Feb 2024 16:17:38 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 new Show response
g2.gumgum.com/assets/ 140 B
559 B 36ms
35ms XHR
application/json 52.49.19.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%223508fd48-ea27-45de-a745-0188a428ae2f%22%2C%22r%22%3A%223.88.20%22%2C%22t%22%3A%22gocbppo0%22%2C%22rf%22%3A%22%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22https%3A%2F%2Feverardoherrera.com%2F%22%2C%22a%22%3A%5B%7B%22i%22%3A1%2C%22u%22%3A%22https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FGGI7kRFXUAACPlq.jpg%22%2C%22w%22%3A788%2C%22h%22%3A661%2C%22x%22%3A235%2C%22y%22%3A460%2C%22lt%22%3A%22none%22%2C%22af%22%3Atrue%2C%22prefetch%22%3Afalse%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%7D&bf=dbe9638cea470e7b3f714c4e4b6b7713fdaa45f1&lt=1707754659556&to=-60&gdprApplies=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A16%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.20%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&r=false
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.19.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-19-18.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5aad9b606be7b87ca7b3c8a344a34f7ff6691dc9c133f9f119c2c36a7b77f2e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:39 GMT
content-encoding: gzip
server: nginx
etag: W/"0b9ece16fa5f8d026ad782430aac5c844"
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://everardoherrera.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 534A 23 KB
9 KB 51ms
9ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: everardoherrera.com
URL: https://everardoherrera.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 16:17:39 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 19 Feb 2024 16:17:39 GMT

GET
H2 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 38ms
10ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=e_9c4bd2ad-03b2-4323-8287-ad6de7b3c83b&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 12 Feb 2024 16:17:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 rules-p-00TsOkvHvnsZU.js Show response
rules.quantcount.com/ Frame 534A 160 B
633 B 81ms
21ms Script
application/javascript 2600:9000:269d:b400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269d:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 600296d979650e8cbc41ca2950c1a33de723a6137494a8c80b4a7b9c42b2e61b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://everardoherrera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 15:18:04 GMT
via: 1.1 32d68f951779bb7f07d50bec3d7f1c9e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P3
age: 3576
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:56:02 GMT
server: AmazonS3
etag: "1606c77f964fed869c1c52ad7f0e3885"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: BiE-JxRn-CwnTBvqgj3OSewFsRAsqC5N53EhmhDB4abdZHcvsaJk2g==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lsj50xyc&c=2009621240441&slotId=1004810620220.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lsj50yey&c=2009621240441&slotId=1004810620220.5&uet=2&ghmsh_eids=44731965%2C44772139%2C44777649%2C44781409%2C44797014%2C44806075%2C95321947%2C95322027

Domain: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPaMmOuZpoQDFUrHOwId6cEPWA;src=12738953;type=despo0;cat=despo0;ord=1337654614;~oref=https%3A%2F%2Fpromos.betano.de%2F?

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=9171996170

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 18:24:01	Name: X-AB Value: a7f2a00ede0641c48ce147a5fb3e8fd1
everardoherrera.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 1707754649.746.11969.26549\|28a5405188e2a09f9d26dbdad0cea5e4
everardoherrera.com/	1969-12-31 23:59:59	Name: 2743ea1b716dd49a44cccc400d84a900 Value: mc1ovo1fboc4v0r7a9pjpgnqub
.hhkld.com/	1970-01-21 03:08:10	Name: uid Value: jV7KsGXKRJlX75r2NW+UAg==
.everardoherrera.com/	1970-01-21 03:58:34	Name: _ga_17T41Q3037 Value: GS1.1.1707754649.1.0.1707754649.60.0.989502123
.everardoherrera.com/	1970-01-21 03:58:34	Name: _ga Value: GA1.2.1389964320.1707754650
.everardoherrera.com/	1970-01-20 18:24:01	Name: _gid Value: GA1.2.1270494683.1707754650
.everardoherrera.com/	1970-01-20 18:22:34	Name: _gat_gtag_UA_22613876_1 Value: 1
.everardoherrera.com/	1970-01-20 18:22:34	Name: _gat Value: 1
everardoherrera.com/	1970-01-20 19:05:46	Name: clever-last-tracker-76459 Value: 1
everardoherrera.com/	1970-01-20 18:22:34	Name: clever-counter-76459 Value: 0-1
.retargetly.com/	1970-01-20 22:41:46	Name: _rlid Value: 11ec98f0-9a54-4b7d-b365-a679a417e0fa
.adnxs.com/	1970-01-20 20:32:10	Name: XANDR_PANID Value: BT9pp2P-3wgvofewNXVQNZ-pzhhjJhJKig_Fd-1-wePCTG33B3gEeWfEDABK7hNAAfMyygSS1f5k7AWMmNwP7JQr3iCx3NMHwKI3abKVEkU.
.adnxs.com/	1970-01-20 20:32:10	Name: icu Value: ChgInoB1EAoYASABKAEwmomprgY4AUABSAEQmomprgYYAA..
.adnxs.com/	1970-01-21 03:58:34	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:32:10	Name: uuid2 Value: 7092236699868605649
.everardoherrera.com/	1970-01-21 03:44:10	Name: __gads Value: ID=6ca7088966a7e0fd:T=1707754650:RT=1707754650:S=ALNI_MYgDFYEzSyZQow0sGDA7Y-_dqARLw
.everardoherrera.com/	1970-01-21 03:44:10	Name: __gpi Value: UID=00000d576aee6f64:T=1707754650:RT=1707754650:S=ALNI_MacAyArufCVIxtStnitAf5VjfVp6Q
.everardoherrera.com/	1970-01-20 22:41:46	Name: __eoi Value: ID=a481ddf5cee9e35b:T=1707754650:RT=1707754650:S=AA-Afjb6oCZ4RFVpO-6uPPuaBF9r
gml-grp.com/	1970-01-21 03:58:34	Name: CEK Value: a
.gml-grp.com/	1970-01-20 18:22:36	Name: __cf_bm Value: 5g.H05gikYFI_yRK.MxBVA.sGjcJ9yhhWHywMoO51do-1707754651-1-AYkPh361M4T6oNZQblZnTPRGWfwm2vq/QJKC9N0Vv/v1LI0hYOtyG5fP2EUS6reB8Gp3Ktj26M69PtzMEFc3hIk=
.gml-grp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: lTDUV1QI.jt6Kkssv2dsYTYKFY5X.m3lI7mMJJfivAY-1707754651225-0-604800000
.retargetly.com/	1970-01-21 03:08:10	Name: _tpc_enabled Value: true
gml-grp.com/	1970-01-20 20:32:10	Name: XYZ Value: 120&0&148&&&&0&1&&f1b38958-f616-47b4-887a-915b311048b2&&a_24785b_2931&
gml-grp.com/	1970-01-20 20:32:10	Name: A_2931 Value: a=2931&r=0&fv=0&lv=0&vc=0&fc=20240212&lc=20240212041731&cc=1
gml-grp.com/	1970-01-20 20:32:10	Name: PM_11 Value: id=5a190a25-bb21-410c-96b0-581b3a6869db&c=CABAEFLAFCDAADE&s=24785&ad=2931&md=0&pm=11&d=20240212161731&ip=0&r=0&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&RedirectParams=btag%3Da_24785b_2931c_CABAEFLAFCDAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D24785&cip=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjY=
.doubleclick.net/	1970-01-21 03:44:10	Name: IDE Value: AHWqTUn17qd6HPeFffYFs19Hubti3NEPG4VlVBz_taTopCpwt8Andhiy8I74IlIm
.everardoherrera.com/	1970-01-20 18:22:34	Name: _no_cookied_tpc Value: false
.everardoherrera.com/	1970-01-20 22:41:46	Name: _pubcid Value: a2e87318-319e-4980-9a5d-a70626c280d3
.betano.de/	1970-01-20 19:05:46	Name: btag Value: a_24785b_2931c_CABAEFLAFCDAADE
.betano.de/	1970-01-20 18:22:36	Name: __cf_bm Value: 8C8hC82Pi.5JNOboXlEa582qSh4pUTMTJcT1NCc6lws-1707754651-1-ARyAa3iOcFEqUY8ChsBFl1tb6+4JYrpmwBhu+7g8HiCYufV+cD9uNk5+kwaqiM2YDrzyN8Vi1QY3w5lfRG6A8Cc=
.betano.de/	1969-12-31 23:59:59	Name: _cfuvid Value: ezXRlctWon0ee5y0akoqUVB9Ys3QWqt6flXRy7Z_fSI-1707754651411-0-604800000
.doubleclick.net/	1970-01-20 22:41:46	Name: APC Value: AfxxVi5enCBOU0bwyNL4l2Y-93wbd5y7s18-MBvgzIiflI3dQxxowQ
.doubleclick.net/	1970-01-20 22:41:46	Name: receive-cookie-deprecation Value: 1
.kaizengaming.com/	1970-01-20 18:22:36	Name: __cf_bm Value: 2khD1FKA2mHzawouBMsL_hflgewfjzVbDrLpc4WqoO8-1707754651-1-AXP2x+P76R/AtnIkoOM5LSSnCaUoESnVZ4TMrGXZptVNjVAUdhAOmgQqIMJtRfwoSD3QlwNEk91CtD0OqFEww+4=
.kaizengaming.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ldjCTWIVKJzER9pooRF6Z1HBMDNUAaxgY8DHZD40VAg-1707754651924-0-604800000
.mgid.com/	1970-01-20 18:22:36	Name: __cf_bm Value: MYMxLk5.HRJh4UqbvAydOxQYScsTQ5PKWyosL2uoS48-1707754652-1-ARiTxzcLHys7CuVKQWcmo4/VfWd9ME3D8XDLtG40WBH/1Hmcc71sRAtAk6FzfP2ng/FMyZO8mTqgZKkDJAaY304=
.betano.de/	1970-01-21 03:08:10	Name: cf_clearance Value: ma.HqsV5QyPzSP5CTlNfswITgFlFwKkpYh37.XgZR.I-1707754652-1-ARaS+hm00ShTBFjHfae2Ec1dsC2aKgiOji9C6/NdyuMM1mRbfXyspLuX6XpI/zjMR3jAPAjOTfiiDrqlN91lzsI=
.bing.com/	1970-01-21 03:44:10	Name: MUID Value: 244B4F63FF6C6C7636FA5B40FE076DA3
.snapchat.com/	1970-01-21 03:44:10	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgDwIlILCkC47yxTsHwf8f3PS+0dYLGy20HbCtKkFwRNYNcmcEdPusHT14usjIAAAA=
.kaizengaming.com/	1970-01-21 03:08:10	Name: cf_clearance Value: I6CV4tTvzXeGAFi2CVgN7b.M7a35kD9yaEJrfVfTyMA-1707754652-1-AZ27ANtJ3x6wH0X0OsYrVgwvE6e3CyRFl69GYfQbxovRY4GwDkpHV4jDC9iK991h736LPURFKG1k583tOxmpMSU=
.aniview.com/	1970-01-20 18:51:22	Name: aniC Value: 1707754653548-172024139007-000821-012-008213
.gumgum.com/	1970-01-21 03:08:10	Name: cs Value: true
prebid.a-mo.net/	1970-01-20 18:22:34	Name: _Amc_b Value: 0
.openx.net/	1970-01-21 03:08:10	Name: i Value: 17e84235-bd32-4925-9173-264a400bb4bf\|1707754656
.shb-sync.com/	1970-01-20 18:42:44	Name: smart_usr Value: 5f7b6f93-b7e2-4b6d-bab2-825cabd58d05
.shb-sync.com/	1970-01-20 18:42:44	Name: smart_r Value: 33333
.smilewanted.com/	1970-01-21 03:08:31	Name: sw_user_params_infos Value: ueGkUfl5zSWBwLgZKAHbiWFFDHjI2AzWh3UD1DwoLzCPB%2F5qBAu%2Bu%2BijC3eIFZpddhuw11RR97y4HwtZ0u49CMXdScI1hA9y5y08yIH7kRcxmIwIgQuN5CA7TK8sZa56nZ9Z3IM2EONzYuIrza%2BLa0whN6wApQ1bosoIvpZzBjv0%2B1AMY5cFgJcTq%2BhKZbNkka134OZ7APvd9VRR1mJTu4YGX61E4ZBtHIv9kTQ0X3zsYwcNMhaFYuYqWVIgmlq2KO%2B3nQEmHhmYt8yQYw6yHgglGajVQcigOuYubTc2CT6jfUnQfCrCxLDJLLg0VuPR
.gumgum.com/	1970-01-21 03:08:10	Name: vst Value: e_9c4bd2ad-03b2-4323-8287-ad6de7b3c83b

357 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://everardoherrera.com/images-banners/banner-programas.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 510) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 510) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://promos.betano.de/willkommenspaket/Rectangle.svg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://promos.betano.de/willkommenspaket/bullet.svg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://promos.betano.de/willkommenspaket/banner1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner2.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://promos.betano.de/willkommenspaket/banner3.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/bullet.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/Rectangle.svg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/234568464078651?v=2.9.145&r=stable&domain=lp.cleverwebserver.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sync.admanmedia.com/iframe?pbjs=1&coppa=0 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://js.gumgum.com/services.js(Line 10) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://everardoherrera.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12738953.fls.doubleclick.net
a.mgid.com
a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
ajax.googleapis.com
amer.hhkld.com
ap.lijit.com
api-js.datadome.co
api.retargetly.com
bat.bing.com
c.amazon-adsystem.com
c.bannerflow.net
call.cleverwebserver.com
cdn.jsdelivr.net
cdn.mowplayer.com
cdn2.viads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
csi.gstatic.com
csync.smilewanted.com
dd.betano.de
dt.adsafeprotected.com
eb2.3lift.com
ejs.mowplayer.com
embi-media.com
everardoherrera.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
g2.gumgum.com
gml-grp.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gov.aniview.com
hb-api.omnitagjs.com
hhkld.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
js.gumgum.com
landingpages.kaizengaming.com
logs.hhkld.com
lp.cleverwebserver.com
mp.4dex.io
onetag-sys.com
pagead2.googlesyndication.com
pbs.twimg.com
pdp-cdn.retargetly.com
pdp-service.retargetly.com
pixel.rubiconproject.com
player.aniview.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
promos.betano.de
pub.admanmedia.com
region1.analytics.google.com
rtb.hhkld.com
rules.quantcount.com
s.ad.smaato.net
s.richaudience.com
s.seedtag.com
s0.2mdn.net
s2.adform.net
sc-static.net
scontent.fsyq2-1.fna.fbcdn.net
scripts.cleverwebserver.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sender.cleverwebserver.com
servg.playstream.media
shb.richaudience.com
static.adsafeprotected.com
static.smilewanted.com
stats.g.doubleclick.net
sync.admanmedia.com
sync.richaudience.com
sync.smartadserver.com
t.seedtag.com
tlx.3lift.com
tpc.googlesyndication.com
tr.snapchat.com
tr6.snapchat.com
track1.aniview.com
u.openx.net
ui.cleverwebserver.com
us.shb-sync.com
visuals.kaizengaming.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
12738953.fls.doubleclick.net
csi.gstatic.com
shb.richaudience.com
sync.richaudience.com
104.16.80.121
104.22.68.131
13.248.245.213
141.94.202.176
142.250.186.102
142.250.186.98
143.204.207.250
143.244.215.166
145.40.97.67
151.101.129.108
162.19.138.83
170.150.56.17
172.217.18.98
173.0.146.5
178.32.210.226
18.245.144.237
18.245.46.49
18.245.46.54
185.106.140.246
185.184.10.30
185.255.84.150
185.89.211.84
195.201.193.117
198.47.127.19
2001:4860:4802:34::36
23.34.232.193
2404:6800:4005:801::2003
2600:1f18:1aca:4280:bdb4:8050:697b:3322
2600:9000:211e:6a00:1b:5138:8a40:93a1
2600:9000:223f:4400:8:48e:53c0:93a1
2600:9000:269d:b400:6:44e3:f8c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:10::6816:118d
2606:4700:10::ac43:8f4
2606:4700:1::6813:854c
2606:4700:4400::6812:22b2
2606:4700:4400::6812:28b3
2606:4700:4400::ac40:919c
2606:4700:4400::ac40:9754
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6811:c96e
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:829::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9b
2a02:26f0:480:25::1726:6211
2a02:26f0:480:33::212:40c5
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::649
2a06:98c1:3121::3
3.161.124.29
3.66.83.174
34.149.50.64
34.98.64.218
35.190.43.134
37.157.2.229
37.157.2.250
51.79.85.170
51.89.9.252
52.211.3.71
52.222.169.43
52.49.19.18
52.58.67.45
54.194.182.120
54.76.165.90
63.32.206.174
69.173.144.165
8.2.110.17
8.2.110.33
81.17.55.173
88.221.169.49
91.227.144.128
96.46.186.186
99.86.4.71
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
03eb48d039c3987d91bf3c32fc33f27d71d016f3d8072489def05ef9b48a5edb
041d9bcbcefc815556b877c8cdcba9658481f3139535a8e52030beaf9c9b494f
04a5dc2220c07444b6e9eb69c0f933310fd7bef366a12bf00136228d12c3616a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
0645a8677982ad53b052187d052115793e6ad2cadecc86d72e88d477d982d5d6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7
09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d
0a3585d4fe65308b04b1cdc7769f544c814acba8c112e76e6e8f5585bcad7cb3
0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312
0c3503fa40192c928239a3b337f722fa4e9f2fb4fc3c838216ce5893929b4b58
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d9c3025a7e4c9088678323efba7f3decdad5e717f2fcdc00aad634156d0576f
0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94
10983ff0458c4d869e2c0ae237d697a19c2aeda3d52730d46c4bc8c31d9b30d1
1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e
11c5a22dd9019075ebe82b053243bda7bbadd0d5e57f67f11148c723f946bf14
11ca469e57472b89f84820ea0d8b82add3f3df32c4c83e1eaedd62a4e24e7a4a
133d488a67813f2e8917fa38b8ebf233c7ccd0500d6e6048178704f1564b77bf
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16b4bd9d233644797c76598eb6ad3d866e796e920965f8d8e7201e351f057452
16ee07abe7bad2847f01a1b1b0e42be64de9822077cbc1e4a8d6c414a12fbfd1
180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf
18268689d4d2c9a61373b3e56e1e70cb60628494602c9bd4b37f5e736b76d412
194925f62f0c013cfba12af214c4bcf21e7d8473da122d9c3f790aa85a056f65
1a01269065091dedcb1c5c96d2dd6b5db2f222f9e46b2490058f7f5699f26be0
1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb
1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f
1bc532bc156125d811f62f30cde6f3ab6e67489cec69ae7269562f8952c53323
1f4f86444bb34f5ea40461c1fab85e2f14ac2223c51496e51fa842ced2ca547b
2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2
20a3666a70ca33bb5f8f1694d1c0baddf6486e06b19dac01127a60fa9499e7f7
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
2123cae11f16a1fdf4dc1307a0c6b841a8c574fd25573db5031933e7d24e1736
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86
22ce7efcb810b21ed2a0bad4af133866818006e5940f12d1eed79067e271d8d9
22edc20acee6e8c9008d45f1fcb653cf2386470c0b7fbabd83b56b534605d899
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
242bb1405da0cee71643b867e20d50ed3430ef06dc2046b0988112b97056488f
24cc16de3d8d0d6026074f4a7c5ccd43e7b3d3392c47198a922208c1a94f9ba0
255d8e8c64dab925a60a26d1952ab2033dadabf50f8ae4f0044840868a651c3f
27b0b2404dc7ad31fd725c8e5f009453ef05588f59f9c2e3aa26565c54680b73
28e73c81683ead48bd62eed86b39440f1e11e2d6ddff38e50886df6ed7fe9223
295861dca535f4283acdcfb3e7b721c91b57067963171fbe38cae6828799548f
2a9a6989962be58e9c983dacb2035808d86556280d8e08d9a31fa0e7dff4bd58
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e6dc79a8452122cee93283b5be666130ac90fbe224410eb27f8c7806b59234e
2ebf62863164301ab0e735168824bdc36c33b24f80364f3ed7320cd94b93e260
3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500
316335f84d8b3c30a409c00e966a41c4073973b3b20bc71023c2d960674a4de9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bb95d67bbca4d8536af9ae26112d9bb6241978a5ebb245df3cf21046e28b1f
31c1a3974efdf3f3af80aa6570aa3c05100ce40bc7f6a3091f41fabdd0b95aae
322a51391c74b87d63e5b3dc9595b8eef242921d687f6d8997b5cf89f404bf23
329c2e29867438d2a4ac3e7a75f715d48b6c322cb4e0e46797247fcb67bd3239
33222b3fd00b98512aec287420b87d60c773a9b6a3db2dc7bac7720d85cb0c12
33c95e1f1dd2d68d92144a7c48551e2aa6fb5fe86386704c1da3d3589ae86679
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
340dddd5d80eba271df66f1a21d4f2be386a949cd6f293d741b5b01581777be4
349ca649c01e5a4db13580cbca75c92b18151f8261f921f89502bb66fbb1c4cb
35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de
389587d57c24f0a433f7a0134303eb02d649c77ec2e118308757c264dfaf2a3e
39a19737f73f73d20cc65799c3ec414a8108a05c657fb8cacebb2c8b69713190
3a318681fde56e313642fb18b5f43413670c66009e33d08cd702c2188ea3efa5
3b21a4131c8a8b061f8557dbf25ea33a9513dd3ab097f773c771f802fe79063b
3b5783a70f7eeddfbf56b3c0c17ec8ede985c196cf9f2c2591150484381c55a8
3b6e461fce3ae2eb55430e7e37a8df843d1b3dcd2e3e467224a7b1a4b9a89171
3c13366f3127b98dd73e0ff273e715176fe9835f3bf7a3ba2dbd262258d2f008
3c1be6136a1c866d7ec41cb7adf5fc83fc5b964ac391f3f692f6add0da49c2d2
3c47937e8b71c472c95d3d31468e6384a7a22e954c145edc9c375eb33d191ccc
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c9aa2604bb7e2d2f3ff989220565452ad51b643cf32ffaa9027f9826333ccc2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7807a1ba725e86a3da42d995dfa23b403a7c9c71332ca1094c4aa5b83892fa
3d961df6f903709e923adfb503a88b8358b4af0c54888a8e2a1fbd5848fc793c
3e1bb6cd3f187a4c070eba43ed18965efe829a3fec5bbb96e400fd0f10cb37ef
3ee3475da11ea4eabf43042d8243050b8f1b59e6cd7e1dae2eefe624e1f8bd27
3f492ef8c75e516e37d280720bb37973f7130e11ddb8797213bf9d0745f293a2
402b34b1282c4f27d2e8d6a20b71d48f161592427db4adf7dfe5b947bc457cd7
403fc8964790196476ff4e888d6e806f4099a6d573f306182b1802c1c3d9e546
40714c38741e78da35a34e2f973eaf1f4d69956ba9dd827340609eaff188a6e1
4166e243b0dc12f29c55b5bfd8b2fc8d02ce1389ba1b9396840bea434c1d215a
417186ebb1382dd7464e229087604d82adbebc20ac5c1352d07260c305982313
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
437ebe9ecca548ef80036ad6e6926f905be50d023b00aaa5d362f6842f4cfda6
4400edf65fd8568a5cbb075ba6163f107075cb3f88ce6ce2472383d6309ff989
450574a0b2790cb089d690ab58940cb4816906a05ced1b4df116073dec25acbe
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
47a0975c28380d148475c1367aa3a3d350f25d0beacf22539f031d1e4f89ae47
47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f
48ce5810e9c37aaf2076f84ffe1cd46b0ea4e6458811c3b310cf9bf39342619b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
497348e51ea27e714889eaab2cd8486a0b12ecf269ea35f3f7c35d1250b457b9
49b8c7cde5b387f403f643d25a8c3bf0a87de6ae37aa1610594c323643e72aed
4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db
4c0bc77d2a675a45821a556c87577281cb43b78ea841918353c853fcb46343d7
4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00
4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd
4cda6d1b677e9611646e73ecaae5b0c7fe752d193a1c8cd055151d75927d79e1
4eb370f64af97e965a40fb49230196e5a3c8a132248fd95398c1f8e9d780700a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747
4fd0c5b1add2a3068f0c44f04802f4ee6290735a64831ed04ba94f8566f8cd48
510748fc7494515a58521b444287e068e588764bcde0a6f7ca9b0019e6b4cd9e
515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4
51867f53373cb61a5797633285d236a4237c0f419f0f927fa10753d04b9bd547
51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22
532d1f861482c0eab0321fba7270ca4dc34044fd6a0bf5d7413c73ce3f82df63
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bca248b12943b3ce2a739ad7094ff306882a1764c84c58b4b564b3c0c82a34
56014fafb5c8a7fa8c0d8b1c12feae3923bc8266cbb3fc59d0b52c1620bd6266
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5aad9b606be7b87ca7b3c8a344a34f7ff6691dc9c133f9f119c2c36a7b77f2e6
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5bb710e379473a6ba1e4068602b66402a96b942cf027bd45221e30bb9f82f43f
5c0407be5bb704f0329c01c64b7ed48ac363a4ae876b9346bd6c7e62be24459e
5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4
5c4f06272264a0eeeb48d898dfb9659bb8aec4290250cb7e7ea1f1a22920ea3d
5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1
5d67eec8c04db7ce6b804621df0b891210572cd10f75be07286e3c58cf897877
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5dc469f4e42d18b796bdaede3148f38dd7782f52181bc6c8811d197303fcbc72
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5ed81eb8b5eae10aa0c135397c8218c480e0760158db64ad28080b7f1d235457
600296d979650e8cbc41ca2950c1a33de723a6137494a8c80b4a7b9c42b2e61b
607db1bdcd3ffaed32fd69e946077892fee13eaba311f33983d76de84f38c411
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d73067199058ae00203e8220bf1d61f443319eaa6e610a4e2252ee2ff173f7
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1
62f7855e47cced7560ab673f448245593445a18a94dfb7eed65f147adc0419a6
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
645a8cedb47e8b9f20c7ada187dd609511577292172a1ababb1b10a35fca1229
647b4cf82221a656e66d6d8724257ebcfbd15fb3d241c2f5f30c77cddd7e6ed1
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6657564cbaa199de5f2cc4813868b6ec7fe7f430b58b4b774a0119abf1340e60
673c48f2060e42698b6082f6fd1ea6a677a8bd8180af515f15ad7d6a4b828d87
6744050bae69a47a6bc42d3e765b2dc6c53482290f1f4f122a8ca55bb94e9577
68d70e19a4783c56a3e015d637bc85274c3f70fb0b3fa49f7f8df9c2f0ffbbee
69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a
6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd2f4b38f48f0d0c800263dbf06c4d1ca1f04e48c5de5c370c9b0d18484f07d
6da103560c99cb6ba625fa942cb9a22278bdd9412f94da7859f6f6cb2aca7005
6f8c9692ce7d57e98e63975fad1c106be433e9ffa6cc7bc35ddc90b9c20492dd
71f27b3128d71361cbc69334acd0fa1c569ffac2271107bde48411f810e00784
71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe
71fb32982beb227a8206fa82f96df7ba6c925335b8c51b54c5a700831dcb5524
727aab34cf7b93803158fe79c74254f551cd7b854dd0db228f062f49ec9b4b5a
728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d
73513b879d0edd7741cafb3dd08786590fec66fd71b24e544173163c6b9ecf2f
7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751a8ede0994f0b6f19f4bb6284ab2395661950e66463b4915e5de9d4a6cf371
7791e42b68f5ba132a4766364f63afb24c3d3f1f61be9f42ced5f2ae65e6dcdf
77a1f3174d17dec53111e86f0521af23b39e999d51b1a5f26974e1d560397828
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d
7b58821d59cf28d91179aaa00128e9badc6073f09a71e432923c54edf2d27326
7c5b5263064dff51b841888d8a58ba669935b1c38c6b7f692cbce22603e81846
7da1859618a3dedb300ff69df3c1d74aefea6e2eb1d2b6415dc1a9512d08be4f
7de8e5f9cb9357e2f201b3ab84d19335e86d2c24cb0fb796f95ae22239a2d2d3
7e92197129aecaf35c518bc000e28387636830eaf53b04df541b65d957e30187
804122a17ceb64c8eddccccc8bbfaf68a16d3178fd9231d8030e39a4be2fdc5f
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
81a5b16189a64b452483a35388c93052717e8df65902252b6fcbca64a1441160
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc
8411d2ecdd0e4d5587eea7f76890cbfa391f2c223ed3faa9f518d622099b648e
841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84b485a6cb44e4021f7b4cc0bdc34bb495f4b51fd79af4ce488968763bf76830
84e65b7d5ad8bedeb2c52eaff67e795740dc6cbdf21937cb786cb865a44bfcb2
853b59969d5f64cef35aeb50e6e289ebf2545e37dade01bb5ad963abc04daf2c
87c11d6ef52b96f056f348a18e7f43b576e3454ecf4d6d20bfc4c7e2f201f9b5
882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b2cb4a37f103da5c10a3468567dcc30ba6bcc5edfaf3f2b4ae1fff72197e16b
8b7be9dd0535fb2167d678feea250020cc9129a29dde27cd5c520cf08ed639d2
8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec
8d185ecf904c04b2ba4bbaa2684f9bb43962fda0f504a20a9742027a23c1fdee
8db8b0d4ea3c0aafaee31fb6e68ba840c8f95096923bc986a6e7bf96daeb3ebf
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f4a80b296569a5464392a12d3ccb034a39dd07a644a87a7dab84d12314e162d
8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929
904440a613768420de3c14bcab8adbb7fa7fdeb669d54931b7d676aba78deb1b
90c77a04ea95214e81af9d3a76ab76e3d60b9d81390dc79f37fd483cd3727bda
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91ad643975bebcc9ede8150c15a74e9020c1f5c85f756144b5f8772f338f507f
928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a
92bfaaccc4f43f593006dcb37ad9c961e034642bbb90595c9ad23bcbf7da937f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94698f87ae32fd13a4aa0775e039e10234fba7f77119a4ad7534b21c778edee2
95250a057c350065687db06d4996de5ada9f9d91137f67d6a742d0e6afced274
95af8ff6d0ae39b228ca6c31eee738505e7bf3851a2d34448a86d67765c1469a
971fe9c7a0d3d03475b76cbb6ad43b41a4fc297c9facf41f6f04d5274c2e2804
9793170177c3bab8ae118bab743aa250c6c344b53352a61283f728df9baa618a
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9bf8e1c20f70bb4045945ba461f19c17579ba40d4beffb657145b3d04c21c40b
9cb83cbc52d60a12d7a7c9c414a6b13966aa753e09d8ead2d4b33a27a32a6f59
9d13fa16dd90c9a98adad742297f52d8734587ca23ec50854d8357dce976aee9
9d8958f4d19f06bf91606f4214e438d2bf25b603f08e83b6b487b1a6e2765ab6
9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a16de65fadc7ab0713cfae9b81f903368fe667ad59c45ceb9009f99022c82479
a21e413cc26d5de1425a1211b089d3c41407ad164426a9d475b2e4fbb27991d9
a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4
a2f9462e6bc5d81902b5bd8b0b6bab5d33b937101374c3f13433a29efa0fd9a1
a33f24eb4a2a30503b76dff7dd3cb31b321d484f663fb20d5d79e433ff5b2a60
a39143e97a0e177e107614a753f0cf29a395e01a8204dbcd8faae3ab2d731f5d
a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733
a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7
a5a5dacdc178c87b62cf029637baa571916f1260e9283c0256741b1e0d946103
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a78e30adc0f491eb7917ed7a04c472151c7064c3fa7230009cf2abc19468b9e7
a80ecf30a77a93e985c57a3d5b410ec969a4a25d123a015955b28c826ee6b3da
a855722493660ded17bea969e5018a5b43a90aea46232e4148e4e5e8e322eab1
a97e1c9013fef6416ad6ede21fbbb312b47eb8f48c42054117272bd1fb0b6693
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125
abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b
abf9314d71a15a8c6791670b50f3a8bc451abc72cbb7b026cdd3a40a968d99f3
abf96510b6f6c7104d67a388900136fb29dece2976b943ec042079f227b6ad95
ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
acacdefbaa034a0ac06f764ef3899fd583f9517eaeb2d53fe64df3e2f1925b09
acd6dd6862932d343a83efa57ac20dc629e9527454005afaf34131bf5b12b787
b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18
b13c9629a25f41a392fb8d5b01e162291433c14251de30d0b2087ba2c0828d09
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697
b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b5470e8faecaea61075f3017c6fd9ea2ff6dafade3a535debaaed55cfa8f5a5a
b5cae41146aa58780742760855d3a1702e797d1bc4e8d5daf6c03b0c7f1a5888
b62bd1beab2b04ab6b56d713ea6ecbfea4912643c00706bba1f6bc5484e5a457
b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03
b70a084c2b59a56c677430b1c0dbcd7d114dce2702774c103ca2a400c3ebeff7
b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4e3e58eddeee41095d85f963a15fadbfe38517d06b418710059637840c9f6a
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
bd6f90179eefc4b670f32b9fcd39f17d7b4fc905b038f68ca5b5c237cf1adc48
bed7edd7bf22878824fc9017f768af11716d536d3825913d0c25b3be5a4ed7e4
bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d
c0e01a747cdd55abe4edc7c193b55455248940ac4c4077a5a948018ab1f7af00
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c1aa661b26b4e650976a9262eafc754dd725410a495a8c86527311cd9bd3a3e3
c2079f5b7b7e3d07d397d9fc337494118b193c2a11b1ee02dadcb5594c4b79f5
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c2832d556b76884b26bc9905c164c2af2d8c7e98bb287e3132cfb2debb3e39a8
c29513a76a58d066e958c5942d64999007df95b8493e9e200cfbcd0aa7202862
c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75
c3b2f5bdcdce2be370fb2d9904f872b101a79f56583948143329b7ea14a33162
c5860e55aceec4810a016aeff5e3472d122fb5b786b9c7fdf3c026d8e7143a41
c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a
c705660d66904f452e8a41f2070142277b0b6343e60de83721e2f02260d7b5d3
c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c9040502d4d9deec976f822396dc83ef7c8ea6d33ba6df076f56d8b6479742d5
ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208
cc75c92c970b9b9b4ea98bdce25142d32aee462d66d6e04090e78e299957f365
cca229012d7f2f02e9c1a2bd43b9e1dc6d47b803bdb413c2d044044e4714ef11
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
ce732e8eb9c298987ed913e7363bb5f0b101dd6d792b2ec5c01b70effee1b98f
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cfc68e1419e472b4f2d59fa7d2f8550545717158557d55f58d1697cb564ab504
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c5307785d554259b8fd2fffcbb51f910175f8cf1c8d9c5f2ce87cdde42e5d9
d0d428223b8744c3f507f4e0a82f0023208feedafe5f84db4d53c832a6e8a02e
d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994
d117e8e27c53de89a9a745b4ec6b81b67bd34dedce47299f03f63ec36f6f1703
d2022370e84c3d78a09147b56de50029a766fd1796bf97f9a7a3187007cc444a
d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a
d39aff78644bb77500de1b045685ce8b119fd7d5e4700a9a219d5bb586e825ef
d557ac16594b80a88ed876e585d32bfe3086bc18bdbc0d90422b42acbda7b42d
d64f57b3d8a9befc21deefc2143357a92706ed6f111519d1b6f2f57423bfa48c
d757bbd4b2571119bda37ec17700baa07ba25c114bb3d29dae7b8fae4b3c0b85
d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66
d7a73f49224e7447efc98ca3d9a95373c3ccb664ba2d7e6d1879b36509647100
d7e84613975c40660e030cca5f43d5652e1e69f4dd13023a5160fab0681d244f
d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101
d9f845ec41f8be39d4cf392d2c46479979f8a4c75d36d0c85e9f9a1de3d9fbf5
da3d58398fd23ffd5438cfc241ec3848bd1a8954f1ca43c0664821d85e1501b7
dabadc16eecdb46598f1ff3fa33ddfbc9240ca394d4dc49f7fee3637f352e441
dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584
db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9
db8aa4bada838a2936aaca3f2576eaf15d85cd17f6cff759016c0d48956294ff
dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89
dd057077df0f8d73f7541c6dd4d1661fbfddc96a42fc6efac960fdb9ea2eca2b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df589677b9b655f52da8f2fd5d0ecf26403ee08e28e2338b9db4fecdcbae46ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e72db12b9808617fdf65c322f9e6542d4d8bd0cd5e31cf23bd017b92b81ddabc
e7905b3eeb273da7420ac155ef0db1bc7bd121d70a9d25bfcc57509da5c4292e
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e813ed0b5fea40c6fb6dde73fcf5620a388085ceba43f03778b25693e652f35d
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
ea5e83246f6639bb89d6ac5e7b5d5597d5d05eee7b5dcb7996fbffaf6297f3e0
eb4b06c59d51551337b736103850a2eca99f90b8ea64557ea8753b38fe784a09
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebb588f9a7cda5153f6b4b89358fcc21afd8775a8225d00f961d4f8f821ac7c1
ebee8b96ee103c5c0ca35f72fb1f84aea16f0bc35b58b90ac3ee9d2e8362e9a3
ebf1df3c4af8a738589f0ddb86fa2eecbec01c21348b4569fb6aa594395d76ac
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05
ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6
ee56fa6085e2387b1990ae4a778b6dd096abde6ab29ec79ad5163342a14e35a2
ee6e0795474cbe81aeca004d469c7d6dc0799a3d37785aa13b3957a6e50cf069
ee8114911fb4532f4521a86c72653b2eaee580ffd8bec3445699bf569323f1b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef77885b940f1b5a00aa3b92aa15920ba9a736c885abde556ea51bab0329bde6
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07
f308cd5c09f3066a6fc5e09a256aabbecf19b7021b2e63a28e9ab65beabba485
f40d0956b744bfc7a22e63e16797dc3e1087950a043b245ef3bf4fe7535af00d
f446f89ed1950a40756e76b0c8c999af1eaacdd0ba7bd5699da8445911b9ae2e
f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf
f810f0ed9f71186e5aa2ba8bb17d180fd17e623c2f9f6da75af946f339b01bd7
fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39
fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62
fc3c7a06af8cbcc57ab1357cf2aee09a8a5c4b1ca952fd04574d74e39c16b9de
fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba
fe4c73c09754efdec4232cccbc9d378d7c176c0da81bc2ea5632014a6e53611a
fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0
ff277aec8447e39443e6abd4dd9ba0fa031decccdb74f21ed47368440bf085ac

everardoherrera.com Open in urlscan Pro 143.244.215.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

427 Requests

97 %HTTPS

44 %IPv6

62 Domains

106 Subdomains

85 IPs

13 Countries

26644 kBTransfer

35327 kBSize

49 Cookies

13 Outgoing links

Page URL History

Redirected requests

427 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

everardoherrera.com Open in urlscan Pro
143.244.215.166 Public Scan

Screenshot
Live screenshot

Full Image

427
Requests

97 %
HTTPS

44 %
IPv6

62
Domains

106
Subdomains

85
IPs

13
Countries

26644 kB
Transfer

35327 kB
Size

49
Cookies

427 HTTP transactions
12 data transactions