www.egr.global Open in urlscan Pro
99.84.88.47 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Submission: On April 08 via api (April 8th 2024, 9:07:27 am UTC) from DE — Scanned from DE

Summary HTTP 71 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 9 domains to perform 71 HTTP transactions. The main IP is 99.84.88.47, located in United States and belongs to AMAZON-02, US. The main domain is www.egr.global.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 18th 2024. Valid for: a year.

This is the only time www.egr.global was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	99.84.88.47 99.84.88.47	16509 (AMAZON-02) (AMAZON-02)
3	172.67.39.148 172.67.39.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
11	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
21	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
71	16

15 99.84.88.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-47.muc50.r.cloudfront.net

www.egr.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ukwest.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a06c00c59eefa112ef3dee3ac6e506f0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 a06c00c59eefa112ef3dee3ac6e506f0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 167	776 KB
15	egr.global www.egr.global	149 KB
11	onetrust.com cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6208	142 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2709	21 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	168 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	249 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3965	28 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1294	28 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2221	2 KB
71	9

	Domain	Requested by
21	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.egr.global pagead2.googlesyndication.com
15	www.egr.global	www.egr.global
11	cdn-ukwest.onetrust.com	www.googletagmanager.com cdn-ukwest.onetrust.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagmanager.com	www.egr.global www.googletagmanager.com www.google-analytics.com
3	securepubads.g.doubleclick.net	www.egr.global securepubads.g.doubleclick.net
3	static.addtoany.com	www.egr.global static.addtoany.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	platform.twitter.com	www.egr.global platform.twitter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	a06c00c59eefa112ef3dee3ac6e506f0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	secure.gravatar.com	www.egr.global
71	13

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.facebook.com
www.addtoany.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.egr.global Amazon RSA 2048 M02	`2024-02-18` - `2025-03-19`	a year	crt.sh
static.addtoany.com E1	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
onetrust.com GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Frame ID: F81216DD3A7F43CCA8D7C44F892DA029
Requests: 64 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.egr.global
Frame ID: F2DF8CE682F63E03AC6B845F38EF218C
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 408425873A5512055A1A259FCFBEDF6C
Requests: 1 HTTP requests in this frame

Frame: https://a06c00c59eefa112ef3dee3ac6e506f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D2E34E910351C0E75F1FD56716646EE7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvtxlgohNUJRvs4e5fqE0VDVSbhCeK3TUh2S3o5FszrLqlN2G7E_Mqe878IdSGR99PFiRlJhvgdC7ww5LIofIEaNLkVK1erUljtkRoRFUiQHO3C45DJYqqWf4d1XArl2Hwrhdc_AllfufS3Us8Tb0GvX2JLm884InorYfKlyKEusBbH7MRJvYTVw7KBWthrBnmj-jp478HpF7U2JATV_dMCl8ViFW3mp2sy5PBhlSnE-TIO29sNiehnQ39gxKfjCSMhIxoOQ89wDF2TyS3jq-auO8BPV6afCMfvVzG95OrQtfE5z28LhAaRpvGnd7_aTFSQmLFLj3LZFIUQdd1DRnvJRoFYAp_S1MZoL3HQZZUPAaIE&sig=Cg0ArKJSzNyICkPO4XpNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C3BF6716F80F8B217BFCC8F23AD3D6FC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstIRCOajrS0HnGES6BbLmVxSdAco7PbrHJZUPsVWvtm4baBxvOOOO-qqKPmSgn_brURiZlSkoB1Vt9RgdBYMMwdKcTdxqZ9uMWV7XdgY1M8wVQXnc8TTrkGE-QNl4T9O3UFT33CxV3i3Dw9965uxeOZ_lyW8hZhz0s7OCcTS1lDRjliQ4tfOVzkYJ-zB_sg2pk3oVeOTp8x_YkpQ6gaFE5SxIAV3NSvGp0T8QxMI66TgUq_YYgofuz3WxZgKHY0dpEo7ckElas1FqqZ4Cjv3IkJt6KJ5q4_1zaqsGytiFcGExcBEtykZzYya5dG8MzUXh0b-hTO8R8LZH0H3OJCwKSR-7JPgFkAlMSXXD8mxyo2mg&sig=Cg0ArKJSzIIc9o19eGYGEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D2DB6078EACF6B5A98C9B6780D883864
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvi9Mncfll2H6Ot4DdCO0i8RZ88Aw9sb8U6-mc3Fpqsls7gaFKJdR6_Oo1kBMhJZPemYnCFmbQOt5lYx3bpK-Oo28ANB4pCeM1XmGIqMG2GQBhCgvRZcBjWFd1HwCz-YMAIptcyfnXqionlgOgl-ofHKMtZYYYDMtwE_BYaUreBM8y_IEfe_rwKdiHHKbL3ZAc3wRnO-xtdxvrv17p1M34Dl3GdPINV16lbf4ID3R270si4d-s8g5TlxZyKwbbssrZATQ1DzyCbSCHZnjnChR2hKUNc9IL6kIYI1PW9DLZk9jxp578_cnnSFbCl79YYh24wt3pbB4IqxFDdSjv_O_nPli72ffZ51gcK7jMDkg&sig=Cg0ArKJSzMm_GDoIU-7rEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0448BFFAD02A2E9AABBB24E8BA4EF679
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFBDD300B7314734F23703087D94866A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Familiar territory: Hollywoodbets’ Devin Heffer on the gains down in Africa - EGR Intel

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

71
Requests

97 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

16
IPs

4
Countries

1563 kB
Transfer

4274 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/uas/login?session_redirect=https://www.linkedin.com/shareArticle?mini=true&url=//www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/&title=Familiar%20territory:%20Hollywoodbets%E2%80%99%20Devin%20Heffer%20on%20the%20gains%20down%20in%20Africa&summary=&source=AddToAny

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Familiar%20territory:%20Hollywoodbets%E2%80%99%20Devin%20Heffer%20on%20the%20gains%20down%20in%20Africa//www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/&related=AddToAny,micropat

Search URL Search Domain Scan URL

URL: https://www.facebook.com/login.php?skip_api_login=1&api_key=966242223397117&signed_next=1&next=https://www.facebook.com/sharer/sharer.php?u=//www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/&t=Familiar%20territory:%20Hollywoodbets%E2%80%99%20Devin%20Heffer%20on%20the%20gains%20down%20in%20Africa&quote&cancel_url=https://www.facebook.com/dialog/close_window/?app_id=966242223397117&connect=0#_=_&display=popup&locale=en_US

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=//www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/ 79 KB
23 KB 1315ms
1271ms Document
text/html 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: bb83b5a1e3e4a0d5b6a053b57760ed9b9a2660c9b86fe68be83baaa6843a09d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-transform
content-encoding: gzip
content-length: 22003
content-type: text/html; charset=UTF-8
date: Mon, 08 Apr 2024 09:07:22 GMT
link: <//www.egr.global/intel/wp-json/>; rel="https://api.w.org/", <//www.egr.global/intel/wp-json/wp/v2/posts/69964>; rel="alternate"; type="application/json", <//www.egr.global/intel/?p=69964>; rel=shortlink
server: Pagely-ARES/1.20.1
vary: Accept-Encoding,Accept-Encoding
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-id: 5R2kRmvUm6cpHRseNFbnXrqIGI8DmLgKmly5umEv6u_Tvn3NvdQwRg==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
x-gateway-cache-key: 1712051734.677|standard|https|www.egr.global|||/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
x-gateway-cache-status: MISS
x-gateway-rate-limit-whitelisted: app42754-ip_list_generated
x-gateway-request-id: d7ffc9e604765ad49800063aac2dfbaf
x-gateway-skip-cache: 0
x-pagely-cache: all_caching_disabled
x-zephr-cache: miss

GET
H2 200 style.min.css
www.egr.global/intel/wp-includes/css/dist/block-library/ 108 KB
15 KB 20ms
18ms Stylesheet
text/css 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Fri, 05 Apr 2024 02:59:35 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 281267
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14500
x-gateway-cache-status: MISS
x-gateway-request-id: 80464188db7a021ee4a66c79cf6c93a4
last-modified: Tue, 30 Jan 2024 22:25:41 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1709640793.819||https|www.egr.global|||/intel/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 5QRBl2TCCmTYTyUcSzi-LOfAZ0ld_eRLl_FDXw-xphn7Lt4QSeFiBA==
expires: Sun, 05 May 2024 02:59:35 GMT

GET
H2 200 app.css
www.egr.global/intel/wp-content/themes/egr/assets/ 169 KB
35 KB 21ms
20ms Stylesheet
text/css 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-content/themes/egr/assets/app.css?ver=1.0.12
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 3ed138f78e3349f897f5a1897959cc89908af729657cfe44d6600d14b0ad50d7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Sun, 07 Apr 2024 06:19:45 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 96457
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 35559
x-gateway-cache-status: MISS
x-gateway-request-id: ce39948b4110a8c58879b7818cb8aca9
last-modified: Tue, 26 Mar 2024 08:08:23 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: text/css
x-gateway-cache-key: 1711627389.224||https|www.egr.global|||/intel/wp-content/themes/egr/assets/app.css?ver=1.0.12
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: PfhYpZe6Jti4igmeg3P1OHqPJ6RzBoQSESphLY0XkItMsjViRgF-Cg==
expires: Tue, 07 May 2024 06:19:45 GMT

GET
H2 200 facets-styles.css
www.egr.global/intel/wp-content/plugins/elasticpress/dist/css/ 4 KB
2 KB 24ms
22ms Stylesheet
text/css 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-content/plugins/elasticpress/dist/css/facets-styles.css?ver=6bf8a1bf958961284a92
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: f654daf3c97e162306c5b55dcf934cfd1da77e401bd112efa74cc5ee68abeb58

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Sun, 17 Mar 2024 02:05:44 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 1926098
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 903
x-gateway-cache-status: MISS
x-gateway-request-id: f8d1bcc12f3f049b0ed419c8ddb1e628
last-modified: Wed, 23 Aug 2023 16:03:30 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: text/css
x-gateway-cache-key: 1709640793.819||https|www.egr.global|||/intel/wp-content/plugins/elasticpress/dist/css/facets-styles.css?ver=6bf8a1bf958961284a92
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: x6kOLQSSgeHnqDbbCXDFCtiauExAxtqb5EmmIGDa-TgoW4Fib69IdA==
expires: Tue, 16 Apr 2024 02:05:44 GMT

GET
H2 200 default.css
www.egr.global/intel/wp-content/plugins/tablepress/css/build/ 6 KB
3 KB 25ms
23ms Stylesheet
text/css 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-content/plugins/tablepress/css/build/default.css?ver=2.2.5
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Fri, 22 Mar 2024 06:01:22 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 1479960
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2454
x-gateway-cache-status: MISS
x-gateway-request-id: 2b947d13afb1431aaad72a0c3ccb83df
last-modified: Mon, 19 Feb 2024 19:32:39 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: text/css
x-gateway-cache-key: 1709640793.819||https|www.egr.global|||/intel/wp-content/plugins/tablepress/css/build/default.css?ver=2.2.5
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 6qUjRzTjZEdEu4SW0D1RCHT8fp9turQcGCPkxuF_iyE9HOSwXuVGaA==
expires: Sun, 21 Apr 2024 06:01:22 GMT

GET
H2 200 addtoany.min.css
www.egr.global/intel/wp-content/plugins/add-to-any/ 1 KB
1 KB 39ms
38ms Stylesheet
text/css 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Mon, 08 Apr 2024 07:45:36 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 22139
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 487
x-gateway-cache-status: MISS
x-gateway-request-id: ff16e95438b134c1ccb60d6aac756526
last-modified: Mon, 22 Aug 2022 14:06:12 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1709640793.819||https|www.egr.global|||/intel/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: cSPzc1_hHPtMdSmSBqPKr6OI0Q4Oq5oJosfBqjOJ94OJi2wM9p-Arg==
expires: Wed, 08 May 2024 02:58:23 GMT

GET
H3 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 46ms
26ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6144
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"257f9651f9cfd949f6dde30f51352116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEB95Bdw2zzr5lbBykEz3hREaz96DoswfLVs%2F2K7l2JULtEwSVIlneeJQlZQ2C4CUvIWRysztYV07wSwYcivr3PJYZEp5qJCl%2FlWsQansVvUG1d7IJKKW2T3qNeFLwtzEsej0T8e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 87111b4f4ce12c5e-FRA

GET
H2 200 jquery.min.js Show response
www.egr.global/intel/wp-includes/js/jquery/ 86 KB
30 KB 32ms
30ms Script
application/javascript 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Thu, 04 Apr 2024 04:28:07 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 362355
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 30419
x-gateway-cache-status: MISS
x-gateway-request-id: 6af23ac020c6246e361dc6783eec0bd2
last-modified: Tue, 30 Jan 2024 22:25:41 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1707768361.757||https|www.egr.global|||/intel/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Uk6qHRlhhE2B91XOi_a4ycdNFAvipfPNanUYVcV5-UQEx53juFU5fQ==
expires: Sat, 04 May 2024 04:28:07 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.egr.global/intel/wp-includes/js/jquery/ 13 KB
5 KB 34ms
33ms Script
application/javascript 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Mon, 01 Apr 2024 04:29:38 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 621464
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4872
x-gateway-cache-status: MISS
x-gateway-request-id: 32b15cdf2423e9ecda6225975fe8aced
last-modified: Tue, 30 Jan 2024 22:25:41 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding
x-gateway-skip-cache: 0
x-gateway-cache-key: 1707768361.757||https|www.egr.global|||/intel/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 3j_x6LAGlsNq9UnMW6NsDWT9gsFhqNADGFYjqZAueJWK9GUPaaardQ==
expires: Wed, 01 May 2024 04:29:38 GMT

GET
H3 200 addtoany.min.js Show response
www.egr.global/intel/wp-content/plugins/add-to-any/ 129 B
629 B 16ms
15ms Script
application/javascript 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Mon, 11 Mar 2024 07:34:46 GMT
content-encoding: gzip
via: 1.1 14930ca61b5acb472c19a8d7b170ad10.cloudfront.net (CloudFront)
age: 2424756
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 126
x-gateway-cache-status: MISS
x-gateway-request-id: 83a101168e49dc780343fd5b4d066c26
last-modified: Mon, 22 Aug 2022 14:06:12 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1709640793.819||https|www.egr.global|||/intel/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 5Lxomovi2jIOfz4SlqMAie0DS3FJCUTPHpX_fvE7wzqqSMLxNNO5cQ==
expires: Wed, 10 Apr 2024 07:34:46 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 49ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js?ver=6.4.3
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 08 Apr 2024 09:07:22 GMT
Content-Encoding: gzip
Age: 251
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/67DF)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 app.js Show response
www.egr.global/intel/wp-content/themes/egr/assets/ 45 KB
16 KB 38ms
37ms Script
application/javascript 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-content/themes/egr/assets/app.js?ver=1.0.3
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 42eac437699b55c6a92c7fc641cdd161790f7b96558afcb37cf449169fd7cfa2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Sun, 17 Mar 2024 02:05:44 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 1926098
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 16217
x-gateway-cache-status: MISS
x-gateway-request-id: 00cc23567f8945b94bea3ea3ee25efbe
last-modified: Tue, 06 Feb 2024 08:06:33 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1709640793.819||https|www.egr.global|||/intel/wp-content/themes/egr/assets/app.js?ver=1.0.3
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: HvCz0TdKUMJ9x3zyjub_NZ5F5gB6my83PZEm8FUMSP6L2hzgbHkiLA==
expires: Tue, 16 Apr 2024 02:05:44 GMT

GET
H2 200 r-scripts.js Show response
www.egr.global/intel/wp-content/themes/egr/js/ 9 KB
3 KB 36ms
35ms Script
application/javascript 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-content/themes/egr/js/r-scripts.js?ver=1.0.4
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 5920f1a0eda5ca1893cd6f00c41d1286857357cc5760c549491b54efb082123a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Thu, 28 Mar 2024 04:54:41 GMT
content-encoding: gzip
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 965561
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1995
x-gateway-cache-status: MISS
x-gateway-request-id: 5b753d5376dfb8a4f9d2fcf58391f3d4
last-modified: Tue, 26 Mar 2024 08:08:28 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1709640793.819||https|www.egr.global|||/intel/wp-content/themes/egr/js/r-scripts.js?ver=1.0.4
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: P5hAxrQ6q5GbXLEW-UhyrYORr-SKU95PU04XHDBCPlgjTTwP8gTyRw==
expires: Sat, 27 Apr 2024 04:54:41 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 192ms
79ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a73cc2436774e248dd1bc17d5835920b1a9ed2540911415a8ddcaff1eb5dee88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29560
x-xss-protection: 0
server: cafe
etag: 688 / 19821 / 31082449 / config-hash: 510834818314266578
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 09:07:22 GMT

GET
H2 200 logo-dark.png
www.egr.global/intel/wp-content/themes/egr/images/ 6 KB
7 KB 35ms
34ms Image
image/png 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.egr.global/intel/wp-content/themes/egr/images/logo-dark.png
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 6291e9a4e418cb9d8af157610ad1e2045191843eeb77b3d939ec702b170f1d71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Tue, 02 Apr 2024 06:34:39 GMT
via: 1.1 a1e8102a85e1e5a1d6e04d628d5dc180.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 527563
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6286
x-gateway-cache-status: MISS
x-gateway-request-id: 07db2cce4e451e5197f74c16c9a4f115
last-modified: Tue, 26 Mar 2024 08:08:28 GMT
server: Pagely-ARES/1.20.1
x-gateway-skip-cache: 0
content-type: image/png
x-gateway-cache-key: 1711627389.224||https|www.egr.global|||/intel/wp-content/themes/egr/images/logo-dark.png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: iKgO3cJloyoLAY6-yxGdiFTHWh3BG35En6lmGLi3VlpTclN_nKfrkQ==
expires: Thu, 02 May 2024 06:34:39 GMT

GET
H2 200 25edff98a323e613679eef883a8858dd
secure.gravatar.com/avatar/ 1 KB
2 KB 27ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/25edff98a323e613679eef883a8858dd?s=96&d=mm&r=g
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT hhn 2
date: Mon, 08 Apr 2024 09:07:22 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="25edff98a323e613679eef883a8858dd.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/25edff98a323e613679eef883a8858dd?s=96&d=mm&r=g>; rel="canonical"
content-length: 1447
alt-svc: h3=":443"; ma=86400
expires: Mon, 08 Apr 2024 09:12:22 GMT

GET
BLOB 200
OK befd3143-5bf2-4a60-9e7f-22da3375ec2f
https://www.egr.global/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.egr.global/befd3143-5bf2-4a60-9e7f-22da3375ec2f
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
78 KB 147ms
54ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NWSDCQC

Requested by

Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9e30b5205f98784abfc6d5fa3a0a2bcae7cf1d6e741514bd6adf56c1b0b3860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79368
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Apr 2024 09:07:22 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1be5f40331078bccd27cb5b341994c6e6d0f7886941729f1bd7406c8c334d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46bcee1d2ebeb716dbb98b11f2672104fbdcb8de28b87e92e2620c936901a721

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c9c09ce313dd9f2fbc1dccb4beb7aee99832409b240b5d2712241cc00de816

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 344 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcc5755a11f6cd3bd9ab23d0bed732cac3570c7f658ce51846666e956f1ff182

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 424 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 829aaf3f68ae81ed0daffde51dd4f70a0363b77d97dc85ad46c8c67412432cfe

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 893 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e020e329b83b54006ccd5f97f0456deaca9aba6088c2cbcc732766e323c0ccf2

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d77010c303a10330d514c39e92013b029993c77b85f8ce337751893f7d2c1cdf

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 556 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5431103b7246e688407ad3e34d3ac0c0dcd5bd12b2c448d99a7b836a115ca3d0

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a6164a5395f1a67f125a8ea87489e9d92e573cae80b1364b9a311dcc952d65c

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 581 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d1f415558d232e3df519541b261bc20377b1cb408fb063ca9ed488c4b096c76

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 755 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fee27b3d14413b9aa361d7b31d92b379ca24b1094749084f2c27d72dcde4c98d

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 356 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68d2644961c08369d5b0f0aff136ffcec07efa8e50b433a3aee3f8231904c1f7

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 511 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: deff3ab019172ec8fdc901fadb5f106a1a89fe4da4c8c92dbf620830234c6202

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 641 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2cfb888077983aa8114fd21feba5b512730a8090f25df5ea2b75dde0a7bff73

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 datalayer Show response
www.egr.global/blaize/ 115 B
706 B 93ms
93ms XHR
application/json 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/blaize/datalayer
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: /
Resource Hash: 00703b6b01fcc31eba5ad2fc3461d15f7d5e181f90aba3424420899a768eb65d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
via: 1.1 14930ca61b5acb472c19a8d7b170ad10.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 115
x-amz-cf-id: xkZy16FpVacYj5zhD2t-NHmDngYAgstli6Pd9HnZMDBsENTod_kRIw==
x-blaize-request: 67f7b531

GET
H3 200 wp-emoji-release.min.js Show response
www.egr.global/intel/wp-includes/js/ 18 KB
5 KB 15ms
15ms Script
application/javascript 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Sat, 06 Apr 2024 17:43:49 GMT
content-encoding: gzip
via: 1.1 14930ca61b5acb472c19a8d7b170ad10.cloudfront.net (CloudFront)
age: 141813
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5035
x-gateway-cache-status: MISS
x-gateway-request-id: da360a3dc074bab7a14a098aabbb543e
last-modified: Tue, 30 Jan 2024 22:25:41 GMT
server: Pagely-ARES/1.20.1
vary: Accept-Encoding,Accept-Encoding
x-gateway-skip-cache: 0
content-type: application/javascript
x-gateway-cache-key: 1711627389.224||https|www.egr.global|||/intel/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: h5AsFvXHPJlrupwydYhvjB37U4ZSjdK67jlztL1e5YHI10GcKPwzBA==
expires: Mon, 06 May 2024 17:43:49 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame F2DF 0
0 68ms
22ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.egr.global
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=6.4.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash

Request headers

Referer: https://www.egr.global/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1224911
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Apr 2024 09:07:22 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
DATA 200
OK truncated
/ 115 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceb4ceff982b7d4e74bff9634ed830585f0b0b6b0a53ac6ba8bef9f3a9fc248b

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0591e959ca4ef86981cef1142256caa9d457c5f6ce02b0bf698c22e9b1f8562

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1981e7296fa9b3a5bb391be925feab241ddd0e24e11ed4c7af8bea7a7ee2cfd3

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 277 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2badb0b57d419f9f4359b255cf48ed651e449dff9333581a376bb5554819486

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 562 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47d139071673b2fa231e36f51eb9419deb99e11d5507e9f7f17d6dcf223429e2

Request headers

Referer
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame 4084 0
0 41ms
32ms Document
text/html 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.egr.global/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 23536
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 87111b4f89ab9b9a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 08 Apr 2024 09:07:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wyqmb8g5Lmb9vZXzlOoJo3MLj5J47JxlLxX2FJrEICsTUF61wEh8nRfkUrq9eYqpUI1XXlPVQFPZQjXa7KOSJT6kY4HjgA%2F4hD4GvZeEJBGqC2RK1Bu33V5HKHQHZGPgMYYO04aY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.Ep5bSEmr.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 36ms
20ms Script
application/javascript 172.67.39.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
Origin: https://www.egr.global
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23140
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"a995aaed2cd978eb5749462d1dc3635e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dlSHx3yRq1Rx5N9EKtlIzVUDMZkjSaaEockSdksuGN4mYhIDPgLZJoZXejw%2FhSOqxELy5ayUDPPKzBKYRwyR8SgWUhYlfjzAJ9ojdbuxjGJYXxshbe9020ifRPNElNAscylqirtf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 87111b4f8c9e71e2-FRA

GET
H2 200 OtAutoBlock.js Show response
cdn-ukwest.onetrust.com/consent/72efa1b2-8825-4d40-a3c2-c1982058df9d-test/ 6 KB
3 KB 82ms
47ms Script
application/x-javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/72efa1b2-8825-4d40-a3c2-c1982058df9d-test/OtAutoBlock.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWSDCQC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221d5545c9c0d0f54514d410c5d408668e5c10f2f3aa8c40dc74d92943add094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 27990
content-md5: NFvGfic6oekxHeqXQaLC4Q==
content-length: 2130
x-ms-lease-status: unlocked
last-modified: Wed, 18 Jan 2023 10:10:41 GMT
server: cloudflare
etag: 0x8DAF93C410692C1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 704f80f1-c01e-0030-53d4-7a7eb1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87111b50e84390fb-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/ 441 KB
138 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

826ad5ca08cda186fbf03678587298a48c69a6e4a8c426c3a7aa5bcf45a61878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Apr 2024 19:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50789
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141434
x-xss-protection: 0
server: cafe
etag: 9020292414496593553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 07 Apr 2025 19:00:53 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 59 B
66 B 155ms
79ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.egr.global

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

83b229d4f14acd7eb61280ce6668ceb1324ae4deddac1a95b6ae2f03ebb90c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Mon, 08 Apr 2024 09:07:22 GMT

GET
H2 200 otSDKStub.js Show response
cdn-ukwest.onetrust.com/scripttemplates/ 21 KB
7 KB 38ms
37ms Script
application/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWSDCQC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 66406
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Tue, 02 Apr 2024 17:25:07 GMT
server: cloudflare
etag: 0x8DC5339D761FF7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4ff30e72-c01e-0068-79d4-853163000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87111b51389290fb-FRA
expires: Tue, 09 Apr 2024 09:07:22 GMT

GET
H2 200 72efa1b2-8825-4d40-a3c2-c1982058df9d-test.json Show response
cdn-ukwest.onetrust.com/consent/72efa1b2-8825-4d40-a3c2-c1982058df9d-test/ 3 KB
2 KB 81ms
42ms XHR
application/x-javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/72efa1b2-8825-4d40-a3c2-c1982058df9d-test/72efa1b2-8825-4d40-a3c2-c1982058df9d-test.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

861fbf987ad00ddbc80f43398585f7513bbb634cfa651a4ac94b262ce77f0296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 63523
content-md5: sGOjFzzEnFy+wx/rHZWZTA==
content-length: 1430
x-ms-lease-status: unlocked
last-modified: Wed, 18 Jan 2023 10:10:41 GMT
server: cloudflare
etag: 0x8DAF93C4100039B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: db883c57-901e-0023-7cd4-7a4b50000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87111b51dbdc1cc3-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 55ms
52ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z4E3913J7P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWSDCQC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c197081c2a154438a7b2500be628dbdfd02d076265f1c6f692e947c1f4b80fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Apr 2024 09:07:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 119ms
35ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWSDCQC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Apr 2024 07:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5320
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 08 Apr 2024 09:38:42 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 444 KB
45 KB 228ms
154ms Fetch
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=938730059263853&correlator=4457214784985450&eid=95327888%2C31082449&output=ldjh&gdfp_req=1&vrg=202404020201&ptt=17&impl=fifs&ltd_cs=1&iu_parts=21696142220%2Cegr%2CTop_LBTop_LB%2CTop_LBMid_LB1%2CTop_LBDT_Mid_LB2%2CTop_LBBot_LB%2CTop_LBMPU%2CTop_LBDMPU%2CTop_LBLogin_DMPU%2CTop_LBSky_Left%2CTop_LBSky_Right%2CTop_LBLogin_Upper%2CTop_LBLogin_Lower%2CTop_LBMob_Sticky_LB%2CTop_LBMob_Sticky_Login_LB%2CTop_LBLogin_LB&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F14%2C%2F0%2F1%2F15&prev_iu_szs=970x90%7C728x90%2C970x90%7C728x90%2C970x90%7C728x90%2C970x90%7C728x90%2C728x90%2C728x90%2C300x250%2C300x600%2C300x600%2C120x600%2C120x600%2C728x90%2C728x90%2C320x50%2C320x50%2C728x90&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1712567242525&lmt=1712567242&adxs=315%2C-12245933%2C252%2C-12245933%2C546%2C-9%2C-9%2C1198%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=1%2C-12245933%2C36%2C-12245933%2C1560%2C-9%2C-9%2C911%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C-1%7C1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fwww.egr.global%2Fintel%2Finsight%2Ffamiliar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa%2F&vis=1&psz=1600x2%7C970x0%7C970x2%7C1380x0%7C1380x2%7C0x-1%7C0x-1%7C297x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=970x2%7C970x2%7C970x2%7C970x2%7C728x2%7C0x-1%7C0x-1%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=516%2C132%2C4%2C132%2C4%2C2%2C2%2C4%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=970%2C970%2C970%2C1380%2C728%2C0%2C0%2C297%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=2076673037.1712567243&ga_sid=1712567243&ga_hid=1183302610&ga_fc=false&dlt=1712567242037&idt=440&prev_scp=pos%3DLB1%7Cpos%3DLB1_Mob%7Cpos%3DLB2%7Cpos%3DLB2_Mob%7Cpos%3DDTLB3%7Cpos%3DLB4%7Cpos%3DMPU%7Cpos%3DDMPU%7Cpos%3DloginDMPU%7Cpos%3DSkyLeft%7Cpos%3DSkyRight%7Cpos%3DloginCompPosUpper%7Cpos%3DloginCompPosLower%7Cpos%3DStickyMobLB%7Cpos%3DStickyMobLoginLB%7Cpos%3DloginMobLB&cust_params=network%3Dintel%26environment%3Dprod%26adsState%3Dlive&adks=536563047%2C3889561729%2C1970555587%2C1940841984%2C4044585487%2C370557972%2C3911429239%2C646816947%2C2366802546%2C1402404784%2C1976895589%2C2329264309%2C907831410%2C1109292703%2C462551519%2C1359785348&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

fda27b8efc4522c2614f6dcf89a83ec3e9929714b52182fa8099e22b2d538f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46204
x-xss-protection: 0
google-lineitem-id: 6018508275,-2,6526726786,-2,-2,-2,6371398946,6496139685,6422346218,6699700276,6699700276,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138392699467,-2,138470991184,-2,-2,-2,138465036131,138468837184,138456172982,138470273283,138470273286,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.egr.global
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 152ms
79ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404020201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

86caef428595c5e1c0cec778d1b4f420db8a419eae95497a7c966b0ce6d55ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12185
x-xss-protection: 0

GET
H2 200 container.html
a06c00c59eefa112ef3dee3ac6e506f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D2E3 0
0 171ms
67ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a06c00c59eefa112ef3dee3ac6e506f0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.egr.global/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Apr 2024 09:07:22 GMT
expires: Tue, 08 Apr 2025 09:07:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fav-global.png
www.egr.global/intel/wp-content/uploads/sites/2/2023/05/ 2 KB
2 KB 21ms
21ms Other
image/png 99.84.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.egr.global/intel/wp-content/uploads/sites/2/2023/05/fav-global.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.84.88.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-47.muc50.r.cloudfront.net
Software: Pagely-ARES/1.20.1 /
Resource Hash: e8afab0285455b375c9dd2a8e48b73ab087c7ec90c5e038cbdac812992413f71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-zephr-cache: miss
date: Fri, 15 Mar 2024 11:11:15 GMT
via: 1.1 14930ca61b5acb472c19a8d7b170ad10.cloudfront.net (CloudFront)
age: 2066167
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1735
x-gateway-cache-status: MISS
x-gateway-request-id: b385f51a1b41ee1823012ae40d93942c
last-modified: Wed, 03 May 2023 11:05:11 GMT
server: Pagely-ARES/1.20.1
x-gateway-skip-cache: 0
content-type: image/png
x-gateway-cache-key: 1709640793.819||https|www.egr.global|||/intel/wp-content/uploads/sites/2/2023/05/fav-global.png
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: YOCRyAkNFNpxE4EEp_O7hiNxCvxk8ZWdEQnNSq3x1h1rnOjj1wWTGQ==
expires: Sun, 14 Apr 2024 11:11:15 GMT

GET
H2 200 otBannerSdk.js Show response
cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/ 392 KB
94 KB 30ms
30ms Script
application/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063a721d5e221c66b0b3b52b66fd39f634d49e9aa16827ac5281666257d84e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: fVkC4hw/1GZwVOLkH8kBAQ==
age: 66365
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 95639
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 18:09:24 GMT
server: cloudflare
etag: 0x8DAEF47FA202F01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5c1eaa32-a01e-004d-1ed4-7ae279000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87111b52193490fb-FRA
expires: Tue, 09 Apr 2024 09:07:22 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 53ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z4E3913J7P&gtm=45je4430v9111233788z8898679183za200&_p=1712567242113&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2076673037.1712567243&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712567242&sct=1&seg=0&dl=https%3A%2F%2Fwww.egr.global%2Fintel%2Finsight%2Ffamiliar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa%2F&dt=Familiar%20territory%3A%20Hollywoodbets%E2%80%99%20Devin%20Heffer%20on%20the%20gains%20down%20in%20Africa%20-%20EGR%20Intel&en=page_view&_fv=1&_ss=1&up.zephr_user_id=ddaece3c-197b-4b90-8437-3b4767a2e78f&up.user_logged_in=false&tfd=1898
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z4E3913J7P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 08 Apr 2024 09:07:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.egr.global
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn-ukwest.onetrust.com/consent/72efa1b2-8825-4d40-a3c2-c1982058df9d-test/ca05f145-122d-4d99-b606-6252fde6abb6/ 38 KB
11 KB 49ms
49ms Fetch
application/x-javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/consent/72efa1b2-8825-4d40-a3c2-c1982058df9d-test/ca05f145-122d-4d99-b606-6252fde6abb6/en.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e75bd5a996639bbf931281e6d5af4bf5bb1f469c718747171902fd1c4aa33112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 63519
content-md5: bSYAsZV+F4yes6oq1124cA==
content-length: 10774
x-ms-lease-status: unlocked
last-modified: Wed, 18 Jan 2023 10:10:44 GMT
server: cloudflare
etag: 0x8DAF93C434EA3E4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 361349cd-e01e-006f-6009-7c5d00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87111b526c651cc3-FRA

GET
H2 200 otFlat.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/ 13 KB
3 KB 34ms
31ms Fetch
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/otFlat.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: zqQbOscO3o5SqFKuQoJ/AA==
age: 63519
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 18:09:13 GMT
server: cloudflare
etag: 0x8DAEF47F34E6366
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4b3b0424-801e-001e-66d4-7afe76000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87111b52ed0b1cc3-FRA
expires: Tue, 09 Apr 2024 09:07:22 GMT

GET
H2 200 otPcCenter.json Show response
cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/v2/ 61 KB
12 KB 40ms
39ms Fetch
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29f9fcd87e27d4d0d0aabb7e633fa0c0ec7038ebebcad0033fa9a91831205878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: XXQ/19qk1P30LeI2+X3S1Q==
age: 63519
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12551
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 18:09:15 GMT
server: cloudflare
etag: 0x8DAEF47F4E6463D
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 72365369-601e-001f-34d4-7aff8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87111b52ed0d1cc3-FRA
expires: Tue, 09 Apr 2024 09:07:22 GMT

GET
H2 200 otCommonStyles.css Show response
cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/ 21 KB
4 KB 39ms
38ms Fetch
text/css 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/assets/otCommonStyles.css

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 31
x-ms-lease-status: unlocked
last-modified: Thu, 05 Jan 2023 18:09:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: af7065c5-c01e-0056-61d4-7acceb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87111b52ed0e1cc3-FRA
expires: Tue, 09 Apr 2024 09:07:22 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 305ms
217ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 09:07:22 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame C3BF 0
0 181ms
101ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvtxlgohNUJRvs4e5fqE0VDVSbhCeK3TUh2S3o5FszrLqlN2G7E_Mqe878IdSGR99PFiRlJhvgdC7ww5LIofIEaNLkVK1erUljtkRoRFUiQHO3C45DJYqqWf4d1XArl2Hwrhdc_AllfufS3Us8Tb0GvX2JLm884InorYfKlyKEusBbH7MRJvYTVw7KBWthrBnmj-jp478HpF7U2JATV_dMCl8ViFW3mp2sy5PBhlSnE-TIO29sNiehnQ39gxKfjCSMhIxoOQ89wDF2TyS3jq-auO8BPV6afCMfvVzG95OrQtfE5z28LhAaRpvGnd7_aTFSQmLFLj3LZFIUQdd1DRnvJRoFYAp_S1MZoL3HQZZUPAaIE&sig=Cg0ArKJSzNyICkPO4XpNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/ Frame C3BF 23 KB
9 KB 116ms
37ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Apr 2024 08:33:08 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C3BF 215 KB
65 KB 116ms
37ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d3539a95bd009f3c22e17b34e20a40d77b633533a972eb959fd3cfc512d92436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66558
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 09:33:09 GMT

GET
H2 200 14564450027686676388
tpc.googlesyndication.com/simgad/ Frame C3BF 83 KB
84 KB 50ms
37ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14564450027686676388?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aacf42efdb34b1e3d32f6676f6d1085ee94e21cbac4ddb7907a8d6f53e57061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 02 Apr 2025 02:07:15 GMT
date: Tue, 02 Apr 2024 02:07:15 GMT
x-content-type-options: nosniff
age: 543607
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85230
x-xss-protection: 0
last-modified: Wed, 18 May 2022 14:22:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D2DB 0
0 167ms
101ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstIRCOajrS0HnGES6BbLmVxSdAco7PbrHJZUPsVWvtm4baBxvOOOO-qqKPmSgn_brURiZlSkoB1Vt9RgdBYMMwdKcTdxqZ9uMWV7XdgY1M8wVQXnc8TTrkGE-QNl4T9O3UFT33CxV3i3Dw9965uxeOZ_lyW8hZhz0s7OCcTS1lDRjliQ4tfOVzkYJ-zB_sg2pk3oVeOTp8x_YkpQ6gaFE5SxIAV3NSvGp0T8QxMI66TgUq_YYgofuz3WxZgKHY0dpEo7ckElas1FqqZ4Cjv3IkJt6KJ5q4_1zaqsGytiFcGExcBEtykZzYya5dG8MzUXh0b-hTO8R8LZH0H3OJCwKSR-7JPgFkAlMSXXD8mxyo2mg&sig=Cg0ArKJSzIIc9o19eGYGEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/ Frame D2DB 23 KB
9 KB 225ms
160ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Apr 2024 08:33:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/client/ Frame D2DB 3 KB
1 KB 233ms
168ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Apr 2024 08:33:08 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D2DB 215 KB
65 KB 126ms
61ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d3539a95bd009f3c22e17b34e20a40d77b633533a972eb959fd3cfc512d92436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66558
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 09:33:09 GMT

GET
H2 200 18279719110186303155
tpc.googlesyndication.com/simgad/ Frame D2DB 218 KB
218 KB 111ms
111ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18279719110186303155

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14e4b1b688e6dd7f792fb5815d2620f0c03eb081fde6d53f55016de7786883d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Apr 2025 07:48:51 GMT
date: Wed, 03 Apr 2024 07:48:51 GMT
x-content-type-options: nosniff
age: 436711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 223081
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 07:36:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0448 0
0 160ms
101ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvi9Mncfll2H6Ot4DdCO0i8RZ88Aw9sb8U6-mc3Fpqsls7gaFKJdR6_Oo1kBMhJZPemYnCFmbQOt5lYx3bpK-Oo28ANB4pCeM1XmGIqMG2GQBhCgvRZcBjWFd1HwCz-YMAIptcyfnXqionlgOgl-ofHKMtZYYYDMtwE_BYaUreBM8y_IEfe_rwKdiHHKbL3ZAc3wRnO-xtdxvrv17p1M34Dl3GdPINV16lbf4ID3R270si4d-s8g5TlxZyKwbbssrZATQ1DzyCbSCHZnjnChR2hKUNc9IL6kIYI1PW9DLZk9jxp578_cnnSFbCl79YYh24wt3pbB4IqxFDdSjv_O_nPli72ffZ51gcK7jMDkg&sig=Cg0ArKJSzMm_GDoIU-7rEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.egr.global
URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/ Frame 0448 23 KB
9 KB 220ms
162ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9118
x-xss-protection: 0
server: cafe
etag: 6094826908298432593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Apr 2024 08:33:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/client/ Frame 0448 3 KB
1 KB 219ms
161ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:33:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Apr 2024 08:33:08 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0448 215 KB
65 KB 106ms
48ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d3539a95bd009f3c22e17b34e20a40d77b633533a972eb959fd3cfc512d92436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66558
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 09:33:09 GMT

GET
H2 200 878178757827660804
tpc.googlesyndication.com/simgad/ Frame 0448 186 KB
186 KB 169ms
169ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/878178757827660804

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f76eb2846438bf41fd7b704a08711e82ab6b6303180cabb7f7262e82d4adae14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 06 Apr 2025 05:51:29 GMT
date: Sat, 06 Apr 2024 05:51:29 GMT
x-content-type-options: nosniff
age: 184553
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190529
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 10:52:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D2DB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14778a23097dc6546c4e8bffa4d7f5636d713ab16587be5c5cf63b75dcc16b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0448 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19a401def4b8274ca02dc7efd7803ac769ec1b2c2c3b993d01093c92d3129eae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ot_guard_logo.svg Show response
cdn-ukwest.onetrust.com/logos/static/ 497 B
494 B 32ms
32ms Fetch
image/svg+xml 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_guard_logo.svg

Requested by

Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/202212.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 85571
x-ms-lease-status: unlocked
last-modified: Tue, 02 Apr 2024 17:25:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c06a5597-f01e-004c-5c90-85c7c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87111b53adcb1cc3-FRA
expires: Tue, 09 Apr 2024 09:07:22 GMT

GET
H2 200 ot_company_logo.png
cdn-ukwest.onetrust.com/logos/static/ 4 KB
4 KB 28ms
26ms Image
image/png 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/ot_company_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 66406
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Tue, 02 Apr 2024 17:25:19 GMT
server: cloudflare
etag: 0x8DC5339DECD27D3
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 96cd8354-f01e-0063-33d4-85ca08000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87111b53ea5190fb-FRA
expires: Tue, 09 Apr 2024 09:07:22 GMT

GET
H2 200 powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 5 KB
2 KB 29ms
27ms Image
image/svg+xml 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 08 Apr 2024 09:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 66405
x-ms-lease-status: unlocked
last-modified: Tue, 02 Apr 2024 17:25:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 60f5b926-a01e-0033-3ad4-850858000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87111b53ea5290fb-FRA
expires: Tue, 09 Apr 2024 09:07:22 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 45ms
45ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1183302610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.egr.global%2Fintel%2Finsight%2Ffamiliar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa%2F&ul=en-us&de=UTF-8&dt=Familiar%20territory%3A%20Hollywoodbets%E2%80%99%20Devin%20Heffer%20on%20the%20gains%20down%20in%20Africa%20-%20EGR%20Intel&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAEABAAAAACAAI~&jid=115705382&gjid=1075163080&cid=2076673037.1712567243&tid=UA-26133218-1&_gid=571286732.1712567243&_r=1&_slc=1&gtm=45He4430n81NWSDCQCv898679183za200&cd1=ddaece3c-197b-4b90-8437-3b4767a2e78f&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=193453601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

46c965d5fc745daf085cb433cc594fe99e219073190757780cb7b693b74c70fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Apr 2024 09:07:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.egr.global
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame C3BF 0
0 78ms
70ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsslof6HQTibJVf2SBbLoEK9zQK1wa_tghVDA-MFYKyVPLSHnfqThncl3l7O_Wob1h8Z1W6fy8G6q9rCFsjEHRbXtk1Rh2fLGqV8NGndnNkX0agBFKqB6PS6RQOs0KzsVQTAjmgtoDKsQSBZQjrw-46IhU1KUpGEVvWB6GLtua2Pwp3mtOCNf8q7rLmxRfEZJ8bQ8_LkyXB_pqsfj4FgOVTFpXxyiUUdiS-9k-CtVQoiS99WBaQBNdphryz4zy6hm50DftedhQ0ve5yO3TqKN-DYDQCwbZCq4QvwSm7cnUeiA2N15askuk4nFc9ivD8rpy16oge_GMwezFB_AKclIcEZQgCS4BNWOEltdrML5N2SM4hClqM&sig=Cg0ArKJSzFKvEUS5Px3DEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3BF 0
0 74ms
67ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 08 Apr 2024 09:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C3BF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 958cf1b8fa7991dae6a89cc7232ebc041382664e1dd674de4b8a3a8bca25346f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0448 0
0 75ms
74ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvgPL0mnMIDorYVv2m8MWc1njy6d52URtiJg5mNWF3E7stxiFJZIAu67T5rACHs70gs5v7mLQdC_k_Sba2YkXh53ZwHmntclu2EKKisgON_7I3V6tb3p8oyCCyBqQIvtfYw5Wyasnnv2BPoloBgvQL3v14VzT4mnsGClWsa6RGGcZSHt1OV89AdlWEBsxn2c2wKu0tyh6wPb_2e3k6bpJClv80NyYbcr4ly9LxaVROaKeb8gSxvCEm6tdFvxYYCaYfdTsfRRXgBNF24y8d6QZTcSqYBkhevkMJV9FR1rr1EWddtwDa9hGjUXyfEBYPjA1LeVl3LQSqSwJ-FTaopmXmzAZi2ocA5Kxb7M1z9bvpD&sig=Cg0ArKJSzCzBY6ItA5pEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0448 0
0 76ms
76ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 08 Apr 2024 09:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame D2DB 0
0 71ms
71ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssv3kGyEOgmUsiFxG9NiG-jLtmL_kXf0ghNjifww_OXm4NQXsYEYNuuThyMlA2txNpqLRdc0vewUhD-qql53sKnPToExCmQIVhy0BWfi38NfydTTOU-0trB-8ExS_X4JwAfU8h-xmJvqYQJTw7h3Amm0YGY-m7rYNq1Vaf35htxznS8ZT8sB85PR385uv1uf76vg8u9_PymLiQAqxPE8HGqVGZ_TKmey1S36qAjiOOPTwXugtnrMfYwZG7ffikCV66ifSJWO9NYCz-Jd3Ht7NU9FXBRhOtrXJxJEmNoTWhlaRoeWXdsbcN1FCYef-bJb3cHvwEcSfQFJ3FO8dqEwOJBqoCNEBpBuBf8zh0oADL2f5-u&sig=Cg0ArKJSzHq3vNfVdF8KEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2DB 0
0 67ms
66ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 08 Apr 2024 09:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 362ms
21ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26133218-1&cid=2076673037.1712567243&jid=115705382&gjid=1075163080&_gid=571286732.1712567243&npa=1&_u=YADAAEAAAAAAACAAI~&z=1470586146

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 08 Apr 2024 09:07:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.egr.global
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 57ms
55ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6RDBQNTVCB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

86b22ed9a6f0c778cd5e7b7920e24a232d5d52ee29efaf178f789faf27783f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 09:07:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Apr 2024 09:07:23 GMT

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFBD 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6RDBQNTVCB&gtm=45je4430v9165640292za200&_p=1712567242113&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=en-us&sr=800x600&cid=2076673037.1712567243&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.egr.global%2Fintel%2Finsight%2Ffamiliar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa%2F&dt=Familiar%20territory%3A%20Hollywoodbets%E2%80%99%20Devin%20Heffer%20on%20the%20gains%20down%20in%20Africa%20-%20EGR%20Intel&sid=1712567243&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=ddaece3c-197b-4b90-8437-3b4767a2e78f&tfd=2524
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6RDBQNTVCB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 08 Apr 2024 09:07:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.egr.global
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D2DB 42 B
64 B 69ms
69ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR3y8ZAwzZ8QwGAZqLQ_lv0SflumY-RHhA9ROKCW2QbEJUHabbXoIfRwJA2HNuzstoNKPUgS2VHmMzm3nN6rTS9Lgk6UgpCrm8pDFZdv9tGXDPrWPZK6tUFkMlfLu6v0xoAmIHjQ7o2BQOqQKGWdlfVKg5Fd5ViOrLDGs7&sig=Cg0ArKJSzN1r2641rlXZEAE&id=lidar2&mcvt=1000&p=126,340,216,1068&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240403&bin=7&avms=nio&bs=1600,1113&mc=1&vu=1&app=0&itpl=3&adk=1970555587&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&vs=4&r=v&co=850004300&rst=1712567242789&rpt=276&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 08 Apr 2024 09:07:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3BF 42 B
64 B 70ms
69ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstttbAluC5eB2sg3Wl65HjQIBXW3Qv3XyQaGAJDpMt-yT02xv_346cGvE5H7zX-YvwClL5snnKwavBJbM1yuAteNcW190L__AyuMLkUe1N4iN3slwP3s8Fzrjoj5W2BtkRb0MwK_MhiWqB4Y-ZFneEvQwoirbgYeqQlC3kT&sig=Cg0ArKJSzOW5SMZ7kTWSEAE&id=lidar2&mcvt=1001&p=1,436,95,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20240403&bin=7&avms=nio&bs=1600,1113&mc=0.96&vu=1&app=0&itpl=19&adk=536563047&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&vs=4&r=v&co=850004300&rst=1712567242775&rpt=241&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.egr.global/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 08 Apr 2024 09:07:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.egr.global/	1970-01-20 19:44:13	Name: egr_user_main_menu Value: intel
www.egr.global/	1970-01-20 23:04:23	Name: blaize_session Value: ffad7a96-ddc2-4a9e-95cd-1a21dcff0f97
www.egr.global/	1970-01-21 05:18:47	Name: blaize_tracking_id Value: ddaece3c-197b-4b90-8437-3b4767a2e78f
www.egr.global/	1970-01-20 19:52:52	Name: AWSALB Value: WWSAgIuYdYF5c8MjjapMen+ZsTzviuWcImGwpZ5SICUBovurO7gmpCh5WIVc1gksOElKIAuIRyS1nw4kOMurnKGVIicRPNx2ZN7giWS5WzT1xS3YS5knJ7KofvOP
www.egr.global/	1970-01-20 19:52:52	Name: AWSALBCORS Value: WWSAgIuYdYF5c8MjjapMen+ZsTzviuWcImGwpZ5SICUBovurO7gmpCh5WIVc1gksOElKIAuIRyS1nw4kOMurnKGVIicRPNx2ZN7giWS5WzT1xS3YS5knJ7KofvOP
.egr.global/	1970-01-21 05:18:47	Name: _ga_Z4E3913J7P Value: GS1.1.1712567242.1.0.1712567242.0.0.0
.egr.global/	1970-01-21 00:01:59	Name: __eoi Value: ID=9484408644c386f9:T=1712567242:RT=1712567242:S=AA-AfjbvhRppNbYqvpKiIazbJs2w
www.egr.global/	1970-01-21 04:28:23	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Apr+08+2024+11%3A07%3A22+GMT%2B0200+(Central+European+Summer+Time)&version=202212.1.0&isIABGlobal=false&hosts=&consentId=434c7c07-9e30-4e27-85f2-504e921bce6c&interactionCount=0&landingPath=https%3A%2F%2Fwww.egr.global%2Fintel%2Finsight%2Ffamiliar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa%2F&groups=C0002%3A0%2CC0001%3A1%2CC0004%3A0
.egr.global/	1970-01-21 05:18:47	Name: _ga Value: GA1.2.2076673037.1712567243
.egr.global/	1970-01-20 19:44:13	Name: _gid Value: GA1.2.571286732.1712567243
.egr.global/	1970-01-20 19:42:47	Name: _gat_UA-26133218-1 Value: 1
.egr.global/	1970-01-21 05:18:47	Name: _ga_6RDBQNTVCB Value: GS1.2.1712567243.1.0.1712567243.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.egr.global/intel/insight/familiar-territory-hollywoodbets-devin-heffer-on-the-gains-down-in-africa/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security	warning	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 34) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tpc.googlesyndication.com') does not match the recipient window's origin ('https://www.egr.global').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a06c00c59eefa112ef3dee3ac6e506f0.safeframe.googlesyndication.com
cdn-ukwest.onetrust.com
pagead2.googlesyndication.com
platform.twitter.com
region1.google-analytics.com
secure.gravatar.com
securepubads.g.doubleclick.net
static.addtoany.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.egr.global
www.google-analytics.com
www.googletagmanager.com
tpc.googlesyndication.com
142.250.185.98
142.250.186.130
172.67.39.148
2001:4860:4802:34::36
216.58.206.72
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::6812:2089
2a00:1450:4001:806::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9b
2a04:fa87:fffe::c000:4902
99.84.88.47
00703b6b01fcc31eba5ad2fc3461d15f7d5e181f90aba3424420899a768eb65d
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
063a721d5e221c66b0b3b52b66fd39f634d49e9aa16827ac5281666257d84e92
14778a23097dc6546c4e8bffa4d7f5636d713ab16587be5c5cf63b75dcc16b9c
14e4b1b688e6dd7f792fb5815d2620f0c03eb081fde6d53f55016de7786883d0
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1981e7296fa9b3a5bb391be925feab241ddd0e24e11ed4c7af8bea7a7ee2cfd3
19a401def4b8274ca02dc7efd7803ac769ec1b2c2c3b993d01093c92d3129eae
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
221d5545c9c0d0f54514d410c5d408668e5c10f2f3aa8c40dc74d92943add094
29f9fcd87e27d4d0d0aabb7e633fa0c0ec7038ebebcad0033fa9a91831205878
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ed138f78e3349f897f5a1897959cc89908af729657cfe44d6600d14b0ad50d7
42eac437699b55c6a92c7fc641cdd161790f7b96558afcb37cf449169fd7cfa2
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46bcee1d2ebeb716dbb98b11f2672104fbdcb8de28b87e92e2620c936901a721
46c965d5fc745daf085cb433cc594fe99e219073190757780cb7b693b74c70fd
47d139071673b2fa231e36f51eb9419deb99e11d5507e9f7f17d6dcf223429e2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5431103b7246e688407ad3e34d3ac0c0dcd5bd12b2c448d99a7b836a115ca3d0
54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef
56c9c09ce313dd9f2fbc1dccb4beb7aee99832409b240b5d2712241cc00de816
5920f1a0eda5ca1893cd6f00c41d1286857357cc5760c549491b54efb082123a
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6291e9a4e418cb9d8af157610ad1e2045191843eeb77b3d939ec702b170f1d71
68d2644961c08369d5b0f0aff136ffcec07efa8e50b433a3aee3f8231904c1f7
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d1f415558d232e3df519541b261bc20377b1cb408fb063ca9ed488c4b096c76
826ad5ca08cda186fbf03678587298a48c69a6e4a8c426c3a7aa5bcf45a61878
829aaf3f68ae81ed0daffde51dd4f70a0363b77d97dc85ad46c8c67412432cfe
83b229d4f14acd7eb61280ce6668ceb1324ae4deddac1a95b6ae2f03ebb90c2b
861fbf987ad00ddbc80f43398585f7513bbb634cfa651a4ac94b262ce77f0296
86b22ed9a6f0c778cd5e7b7920e24a232d5d52ee29efaf178f789faf27783f3c
86caef428595c5e1c0cec778d1b4f420db8a419eae95497a7c966b0ce6d55ac8
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
8a6164a5395f1a67f125a8ea87489e9d92e573cae80b1364b9a311dcc952d65c
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
958cf1b8fa7991dae6a89cc7232ebc041382664e1dd674de4b8a3a8bca25346f
9aacf42efdb34b1e3d32f6676f6d1085ee94e21cbac4ddb7907a8d6f53e57061
a1be5f40331078bccd27cb5b341994c6e6d0f7886941729f1bd7406c8c334d27
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a73cc2436774e248dd1bc17d5835920b1a9ed2540911415a8ddcaff1eb5dee88
b2badb0b57d419f9f4359b255cf48ed651e449dff9333581a376bb5554819486
bb83b5a1e3e4a0d5b6a053b57760ed9b9a2660c9b86fe68be83baaa6843a09d8
c197081c2a154438a7b2500be628dbdfd02d076265f1c6f692e947c1f4b80fd4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ceb4ceff982b7d4e74bff9634ed830585f0b0b6b0a53ac6ba8bef9f3a9fc248b
d3539a95bd009f3c22e17b34e20a40d77b633533a972eb959fd3cfc512d92436
d77010c303a10330d514c39e92013b029993c77b85f8ce337751893f7d2c1cdf
d9e30b5205f98784abfc6d5fa3a0a2bcae7cf1d6e741514bd6adf56c1b0b3860
dcc5755a11f6cd3bd9ab23d0bed732cac3570c7f658ce51846666e956f1ff182
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deff3ab019172ec8fdc901fadb5f106a1a89fe4da4c8c92dbf620830234c6202
e020e329b83b54006ccd5f97f0456deaca9aba6088c2cbcc732766e323c0ccf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75bd5a996639bbf931281e6d5af4bf5bb1f469c718747171902fd1c4aa33112
e8afab0285455b375c9dd2a8e48b73ab087c7ec90c5e038cbdac812992413f71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0591e959ca4ef86981cef1142256caa9d457c5f6ce02b0bf698c22e9b1f8562
f2cfb888077983aa8114fd21feba5b512730a8090f25df5ea2b75dde0a7bff73
f654daf3c97e162306c5b55dcf934cfd1da77e401bd112efa74cc5ee68abeb58
f76eb2846438bf41fd7b704a08711e82ab6b6303180cabb7f7262e82d4adae14
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fda27b8efc4522c2614f6dcf89a83ec3e9929714b52182fa8099e22b2d538f64
fee27b3d14413b9aa361d7b31d92b379ca24b1094749084f2c27d72dcde4c98d

www.egr.global Open in urlscan Pro 99.84.88.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

97 %HTTPS

67 %IPv6

9 Domains

13 Subdomains

16 IPs

4 Countries

1563 kBTransfer

4274 kBSize

12 Cookies

5 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.egr.global Open in urlscan Pro
99.84.88.47 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

97 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

16
IPs

4
Countries

1563 kB
Transfer

4274 kB
Size

12
Cookies

71 HTTP transactions
22 data transactions