espejos.tevasamorir.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://espejos.tevasamorir.com/
Effective URL:
https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Submission: On June 20 via api (June 20th 2024, 6:37:35 am UTC) from US — Scanned from NL

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 66 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is espejos.tevasamorir.com.
TLS certificate: Issued by GTS CA 1P5 on June 4th 2024. Valid for: 3 months.

This is the only time espejos.tevasamorir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 40	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 1	138.199.37.225 138.199.37.225	60068 (CDN77 _) (CDN77 _)
1 2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	20.60.88.36 20.60.88.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c09::54	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	20.50.88.242 20.50.88.242	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
66	21

40 188.114.97.3 (Amsterdam, Netherlands) 6 redirects

ASN13335 (CLOUDFLARENET, US)

espejos.tevasamorir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.225 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 _, GB)
PTR: 138-199-37-225.bunnyinfra.net

cdn.materialdesignicons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States) 1 redirects

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.60.88.36 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rrprodclientfilesbravo.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

malsup.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	tevasamorir.com 6 redirects espejos.tevasamorir.com	2 MB
9	google.com www.google.com — Cisco Umbrella Rank: 5 apis.google.com — Cisco Umbrella Rank: 217 accounts.google.com — Cisco Umbrella Rank: 45	83 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
3	windows.net rrprodclientfilesbravo.blob.core.windows.net	47 KB
3	jsdelivr.net 1 redirects cdn.jsdelivr.net — Cisco Umbrella Rank: 381	223 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 563	200 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	89 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	254 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114
1	github.io malsup.github.io — Cisco Umbrella Rank: 54824	13 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 10567	408 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	354 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2932	22 KB
1	materialdesignicons.com 1 redirects cdn.materialdesignicons.com — Cisco Umbrella Rank: 51077	710 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	100 KB
66	16

	Domain	Requested by
40	espejos.tevasamorir.com	6 redirects espejos.tevasamorir.com
6	www.google.com	espejos.tevasamorir.com www.gstatic.com
3	region1.google-analytics.com	www.googletagmanager.com
3	rrprodclientfilesbravo.blob.core.windows.net	espejos.tevasamorir.com
3	cdn.jsdelivr.net	1 redirects espejos.tevasamorir.com cdn.jsdelivr.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	connect.facebook.net	espejos.tevasamorir.com connect.facebook.net
2	www.google-analytics.com	espejos.tevasamorir.com az416426.vo.msecnd.net
2	apis.google.com	espejos.tevasamorir.com apis.google.com
1	www.facebook.com	connect.facebook.net
1	accounts.google.com	apis.google.com
1	malsup.github.io	espejos.tevasamorir.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.nl	espejos.tevasamorir.com
1	fonts.googleapis.com	espejos.tevasamorir.com
1	stats.g.doubleclick.net	az416426.vo.msecnd.net
1	www.gstatic.com	www.google.com
1	az416426.vo.msecnd.net	espejos.tevasamorir.com
1	cdn.materialdesignicons.com	1 redirects
1	www.googletagmanager.com	espejos.tevasamorir.com
66	20

This site contains links to these domains. Also see Links.

Domain
tevasamorir.com
referralrock.com

Subject Issuer	Validity	Valid
tevasamorir.com GTS CA 1P5	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.apis.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.nl WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-29` - `2024-06-27`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-04-10` - `2025-04-05`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Frame ID: 7883FB8E9323F428695FCE0D6929CED8
Requests: 60 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_OBQmAAAAAOfDcGi08NbwNCG4BwdaHz6OP3vo&co=aHR0cHM6Ly9lc3Blam9zLnRldmFzYW1vcmlyLmNvbTo0NDM.&hl=nl&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&cb=tt9xij6z1avu
Frame ID: EDF50CB482AE423240F6B09709CF526F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGPWkpAAAAABhdYWC8yrkh7Pw4tP75bZXTtPsQ&co=aHR0cHM6Ly9lc3Blam9zLnRldmFzYW1vcmlyLmNvbTo0NDM.&hl=nl&v=KXX4ARWFlYTftefkdODAYWZh&size=normal&sa=mp2_register&cb=mmnhj327ta01
Frame ID: 6E4D609466A3F989AF1C4F32F201D619
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: CBB52C91E02913B0457B07BE3481B12A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v15.0/plugins/login_button.php?app_id=1216825218481818&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310fc41d4677384d%26domain%3Despejos.tevasamorir.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fespejos.tevasamorir.com%252Ffb39ff3e8f78d8c07%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&max_rows=1&scope=public_profile%2C%20email&sdk=joey&show_faces=false&size=large&use_continue_as=true&width=300
Frame ID: 2368708562BDB0C09B5B5EB1D9744E9A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=KXX4ARWFlYTftefkdODAYWZh&k=6LcGPWkpAAAAABhdYWC8yrkh7Pw4tP75bZXTtPsQ
Frame ID: 521EB1B9F0CCD91D072C65C6B0239568
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AMORir - Acceso

Page URL History Show full URLs

https://espejos.tevasamorir.com/ HTTP 302
https://espejos.tevasamorir.com/promotion/1/ HTTP 302
https://espejos.tevasamorir.com/v2/1/register HTTP 302
https://espejos.tevasamorir.com/v2/1/passwordlessaccess Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

66
Requests

94 %
HTTPS

68 %
IPv6

16
Domains

20
Subdomains

21
IPs

4
Countries

2641 kB
Transfer

7691 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://tevasamorir.com/amorir
Title: Te Vas A Morir

Search URL Search Domain Scan URL

URL: https://referralrock.com/?utm_source=powered&utm_campaign=amorir&utm_medium=MP2
Title: Referral software by Referral Rock

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://espejos.tevasamorir.com/ HTTP 302
https://espejos.tevasamorir.com/promotion/1/ HTTP 302
https://espejos.tevasamorir.com/v2/1/register HTTP 302
https://espejos.tevasamorir.com/v2/1/passwordlessaccess Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.materialdesignicons.com/3.7.95/css/materialdesignicons.min.css HTTP 301
https://cdn.jsdelivr.net/mdi/3.7.95/css/materialdesignicons.min.css HTTP 301
https://cdn.jsdelivr.net/npm/@mdi/font@3.7.95/css/materialdesignicons.min.css

Request Chain 9

https://espejos.tevasamorir.com/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/19e229e4-f670-45c4-bd7b-a3cb3542c086.jpg HTTP 302
https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/19e229e4-f670-45c4-bd7b-a3cb3542c086.jpg

Request Chain 10

https://espejos.tevasamorir.com/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/e28bcac5-66ef-407f-a118-6479af023fef.jpg HTTP 302
https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/e28bcac5-66ef-407f-a118-6479af023fef.jpg

Request Chain 63

https://espejos.tevasamorir.com/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/a7f86409-2cfb-43f4-a0fe-21f54f446666.png HTTP 302
https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/a7f86409-2cfb-43f4-a0fe-21f54f446666.png

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request passwordlessaccess Show response
espejos.tevasamorir.com/v2/1/
Redirect Chain

https://espejos.tevasamorir.com/
https://espejos.tevasamorir.com/promotion/1/
https://espejos.tevasamorir.com/v2/1/register
https://espejos.tevasamorir.com/v2/1/passwordlessaccess

40 KB
13 KB

273ms
273ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

311ecbc5081216bf762b7efdbac252e55340589e18bd5547d0e92c5b5189f053

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
access-control-expose-headers: Request-Context
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8969c01e1a379726-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 20 Jun 2024 06:37:28 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTUv%2BhbkI2uxCOxGOsKAiIjSos6afIhNv%2B4DNBznTSqqzmRyOik1p9oxOPwwbBrZOMP%2B3PJ088YDht90INEGR9Y%2FM1FmCJyHUcvacxdWegVKgwRHR%2BIqOrp5nlVUritllkvWPOqikv9xbg%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:683234c1-44ae-4c0f-a0cc-363d1e4dad53
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-powered-by: ASP.NET

Redirect headers

access-control-allow-origin: *
access-control-expose-headers: Request-Context
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8969c01d39459726-AMS
content-type: text/html; charset=utf-8
date: Thu, 20 Jun 2024 06:37:28 GMT
location: /v2/1/passwordlessaccess
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjbE1LOVipUTWlSAhCgI7XDks5YGy1MB7UYzcWvSAjLmtjpbcoTXJPRRxR5G2GK3PEt8S%2Br8h%2B%2FeNIVjp8k4TPKidBoutjcTGYZtRbINwb7Vsboi6eDdpKFDSRINZdGZEFxog62eOFdWZg%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:683234c1-44ae-4c0f-a0cc-363d1e4dad53
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
100 KB 119ms
55ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WH1CQRV69D

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe2fa6d5fa864256757ba552e89718bbc9bbae8d78934037f37a7d340eb74b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jun 2024 06:37:29 GMT

GET
H3 200 materialdesignicons.min.css
espejos.tevasamorir.com/template/libertyui/vendors/iconfonts/mdi/css/ 88 KB
21 KB 388ms
386ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/vendors/iconfonts/mdi/css/materialdesignicons.min.css

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ddf98e844bc0a9af82d42284bc4eb8b293c7d954f5d1244b55d9973f83374c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 20642
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ueW4I%2F8X%2BJ8%2BTxPqKwB49tRI0kJDyhMpYFPmJ9sNWZQZ0P3l57kJ1QFdiDHQN9VqFN3gpJxb5lCMCpMPHFcBE%2FneowNYcpaAZAmU3kFGFjUfvAOHW372wlxgy%2BDhWpzINiOA5pKivSOEuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ae389726-AMS

GET
H2

200

materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@3.7.95/css/
Redirect Chain

https://cdn.materialdesignicons.com/3.7.95/css/materialdesignicons.min.css
https://cdn.jsdelivr.net/mdi/3.7.95/css/materialdesignicons.min.css
https://cdn.jsdelivr.net/npm/@mdi/font@3.7.95/css/materialdesignicons.min.css

160 KB
28 KB

18ms
18ms

Stylesheet
text/css

2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@3.7.95/css/materialdesignicons.min.css

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5ab0c1bbe97a8d7165f2db6621db6c824619a38e632a595b9c388f9c05250608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 06:37:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1655262
x-jsd-version: 3.7.95
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28630
x-served-by: cache-fra-eddf8230104-FRA, cache-bru1480079-BRU
x-jsd-version-type: version
etag: W/"27e21-DScfHVeYII4PLnV4E0dxPoSxyOk"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 06:37:29 GMT
x-content-type-options: nosniff
age: 2617242
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 111
x-served-by: cache-fra-eddf8230027-FRA, cache-bru1480079-BRU
vary: Accept-Encoding, Accept
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: https://cdn.jsdelivr.net/npm/@mdi/font@3.7.95/css/materialdesignicons.min.css
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 vendor.bundle.base.css
espejos.tevasamorir.com/template/libertyui/vendors/css/ 2 KB
1 KB 299ms
297ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/vendors/css/vendor.bundle.base.css

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6ef53fb7a080f7b4c5181b89810a6c0b889972c997ae7d6a4835f855df539ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 822
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RN2jXy7386aPBGA1WZyxlIgSg94WLzlCmiNqxPnUxE3LNSPV9ZartUH45O%2FQRJibsYqnebVlYBCsFDeq19W%2Bxub67W0cKm1EoV7I%2B2brS6wViRNVEUeg5Jn2W0VPn%2F0Chu9Wfxeekm3UBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ae399726-AMS

GET
H3 200 vendor.bundle.addons.css
espejos.tevasamorir.com/template/libertyui/vendors/css/ 319 KB
117 KB 468ms
466ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/vendors/css/vendor.bundle.addons.css

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

81877431c3cbb5061d5b2aed64e2801597b59adae8f7d9e8d619544ad3b5a0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xpw1As3uH29qQh%2FdrMN%2BTnHSPLuAfdS5yv8GvilJJ4dynv8eGC%2FEPFy6yDL7oYfO%2B8yTB21TsusmWED9mjiLrbAIlIlvoOCO6cNmIFo%2F1GWn%2FrSPeVtOhJXGVrdsj9KABvBJFPKIhbfFjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8969c021ae3a9726-AMS

GET
H3 200 style.css
espejos.tevasamorir.com/template/libertyui/css/ 917 KB
140 KB 389ms
387ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/css/style.css

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf9b74014d6e51729e72cc4e426bc576cc23b23bdf8e0b2493ee0f991d134841

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mpMutwmb8Dyqg3xhu4Ykg7kzy033gcSLitwOMNF2fcOa6yJeWDIcUwTuLUijMPB0JZ%2FrwhlTL46Q5mgmrloWy5HUouNH1%2FsyfcA1FUONAs%2Bjzv6clCCa3N8e87atyPGYy1LFGWJ99iiZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8969c021ae3b9726-AMS

GET
H3 200 font-awesome.min.css
espejos.tevasamorir.com/template/libertyui/vendors/iconfonts/font-awesome/css/ 30 KB
9 KB 305ms
302ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/vendors/iconfonts/font-awesome/css/font-awesome.min.css

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8332
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2cEctItV6K2%2FlVIAQ1v%2B9NfBEra42GPPlfFMFnWYZENx7CZgfT1IKMWBjD1JWvCyB8p9ecV28vbPag6j%2FGLiodNyRWL2ivHFTCRf6TZ3XlB4MoemaPlq%2FsABWnSw5st5DvMMtodoYvPMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ae3c9726-AMS

GET
H3 200 themify-icons.css
espejos.tevasamorir.com/template/libertyui/vendors/iconfonts/ti-icons/css/ 17 KB
4 KB 301ms
299ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/vendors/iconfonts/ti-icons/css/themify-icons.css

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c4b8c3fcee99086c01ab0a7bc29e52fc7e51095699411ed1f5fcb6882de9601f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 3677
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnPWnj6xmwacVsEUnVfhnhXAC8UwWZ64QVF6lpnrVdQv0wn%2B5AT90Ogmu3MBfrIC727GtvJT99Vnewsdnspvf67wgwCsRvlbCtKVVjTovXmm7MvY9L1W%2FY7pQhwySawAL9YBgjYTKZpByg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ae3e9726-AMS

GET
H3 200 portal.css
espejos.tevasamorir.com/plugins/member-portal/ 12 KB
4 KB 300ms
298ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/plugins/member-portal/portal.css

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3322879758d54defcee2abf3bcd2714c8ffc1a6b1f2982b1276b03b010e2c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 3206
last-modified: Thu, 13 Jun 2024 12:04:20 GMT
server: cloudflare
etag: "07a76d289bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8Wxs7kqruwfZQLDbYb5VdUJE9e6hqpHcYaOU9ehnV0ix2T2nRkhZ6tnjBn5owyFajknqvbPhFrXeRJvUEnPP09fWNwRv4Hp2SgQpnkDGV2q9ffRseMcIvvoZgadFHx12VD1m3Fl6z9Fjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ae419726-AMS

GET
H/1.1

200
OK

19e229e4-f670-45c4-bd7b-a3cb3542c086.jpg
rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/
Redirect Chain

https://espejos.tevasamorir.com/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/19e229e4-f670-45c4-bd7b-a3cb3542c086.jpg
https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/19e229e4-f670-45c4-bd7b-a3cb3542c086.jpg

19 KB
19 KB

471ms
133ms

Image
image/jpeg

20.60.88.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/19e229e4-f670-45c4-bd7b-a3cb3542c086.jpg
Requested by: Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Protocol: HTTP/1.1
Server: 20.60.88.36 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e1a8dbe7cb605fa4be7d448234be572902750ffd55d0f74243cfdfa76a1025ee

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 20 Jun 2024 06:37:29 GMT
Last-Modified: Thu, 16 May 2024 13:08:50 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: MTgT0B1+quOPdBym7kZP+w==
ETag: 0x8DC75A954563C00
Content-Type: image/jpeg
x-ms-request-id: c2bfac93-301e-000f-47dc-c20ad5000000
x-ms-version: 2009-09-19
Content-Length: 19036

Redirect headers

date: Thu, 20 Jun 2024 06:37:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xB3w0lxLLAd6ZYXOu2%2BWV7IMqJiFhYt51Lwcw1TgsAf3%2FLbdDp9Jpopn9ufrXBp73D%2BMkr%2BfESRJoBV%2FZlYJ0C1TLaaXg2LBsXE8Y9hnkjQ%2F4%2FJH3D1Qjg%2BXjno42OwS8xp9pRQ%2FQ9Jwjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/19e229e4-f670-45c4-bd7b-a3cb3542c086.jpg
access-control-allow-origin: *
cf-ray: 8969c021ae429726-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

e28bcac5-66ef-407f-a118-6479af023fef.jpg
rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/
Redirect Chain

https://espejos.tevasamorir.com/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/e28bcac5-66ef-407f-a118-6479af023fef.jpg
https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/e28bcac5-66ef-407f-a118-6479af023fef.jpg

27 KB
27 KB

467ms
112ms

Image
image/jpeg

20.60.88.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/e28bcac5-66ef-407f-a118-6479af023fef.jpg
Requested by: Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Protocol: HTTP/1.1
Server: 20.60.88.36 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: eff82ffcf05d1b1fe30cf10d24cdde46209425353c6131fbe838b07f9c36c898

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 20 Jun 2024 06:37:29 GMT
Last-Modified: Fri, 24 May 2024 09:00:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zk/QJsaYz6sB6hu64X7yrA==
ETag: 0x8DC7BCFF2EDB829
Content-Type: image/jpeg
x-ms-request-id: 0bac1cec-901e-0002-23dc-c2e5d9000000
x-ms-version: 2009-09-19
Content-Length: 27171

Redirect headers

date: Thu, 20 Jun 2024 06:37:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKYZn70rrGO1utjKWawPURK0l%2FOTqTxoNbs5fBEuEpqOUPI2Lq7uXHSY8kl4ureOMAmGPgGfaSwIoP08EY8He3s%2Fu9fcLd4d0Ri%2FMnCDTqLbgz0B1BOjv2X0r1KY96xmsqTlkjpr8o6%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/e28bcac5-66ef-407f-a118-6479af023fef.jpg
access-control-allow-origin: *
cf-ray: 8969c021ae449726-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 icons8-google-48.png
espejos.tevasamorir.com/images/ 1 KB
2 KB 312ms
304ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espejos.tevasamorir.com/images/icons8-google-48.png

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

37db90d131ba107c400773a63b718ffc0368286bc0425829c6b810d62a14077e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1247
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEWIJJp0zYTTNiFK9WSPavxfrvPB1PdPoo08%2BQTIyvIVaNa0qKXuuKjoJVHpEpdteFNLdM9xjObpxttSBFUjjHZanvd1MgloRHIFt89Sw%2BeUqIwKaU%2FjLbSAGCT8t6Lp0WjxjtMdC0Md2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee829726-AMS

GET
H3 200 icons8-facebook-48.png
espejos.tevasamorir.com/images/ 889 B
1 KB 329ms
320ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espejos.tevasamorir.com/images/icons8-facebook-48.png

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d1e95c82a1f0761ddc6f245a372a3954bbf32157a8dcdff4659a0f9574ace46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 889
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1OKAaSfIPqAF575oAb88%2FSHo27%2BzjdCKNMnUd9%2BYQwe4TW4eBOh1sTWsBm2QUQAjARkS%2BdcOIlnQ3WGJBHJmNzo9iLTna3ncDa9LNZsKJVloxbZgV9%2B%2BGz93XGp4tgfjDZg5CaUVMm8XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee839726-AMS

GET
H3 200 BackArrow.png
espejos.tevasamorir.com/images/ 284 B
798 B 330ms
321ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espejos.tevasamorir.com/images/BackArrow.png

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b3a9383b936b7796f8a582a4dd4bc2b50fb7b79c34f4fdf0a8172ee35baa3aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 284
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eE0%2B63Tju8p1KGZfupaVtdpAUzjPEOUzpvs0VA4tR6cU5UoTTjIZp4B%2FLGN3x3ivtJvYOOyuMpzWuAhDtyO3cnqcbF91F8XYMyfnHJDka3iiSi%2FAXBb4MbJR3NfIntLhFoUtEyUhneACaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee849726-AMS

GET
H3 200 EmailSent.png
espejos.tevasamorir.com/images/ 471 B
994 B 300ms
297ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espejos.tevasamorir.com/images/EmailSent.png

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0d3e677e52454fbc5b6d816986470c2a29b517a2af499f3b227e1ab5a8719372

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 471
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRnWykNe78a4a%2FVNNDDLE2eLpG%2B9IOpqO0SszxeLfXk7Qqysa39m3MsF59%2BXAjvhtQD%2B5DcX0HPi7%2FcMC%2BTkBonx2Jm%2FWIJxBbNCMnsI%2BKndCFK6OksX1VyQsYp7J4yTDDFVTqberc9%2Bag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021eeab9726-AMS

GET
H3 200 email-decode.min.js Show response
espejos.tevasamorir.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 30ms
21ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2024 12:46:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"666c3b9a-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUZn2%2BOx9qrL9%2Bu97moYMmYFSB1XO1qy2yfEBseevkB0w40wmeB72sS4%2Bb0SrouT5VvkU%2B337De3TrF5LOTYdnhLAu8cV9BtUyKy0l%2BcGV8NK800%2FIJZ3upg0LG9V4eZ1eTPpa666dW7mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8969c021ee879726-AMS
expires: Sat, 22 Jun 2024 06:37:29 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
976 B 168ms
65ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc_OBQmAAAAAOfDcGi08NbwNCG4BwdaHz6OP3vo

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

62d395f4e9a158c3b2cd7e67f565ffa16be1c5270529fd4191c871eb9adec388

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 20 Jun 2024 06:37:29 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
972 B 158ms
62ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

947a04a457f20219cdd355415e6bafd1d02caad1e365ac6227b88cd0acced2d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 20 Jun 2024 06:37:29 GMT

GET
H3 200 vendor.bundle.base.min.js Show response
espejos.tevasamorir.com/template/libertyui/vendors/js/ 170 KB
71 KB 389ms
380ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/vendors/js/vendor.bundle.base.min.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0e1b323183d85df88d72f7d037e0d46d9de20b70f938a8c9664b9ed69be30110

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGyoEk9XJmvJUqLJD77X4ON3w4bzVRPEQDbG7oWuhVQj55dOGBBziWHeh577bisDQrIMkYs9BxeQ%2FndCh%2BlsG5zqALMeeYsDxpVHNsJHtn%2BxnBkeE3vXUVAgdihgwhblDAOxkH7Mv60UpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8969c021ee899726-AMS

GET
H3 200 vendor.bundle.addons.min.js Show response
espejos.tevasamorir.com/template/libertyui/vendors/js/ 4 MB
1 MB 398ms
389ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/vendors/js/vendor.bundle.addons.min.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c37367a2f9d6ec6c26ab8b2210d65c5612078e0fbdc2d35249b3df49547b71b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utDNQw04gfimPG%2BesSqfuyHeRKmsiZwiQ%2FOU9S3YLvQXPqe8N3w858BG0CTyF%2F38pcSL8h20DkOrI%2BTAwguBbuw96aiS%2FSdht2fqlhPGpDmCmo01TCYzx%2B%2F4faCjM67Bmsxa6p%2BLESWgbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8969c021ee8a9726-AMS

GET
H3 200 form-validation.js Show response
espejos.tevasamorir.com/template/libertyui/js/ 3 KB
2 KB 315ms
306ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/js/form-validation.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

905b6bd744e6c6d37a4c0611232d9ba28293158d2943675b0cefbe4a3b239cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1133
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lmfIQB2toUXule9RGZ1%2B5qv0rCyyA3JNMS8nw1AEFYOP4T%2Fv6tsHwZ4j%2FY38dhxd7HARTplt5e%2B7%2BcNBXrO8nRQsLnG9uzuoI615kQl7TVcZBRKc1yOoJRCeIym%2FM%2FwCnd2wpmw3w40qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee8d9726-AMS

GET
H3 200 bt-maxLength.js Show response
espejos.tevasamorir.com/template/libertyui/js/ 832 B
921 B 304ms
297ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/js/bt-maxLength.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

eda1cac86a0434011476c4e852d747b7d280647b7f7663f24a356805f9ac897e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 384
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpY1VEy6iYyzKzIcQmIs59QfF%2Fpv6FZStlRjJ0gTIiw8IeNWxslVi8DKte1ook5cql7R%2BF3n6rljXT5BKJm89nt%2BnbjyBkzn379nBR1b4wGo91yI1p6kIJ%2FSdsqdPRX9KBE0e%2FbIFySO6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee8e9726-AMS

GET
H3 200 template.js Show response
espejos.tevasamorir.com/template/libertyui/js/ 1 KB
1 KB 305ms
298ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/js/template.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

212f1a42982d0764bf72f76d66541eef48adf424e3546f774aac03eefeb62dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 726
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8aIi5NZYDn12J9qVL1R0mjGr%2BTd0KDuPY%2F4T18eCg32vYd7d8LwsoLn8%2Fn9KGJie02ZOQsApbFhL98dDNk8cXfiBvDNzd72irkOimudGO2lBnMUFM%2FxO8fyJ2jJg7TLrGP78ARB%2BnjJBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee919726-AMS

GET
H3 200 dashboard.js Show response
espejos.tevasamorir.com/template/libertyui/js/ 4 KB
2 KB 309ms
303ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/template/libertyui/js/dashboard.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

17a2481da8fb1fae2e0a9106c474b546423a7912b79bb84b4debf65799d9a635

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1283
last-modified: Thu, 13 Jun 2024 12:04:28 GMT
server: cloudflare
etag: "02e3bd789bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cjm2u1dias%2Fv%2F%2B8ks0yExOLDSLrNpH%2F9PZv0fmLr77uBBE8jWuhCpLcZ4FxnuBPq64i9HMBGXlko4gZIwSlqpHR8bCeWq6bYSYcV81xaSCP%2FFtFUJf5TfyW6jM5s0q3U%2FiJ%2FVbjfH6WqOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee929726-AMS

GET
H3 200 jquery.validate.min.js Show response
espejos.tevasamorir.com/plugins/jquery-validation/ 23 KB
8 KB 315ms
309ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/plugins/jquery-validation/jquery.validate.min.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c4ec8763c6f7c6b9efc4a180baadbc2a4eaf9317f2781c9a4705c8c56774993d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 7461
last-modified: Thu, 13 Jun 2024 12:04:20 GMT
server: cloudflare
etag: "07a76d289bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDsss4H9Uxxksq%2BzLDe2E3L%2BrYGHC2CL%2F8Z%2BrZe46RwRoH8Tc6gP84gCBNC57z1s3otnhqgBXBHaZ8MLY8CX7k4HSuq698XUu%2FPgx7g1NZVQaBLsm9gIsq3KBUNkFDlTUv33og%2Buwsh%2FRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee949726-AMS

GET
H3 200 CustomValidatorExtensions.js Show response
espejos.tevasamorir.com/js/ 444 B
914 B 297ms
291ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/js/CustomValidatorExtensions.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2aeb5f52037bd05979f577d66e8d28f2ee0233a94ec034a31d88a74c29f8cac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 374
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FXeXte3wo%2Fy9lQR%2Fy6HdJX%2BomUkiTlbx3EcAf8jV5k3sFgap1JJHOl8dKxIhL8dMmLUXPYcKHzRsO7IXflWhV1pB8Ck%2FIz3rOhDcQHfi7gAw0n%2BJsnedgV0oJBNW1%2Bd3nkvv86PMWRQ5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee959726-AMS

GET
H3 200 util.js Show response
espejos.tevasamorir.com/js/ 3 KB
2 KB 305ms
299ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/js/util.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

06911f159ff34888369f593aed2ea405b091973929c24a23d9b5e8b97f06eab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1416
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3imqyflv79JU3X9Lpy9iqoSKOcoYqWKRkwFrmExUEKh6SyVNKkPgZ42XzpkFMb9AO%2BfhMZEBBd4EVARd%2F%2Bi%2BLXV8WvFCPCeCstnCKqnu1WMs34xgF1gr6qeLVpEO7SkYe76n747yt%2FA2sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee979726-AMS

GET
H3 200 MemberAuthentication.js Show response
espejos.tevasamorir.com/js/ 4 KB
2 KB 308ms
304ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/js/MemberAuthentication.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

39cf40edcd66299d729e5fb6f062c7ebcea05bdfccfebd437b22f0df1ba6a62c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1532
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMUJgypRJEDTc6N%2FnCMKdPip2HDNdpJlWmaQziwMX5O5pfNdf65v%2Bo6DV7MU%2B%2Bs1tNIXfkRlncz9K9SoVA6Wavcxl6dwaWlWwGvLS3dmzf6YgpQkIqlUOqw6c0PBvuY0%2FNPNY6wxrb6rfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee9a9726-AMS

GET
H3 200 prebid-ads.js Show response
espejos.tevasamorir.com/js/ 78 B
722 B 327ms
322ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/js/prebid-ads.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ba06b16e3697c9fc03f5323f19ffb6305908103f3a7f6be2bb3040999b28fedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 184
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uAqGXorywXA%2FXtwfjM%2FQVIfAFMa52BW7AF%2BK5e7ETH7l%2BoexgQW7aKn7YlvaxjRGj60XGcR0zpZv9w8hbzoxP6M3APEdbBG40G%2BYKfjzXfWlKA87grWAdO3j3P0UVTpX9BpCIJguO05Smg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee9b9726-AMS

GET
H3 200 MemberPortalV2.js Show response
espejos.tevasamorir.com/portal/MP2/ 8 KB
3 KB 312ms
308ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c0b0cd9f0b44e75e460028efcec31a4514009b8292864e4aebf82ed969b3176

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2778
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFPHjyGy1FFveKYWnxkicwWwayhQTnk4qvf6KuvyZFsKTonzF%2F6qSuE0nbFR96XlULFbWbfGD73uw01uy8VOXwJQhjuYHerZ1ONCzxAk5z%2Bsu3F7MGiQ5y3FVxKJoA4PqING9ndRdh%2BxOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee9c9726-AMS

GET
H3 200 MemberPortalV2Dashboard.js Show response
espejos.tevasamorir.com/portal/MP2/ 7 KB
3 KB 331ms
328ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2Dashboard.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2126a5b6bbfcc253f37afec62f577928a2c13b0784c859ad27ef609cb7d79192

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2359
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvA0EK%2BFHZt%2BuwV2neQz38503Yx3r1kgOlOgeliUF2sb%2BKQ%2F87PN%2Ff24X4So1YN0LnNoPB2q%2FDlMV0i9PyCG171EZLptyWWnYFCQiul4fO9aNz%2FvB9tWlSrVCHhNVlu5Sej0%2Fh85S76IGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee9d9726-AMS

GET
H3 200 MemberPortalV2Referrals.js Show response
espejos.tevasamorir.com/portal/MP2/ 6 KB
2 KB 310ms
307ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2Referrals.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a05ea92ffa34f726202bf6bea8acb6f7f8bd50fb9bedd3cd48e5275fb18cb632

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1736
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWPRFyfviwBPnETafGP8287d%2BLLoW56ChfnwOQyY8CFhdza01VeiPDBWIWU6cydwWTVgsyv%2F3Q%2BrHnPRV8tLH6WeMHukoQGXnHSUQ0gu4OM7hvQhAp5jlGAwfjfpMzXGV%2FZeaIRI%2BW8CVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021ee9f9726-AMS

GET
H3 200 MemberPortalV2Rewards.js Show response
espejos.tevasamorir.com/portal/MP2/ 5 KB
2 KB 327ms
323ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2Rewards.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf8cb905fb35e7fa0116406130cecd55ca48dc73b955da4d3cbe8de1299d2ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1577
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhMbLhQXfn%2BHd8mMQrHRPqVgNVaQinGFoAxRoVdIrNBclXZRf6oIIZPNRJRnjMtnEq%2FtFJgtkFeCB3qdStH339emAkX2%2Big4aAruvYtjdDpnMKhCfpJWxCDEOE40OQni2VSLSnQC%2BK%2FbXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021eea09726-AMS

GET
H3 200 MemberPortalV2Profile.js Show response
espejos.tevasamorir.com/portal/MP2/ 9 KB
3 KB 328ms
324ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2Profile.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

23aa008376e14883b3d0771cdf7ad2e7ae2ad061eee97e847d3370ca82f02f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2302
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8B3I1%2Bh15CNkRg1tVSicKPpVq5BaRHo%2BmXerQ6e6Fz6GP5DWz%2BmhKiNnUV8%2FBRbOBXqQVKChImA3yg7jtMjmnz%2FZvLeGnMXCwiVuukyq7fe%2FAsobHgBJrIjQUyd3wUT3kyhaIYjrpZt7ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021eea29726-AMS

GET
H3 200 MemberPortalV2Login.js Show response
espejos.tevasamorir.com/portal/MP2/ 3 KB
2 KB 328ms
325ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2Login.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

1386bc36753ced0d9c108928e4e310411c82c8716aec081213fc9d9147331d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1064
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2Flx1nt%2BpPVolULcRIJz%2FMS8D1tcb%2Fe1Q8LWhwQOBmLAASXolzYgtNzW1CIk%2FZGeCC2QAmEuon%2Bz%2F6oRXbd4HilL4Ooc%2BCRiAA3jO1Lt%2FEM7ahuPS5lCCix1YRyGfPyGBJkPhzkeSe%2F8Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021eea49726-AMS

GET
H3 200 MemberPortalV2Register.js Show response
espejos.tevasamorir.com/portal/MP2/ 7 KB
3 KB 445ms
442ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2Register.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

124d1ce0c4f5c0fc000f1995b56ba273ee8e797fa9b044e0be0e9f4032777778

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2065
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFXQ8dAjzdRuTRJNODBBfc%2BxKp5Pa6H9fs7XC71B3gXmJ9ZIWgbPvBi5ifR0RGB%2FIcIr8dazKeJff%2FiO4ovL6voUDDEGicU1ekwFzVq9a9bscyVAM4Kz7aSoT8hU%2BoiyXFXvCWpsZA0M%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021eea59726-AMS

GET
H3 200 MemberPortalV2Access.js Show response
espejos.tevasamorir.com/portal/MP2/ 10 KB
3 KB 329ms
326ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2Access.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

aefe457006bc75135561893c35d30f639c5a32831bcee2e127db9dd151932638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2824
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xeima8rwvW%2BZ9zXmSzd5P52naNe9sTamzuw08V3mzl%2F1SRlo7P3Ygp5AYUbrrh9wcMEISyi%2FWbit%2F5z65uNy53Iqu3ftF7c%2FuMZEfb73DAVA34VZQKZ5sFRe5iHLHDEY9GpCC3WuAAZebw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021eea79726-AMS

GET
H3 200 MemberPortalV2ResetPassword.js Show response
espejos.tevasamorir.com/portal/MP2/ 6 KB
2 KB 331ms
328ms Script
application/x-javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espejos.tevasamorir.com/portal/MP2/MemberPortalV2ResetPassword.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e7d31470721b7e92cf52865e4a6656ad8326d278a985b5376cd1827a47eacd79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1676
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: "04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYf3mhtnDONe3I7H96A4h0x2%2FkJBNlCTALhykBOS1qxo8kqFbGg733zWPsgXlBINXzEZNBuflStAhNiPIRfUBwBdn%2BkZhwXKrV85zXcBdQztvx3%2ByESqVTx6SXLTPNyf4dFQTAQdW%2BvpOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8969c021eea89726-AMS

GET
H2 200 platform.js Show response
apis.google.com/js/ 55 KB
21 KB 130ms
56ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

126256e28b3b0692482fb78e460afa73a038fbdaecfed47851817e4c224313ba

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 06:37:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21325
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "57de26ffa85249f2"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 06:37:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 159ms
45ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 06:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 502
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jun 2024 08:29:07 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 68ms
16ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/488D) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1008
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (ama/488D)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ab0c3ddc-a01e-004a-6ed9-c2e4fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Thu, 20 Jun 2024 07:07:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 358ms
22ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WH1CQRV69D&gtm=45je46h0v9103122667za200&_p=1718865449242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1358952395.1718865449&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718865449&sct=1&seg=0&dl=https%3A%2F%2Fespejos.tevasamorir.com%2Fv2%2F1%2Fpasswordlessaccess&dt=AMORir%20-%20Acceso&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1609&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WH1CQRV69D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 06:37:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://espejos.tevasamorir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@3.7.95/fonts/ 194 KB
194 KB 51ms
19ms Font
font/woff2 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@3.7.95/fonts/materialdesignicons-webfont.woff2?v=3.7.95

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@3.7.95/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70a39aa2a37ef9f0bb49fdbad2af6f177f21f2913362713dcdaddabcbda7ea9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.jsdelivr.net/npm/@mdi/font@3.7.95/css/materialdesignicons.min.css
Origin: https://espejos.tevasamorir.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 06:37:29 GMT
x-content-type-options: nosniff
age: 1985611
x-jsd-version: 3.7.95
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 198460
x-served-by: cache-fra-eddf8230156-FRA, cache-bru1480046-BRU
x-jsd-version-type: version
etag: W/"3073c-CZeHW1ryYxxry88V0C4NtGELZ+Y"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 330ms
23ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WH1CQRV69D&gtm=45je46h0v9103122667za200&_p=1718865449242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1358952395.1718865449&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1718865449&sct=1&seg=0&dl=https%3A%2F%2Fespejos.tevasamorir.com%2Fv2%2F1%2Fpasswordlessaccess&dt=AMORir%20-%20Acceso&en=RR_Member_Visit_View&_ee=1&ep.programid=af7ee2df-145f-422a-9d98-428bb495c67f&_et=2&tfd=1629&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WH1CQRV69D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 06:37:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://espejos.tevasamorir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 517 KB
206 KB 328ms
25ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc_OBQmAAAAAOfDcGi08NbwNCG4BwdaHz6OP3vo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dc6b4323fbeb236ffdcf00f4fc93c6373bb022821f4e5aec3daa68b2af2ae05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Origin: https://espejos.tevasamorir.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210148
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 14:50:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 34ms
34ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1302646924&t=pageview&_s=1&dl=https%3A%2F%2Fespejos.tevasamorir.com%2Fv2%2F1%2Fpasswordlessaccess&ul=nl-nl&de=UTF-8&dt=AMORir%20-%20Acceso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAAABAAAAACAAI~&jid=540277358&gjid=507824359&cid=1358952395.1718865449&tid=UA-2068305-11&_gid=1467868549.1718865449&_r=1&_slc=1&z=1245830317

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 06:37:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://espejos.tevasamorir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 RRGreyLogo.svg
espejos.tevasamorir.com/images/ 1 KB
1 KB 325ms
325ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espejos.tevasamorir.com/images/RRGreyLogo.svg

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/plugins/member-portal/portal.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8d183d604c63a38b7de270c12f84eaee22d8346bf2975a7f58e7861e4d82280b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/plugins/member-portal/portal.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 06:37:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Jun 2024 12:04:18 GMT
server: cloudflare
etag: W/"04d45d189bdda1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmY%2FKIlQnIvBQ0kk7%2FFb86ynpm0TxHr%2Bl%2ByICFzS4cQ307pwNxUsfR5HddBio3z00Hsor%2FhUxeLyIaoV5x4QH%2BDynnW0cjIjIE3%2FRVtFfRmJZA%2FdKo4HTs63l1%2FhI633h82gnAK0%2FefepA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8969c023a8679726-AMS

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
354 B 93ms
25ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2068305-11&cid=1358952395.1718865449&jid=540277358&gjid=507824359&_gid=1467868549.1718865449&_u=IADAAAAAAAAAACAAI~&z=1547663044

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 06:37:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://espejos.tevasamorir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 160ms
56ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/template/libertyui/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jun 2024 06:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 05:08:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jun 2024 06:37:29 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 73ms
72ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2068305-11&cid=1358952395.1718865449&jid=540277358&_u=IADAAAAAAAAAACAAI~&z=1335598107

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 06:37:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 188ms
33ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2068305-11&cid=1358952395.1718865449&jid=540277358&_u=IADAAAAAAAAAACAAI~&z=1335598107

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 06:37:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 231ms
44ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://espejos.tevasamorir.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options: nosniff
age: 143027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:53:43 GMT

GET
H2 200 jquery.form.js Show response
malsup.github.io/ 43 KB
13 KB 80ms
18ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://malsup.github.io/jquery.form.js?_=1718865449729
Requested by: Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/template/libertyui/vendors/js/vendor.bundle.base.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 3d3bfb9270869f1bbee4536bd80c629b45dc4e87
date: Thu, 20 Jun 2024 06:37:30 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 36
age: 317
x-cache: HIT
x-proxy-cache: HIT
content-length: 12365
x-served-by: cache-bru1480030-BRU
last-modified: Tue, 17 Oct 2023 01:04:50 GMT
server: GitHub.com
x-github-request-id: EC33:1F7441:24AB724:25D3E7D:666E4725
x-timer: S1718865450.380549,VS0,VE0
etag: W/"652dddb2-ab74"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Sun, 16 Jun 2024 02:03:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 74ms
24ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: espejos.tevasamorir.com
URL: https://espejos.tevasamorir.com/v2/1/passwordlessaccess

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fcb98949eb4ad9932202b6cdef3e5b9d5f0a7e6456635f03b37a0954a07ca26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 06:37:30 GMT
content-md5: 5sAAU+XPY/f3oqajldZoyg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1690
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: VVX7qq7T/G3SqzLJw9s/hIcc26vBbCx2GyzHQ7YOPeQFMdXWpfdryMcpvUAatQxTyLPcZNA71SZ+KlaVbXodgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 47aee3058da90f558a5b4ea796946ec9
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "e62a1b1ca3994c49b6255c3338ae3859"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 20 Jun 2024 06:52:16 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.wmJJChQt2mo.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-HLEGAmaHQS9OI_-1KDHtQqCEEAg/ 175 KB
60 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.wmJJChQt2mo.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-HLEGAmaHQS9OI_-1KDHtQqCEEAg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab00ed2a11d903747ed0474ee1770e786fbc77cd07534ade4b480ffd837fe4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60803
x-xss-protection: 0
last-modified: Mon, 06 May 2024 15:31:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 16:18:16 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame EDF5 0
0 109ms
67ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_OBQmAAAAAOfDcGi08NbwNCG4BwdaHz6OP3vo&co=aHR0cHM6Ly9lc3Blam9zLnRldmFzYW1vcmlyLmNvbTo0NDM.&hl=nl&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&cb=tt9xij6z1avu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E7YQnMUnVlKr3umrRN5GzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-E7YQnMUnVlKr3umrRN5GzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 06:37:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 6E4D 0
0 94ms
53ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGPWkpAAAAABhdYWC8yrkh7Pw4tP75bZXTtPsQ&co=aHR0cHM6Ly9lc3Blam9zLnRldmFzYW1vcmlyLmNvbTo0NDM.&hl=nl&v=KXX4ARWFlYTftefkdODAYWZh&size=normal&sa=mp2_register&cb=mmnhj327ta01

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sTxr24ENfcYHdY3J2zPGcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sTxr24ENfcYHdY3J2zPGcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 06:37:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 50ms
25ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f317b5e86c428298543e03ba6df63c70

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

60f302da993c2b0a2bdb55710d1ba187b31d2e1f7516ad2ceb00e3844ceb0d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Origin: https://espejos.tevasamorir.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 06:37:30 GMT
content-md5: QuQEOZLbCowTWHVpUYBCQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87599
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4297, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: gLbUz42r8P98Ftw4lk6mF6QZmNnFN8XdZ25l146G/frj3HmBvomrzydMLirwO3b0NOrvACxqMWD9inR1KQ+NIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7166467026423fed65ae5feba9d00336
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "cc1d3879fb34ac34ff49bae6754bf47c"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 Jun 2025 06:20:15 GMT

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame CBB5 0
0 90ms
30ms Document
text/html 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.wmJJChQt2mo.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-HLEGAmaHQS9OI_-1KDHtQqCEEAg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ftkv9o_BIbd0nEzqtyufxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ftkv9o_BIbd0nEzqtyufxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 06:37:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzjctHikmJw0JBikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQW988z5r07zxrCRC3f77AOhOIl0RcZD2SeJFViIdj1Zzzm9kEDiw-s51JSS0pvzA-MyU1rySzpFI3P7G0JEM3o6SkIN7IwMjEwMzQTM_AIr7AAAAZPjD3"
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 login_button.php
www.facebook.com/v15.0/plugins/ Frame 2368 0
0 220ms
167ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v15.0/plugins/login_button.php?app_id=1216825218481818&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310fc41d4677384d%26domain%3Despejos.tevasamorir.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fespejos.tevasamorir.com%252Ffb39ff3e8f78d8c07%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=&max_rows=1&scope=public_profile%2C%20email&sdk=joey&show_faces=false&size=large&use_continue_as=true&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f317b5e86c428298543e03ba6df63c70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Thu, 20 Jun 2024 06:37:31 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v15.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382470900102061642"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382470900102061642", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=2798, tp=-1, tpl=-1, uplat=138, ullat=0
x-fb-debug: RIqdJC03TNMF0TbXtW38pJpq7BsjgSutopKyJq7SHOy1EaaBPyjgcUk6nqtUiwa7pq0TixZNoAfljd/SlKtsDw==
x-xss-protection: 0

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 472ms
42ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://espejos.tevasamorir.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Thu, 20 Jun 2024 06:37:31 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
200 B 514ms
513ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

60641eeebbc868a10bc4036bb037c59a25b5f1a6021c3ca39d8a090304ec2e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://espejos.tevasamorir.com/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 20 Jun 2024 06:37:31 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 521E 0
0 50ms
48ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=nl&v=KXX4ARWFlYTftefkdODAYWZh&k=6LcGPWkpAAAAABhdYWC8yrkh7Pw4tP75bZXTtPsQ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n9ITrvsV4gAya2_UIogrSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-n9ITrvsV4gAya2_UIogrSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 06:37:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

a7f86409-2cfb-43f4-a0fe-21f54f446666.png
rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/
Redirect Chain

https://espejos.tevasamorir.com/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/a7f86409-2cfb-43f4-a0fe-21f54f446666.png
https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/a7f86409-2cfb-43f4-a0fe-21f54f446666.png

1 KB
1 KB

105ms
105ms

Other
image/png

20.60.88.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/a7f86409-2cfb-43f4-a0fe-21f54f446666.png
Protocol: HTTP/1.1
Server: 20.60.88.36 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5d6e408403753c4d8a86629143a933c7d875f006f70c63965afd00111ef979a6

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://espejos.tevasamorir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 20 Jun 2024 06:37:31 GMT
Last-Modified: Fri, 24 May 2024 08:52:46 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: vyAP+3zG73v5Z2OxkllYyw==
ETag: 0x8DC7BCEE1ECD134
Content-Type: image/png
x-ms-request-id: 0bac2504-901e-0002-1edc-c2e5d9000000
x-ms-version: 2009-09-19
Content-Length: 1105

Redirect headers

date: Thu, 20 Jun 2024 06:37:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HT9ap3%2BnKb4YW7Vn8zwB8iou8nki7wqlKUso1iyHGLhxtm9Fzq9brt7vLWbzZcamLO46Y%2BCL8RM%2FfK5V8EZdhWPo%2F3kcVaD1cnUhqFrqp8R0EgFv6GGVin8hYhyoOjkB6S6p348GGqpNUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://rrprodclientfilesbravo.blob.core.windows.net/rrprod/client/f2939b47-6e02-4ccc-8440-5c5c0b3510bd/images/a7f86409-2cfb-43f4-a0fe-21f54f446666.png
access-control-allow-origin: *
cf-ray: 8969c031495c9726-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 20ms
20ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WH1CQRV69D&gtm=45je46h0v9103122667za200&_p=1718865449242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1358952395.1718865449&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1718865449&sct=1&seg=0&dl=https%3A%2F%2Fespejos.tevasamorir.com%2Fv2%2F1%2Fpasswordlessaccess&dt=AMORir%20-%20Acceso&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6638&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WH1CQRV69D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://espejos.tevasamorir.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 06:37:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://espejos.tevasamorir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
espejos.tevasamorir.com/	1970-01-21 06:13:21	Name: RR_Member_Visit_1 Value: 6d45bdbf-2378-413d-90f6-67eac7dc6819
espejos.tevasamorir.com/	1970-01-21 06:13:21	Name: ai_user Value: Gfeq7\|2024-06-20T06:37:29.330Z
.tevasamorir.com/	1970-01-21 07:03:45	Name: _ga Value: GA1.1.1358952395.1718865449
.tevasamorir.com/	1970-01-21 07:03:45	Name: _ga_WH1CQRV69D Value: GS1.1.1718865449.1.0.1718865449.0.0.0
espejos.tevasamorir.com/	1970-01-20 21:27:47	Name: ai_session Value: yygBI\|1718865449763.6\|1718865449763.6
.espejos.tevasamorir.com/	1970-01-21 07:03:45	Name: G_ENABLED_IDPS Value: google

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.wmJJChQt2mo.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-HLEGAmaHQS9OI_-1KDHtQqCEEAg/cb=gapi.loaded_0?le=scs(Line 190) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
az416426.vo.msecnd.net
cdn.jsdelivr.net
cdn.materialdesignicons.com
connect.facebook.net
dc.services.visualstudio.com
espejos.tevasamorir.com
fonts.googleapis.com
fonts.gstatic.com
malsup.github.io
region1.google-analytics.com
rrprodclientfilesbravo.blob.core.windows.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
138.199.37.225
142.250.185.132
151.101.193.229
157.240.0.6
188.114.97.3
20.50.88.242
20.60.88.36
2001:4860:4802:34::36
2606:2800:133:206e:1315:22a5:2006:24fd
2606:50c0:8002::153
2a00:1450:4001:800::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9a
2a00:1450:400c:c09::54
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::485
06911f159ff34888369f593aed2ea405b091973929c24a23d9b5e8b97f06eab9
0d3e677e52454fbc5b6d816986470c2a29b517a2af499f3b227e1ab5a8719372
0e1b323183d85df88d72f7d037e0d46d9de20b70f938a8c9664b9ed69be30110
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
124d1ce0c4f5c0fc000f1995b56ba273ee8e797fa9b044e0be0e9f4032777778
126256e28b3b0692482fb78e460afa73a038fbdaecfed47851817e4c224313ba
1386bc36753ced0d9c108928e4e310411c82c8716aec081213fc9d9147331d61
17a2481da8fb1fae2e0a9106c474b546423a7912b79bb84b4debf65799d9a635
2126a5b6bbfcc253f37afec62f577928a2c13b0784c859ad27ef609cb7d79192
212f1a42982d0764bf72f76d66541eef48adf424e3546f774aac03eefeb62dda
23aa008376e14883b3d0771cdf7ad2e7ae2ad061eee97e847d3370ca82f02f05
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ab00ed2a11d903747ed0474ee1770e786fbc77cd07534ade4b480ffd837fe4f
2aeb5f52037bd05979f577d66e8d28f2ee0233a94ec034a31d88a74c29f8cac2
2fcb98949eb4ad9932202b6cdef3e5b9d5f0a7e6456635f03b37a0954a07ca26
311ecbc5081216bf762b7efdbac252e55340589e18bd5547d0e92c5b5189f053
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
37db90d131ba107c400773a63b718ffc0368286bc0425829c6b810d62a14077e
39cf40edcd66299d729e5fb6f062c7ebcea05bdfccfebd437b22f0df1ba6a62c
3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5ab0c1bbe97a8d7165f2db6621db6c824619a38e632a595b9c388f9c05250608
5d6e408403753c4d8a86629143a933c7d875f006f70c63965afd00111ef979a6
60641eeebbc868a10bc4036bb037c59a25b5f1a6021c3ca39d8a090304ec2e40
60f302da993c2b0a2bdb55710d1ba187b31d2e1f7516ad2ceb00e3844ceb0d03
62d395f4e9a158c3b2cd7e67f565ffa16be1c5270529fd4191c871eb9adec388
6ef53fb7a080f7b4c5181b89810a6c0b889972c997ae7d6a4835f855df539ff7
70a39aa2a37ef9f0bb49fdbad2af6f177f21f2913362713dcdaddabcbda7ea9a
7c0b0cd9f0b44e75e460028efcec31a4514009b8292864e4aebf82ed969b3176
81877431c3cbb5061d5b2aed64e2801597b59adae8f7d9e8d619544ad3b5a0ea
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8d183d604c63a38b7de270c12f84eaee22d8346bf2975a7f58e7861e4d82280b
8dc6b4323fbeb236ffdcf00f4fc93c6373bb022821f4e5aec3daa68b2af2ae05
905b6bd744e6c6d37a4c0611232d9ba28293158d2943675b0cefbe4a3b239cc9
947a04a457f20219cdd355415e6bafd1d02caad1e365ac6227b88cd0acced2d3
a05ea92ffa34f726202bf6bea8acb6f7f8bd50fb9bedd3cd48e5275fb18cb632
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefe457006bc75135561893c35d30f639c5a32831bcee2e127db9dd151932638
b3a9383b936b7796f8a582a4dd4bc2b50fb7b79c34f4fdf0a8172ee35baa3aef
ba06b16e3697c9fc03f5323f19ffb6305908103f3a7f6be2bb3040999b28fedd
c37367a2f9d6ec6c26ab8b2210d65c5612078e0fbdc2d35249b3df49547b71b4
c4b8c3fcee99086c01ab0a7bc29e52fc7e51095699411ed1f5fcb6882de9601f
c4ec8763c6f7c6b9efc4a180baadbc2a4eaf9317f2781c9a4705c8c56774993d
cf8cb905fb35e7fa0116406130cecd55ca48dc73b955da4d3cbe8de1299d2ca2
cf9b74014d6e51729e72cc4e426bc576cc23b23bdf8e0b2493ee0f991d134841
d1e95c82a1f0761ddc6f245a372a3954bbf32157a8dcdff4659a0f9574ace46b
ddf98e844bc0a9af82d42284bc4eb8b293c7d954f5d1244b55d9973f83374c55
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a8dbe7cb605fa4be7d448234be572902750ffd55d0f74243cfdfa76a1025ee
e3322879758d54defcee2abf3bcd2714c8ffc1a6b1f2982b1276b03b010e2c75
e7d31470721b7e92cf52865e4a6656ad8326d278a985b5376cd1827a47eacd79
eda1cac86a0434011476c4e852d747b7d280647b7f7663f24a356805f9ac897e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff82ffcf05d1b1fe30cf10d24cdde46209425353c6131fbe838b07f9c36c898
fe2fa6d5fa864256757ba552e89718bbc9bbae8d78934037f37a7d340eb74b16

espejos.tevasamorir.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

94 %HTTPS

68 %IPv6

16 Domains

20 Subdomains

21 IPs

4 Countries

2641 kBTransfer

7691 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

espejos.tevasamorir.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

94 %
HTTPS

68 %
IPv6

16
Domains

20
Subdomains

21
IPs

4
Countries

2641 kB
Transfer

7691 kB
Size

6
Cookies

66 HTTP transactions
0 data transactions