thekerassentials.com Open in urlscan Pro
172.67.202.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://swhv.blob.core.windows.net/sbwhsw/3almks.html
Effective URL:
https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid2024101322123858...
Submission: On October 13 via api (October 13th 2024, 10:12:34 pm UTC) from BE — Scanned from AU

Summary HTTP 102 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 102 HTTP transactions. The main IP is 172.67.202.25, located in United States and belongs to CLOUDFLARENET, US. The main domain is thekerassentials.com.
TLS certificate: Issued by WE1 on August 29th 2024. Valid for: 3 months.

This is the only time thekerassentials.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	20.60.102.1 20.60.102.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	172.67.213.103 172.67.213.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	172.67.202.25 172.67.202.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	172.66.40.141 172.66.40.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.67.8 142.250.67.8	15169 (GOOGLE) (GOOGLE)
1	172.66.40.143 172.66.40.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.55.38.26 23.55.38.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	216.239.32.178 216.239.32.178	15169 (GOOGLE) (GOOGLE)
3	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
2	74.125.130.157 74.125.130.157	15169 (GOOGLE) (GOOGLE)
2	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
2	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
2	172.66.43.115 172.66.43.115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.55.38.17 23.55.38.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	54.88.170.186 54.88.170.186	14618 (AMAZON-AES) (AMAZON-AES)
1	54.164.69.141 54.164.69.141	14618 (AMAZON-AES) (AMAZON-AES)
8	23.205.115.25 23.205.115.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
102	17

2 20.60.102.1 (Canberra, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

swhv.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.213.103 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwebscope.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 172.67.202.25 (United States)

ASN13335 (CLOUDFLARENET, US)

thekerassentials.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.thekerassentials.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.40.141 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

display.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.67.8 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.143 (United States)

ASN13335 (CLOUDFLARENET, US)

go.maxweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.38.26 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-38-26.deploy.static.akamaitechnologies.com

scripts.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.239.32.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.43.115 (United States)

ASN13335 (CLOUDFLARENET, US)

buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.38.17 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-38-17.deploy.static.akamaitechnologies.com

images.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.88.170.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-170-186.compute-1.amazonaws.com

a.vturb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.69.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-69-141.compute-1.amazonaws.com

api.vturb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.205.115.25 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-115-25.deploy.static.akamaitechnologies.com

cdn.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	thekerassentials.com thekerassentials.com static.thekerassentials.com Failed	2 MB
11	converteai.net scripts.converteai.net — Cisco Umbrella Rank: 170122 images.converteai.net — Cisco Umbrella Rank: 173002 cdn.converteai.net — Cisco Umbrella Rank: 134257	6 MB
7	buygoods.com display.buygoods.com — Cisco Umbrella Rank: 776646 Failed tracking.buygoods.com — Cisco Umbrella Rank: 424911 www.buygoods.com — Cisco Umbrella Rank: 874083 buygoods.com — Cisco Umbrella Rank: 348768	10 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39 Failed	559 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
4	vturb.net a.vturb.net — Cisco Umbrella Rank: 143290
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	605 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 147
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 31402	126 B
2	windows.net swhv.blob.core.windows.net	1 KB
1	vturb.com.br api.vturb.com.br — Cisco Umbrella Rank: 167944
1	maxweb.com go.maxweb.com — Cisco Umbrella Rank: 722383
1	mwebscope.com 1 redirects mwebscope.com	1 KB
102	13

	Domain	Requested by
37	thekerassentials.com	thekerassentials.com static.thekerassentials.com
8	cdn.converteai.net	scripts.converteai.net thekerassentials.com
8	static.thekerassentials.com	thekerassentials.com static.thekerassentials.com
6	www.googletagmanager.com	thekerassentials.com static.thekerassentials.com www.googletagmanager.com www.google-analytics.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	a.vturb.net	scripts.converteai.net
3	analytics.google.com	www.googletagmanager.com
3	buygoods.com	thekerassentials.com
2	www.google.com.au	thekerassentials.com
2	td.doubleclick.net	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	scripts.converteai.net	static.thekerassentials.com scripts.converteai.net
2	tracking.buygoods.com	thekerassentials.com tracking.buygoods.com
2	swhv.blob.core.windows.net
1	api.vturb.com.br	scripts.converteai.net
1	images.converteai.net	thekerassentials.com
1	www.buygoods.com	1 redirects
1	go.maxweb.com	thekerassentials.com
1	display.buygoods.com	thekerassentials.com
1	mwebscope.com	1 redirects
102	20

This site contains links to these domains. Also see Links.

Domain
vturb.com
www.buygoods.com

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 07	`2024-04-01` - `2025-03-27`	a year	crt.sh
thekerassentials.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
static.thekerassentials.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
buygoods.com WE1	`2024-08-25` - `2024-11-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
maxweb.com WE1	`2024-08-27` - `2024-11-25`	3 months	crt.sh
converteai.net R10	`2024-09-25` - `2024-12-24`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.com.au WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.vturb.net Amazon RSA 2048 M02	`2024-01-14` - `2025-02-12`	a year	crt.sh
*.vturb.com.br Amazon RSA 2048 M03	`2024-09-19` - `2025-10-18`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922
Frame ID: BB477B3A588277B9F861F4AA37CDB818
Requests: 93 HTTP requests in this frame

Frame: https://go.maxweb.com/conversion/iframe/?a=7423&token=385bfcd1c31eab5bd7c612a5858fdc7f
Frame ID: B71477D508E5C2314A36863802744199
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-38R9NVYJ43&gacid=1729503450.1728857549&gtm=45je4a90v869410655z8857324498za200zb857324498&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=397718359
Frame ID: 3E853F2D2F56329C720A67FA6241D772
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-9KZM1E116M&gacid=1729503450.1728857549&gtm=45je4a90v873026607z8849042281za200zb849042281&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=772621809
Frame ID: 2A5BF4BB7A493ED24FF2A0BB6602C94C
Requests: 1 HTTP requests in this frame

Frame: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=7085&t=83c58f6ec3af6c7d18db89a0a0e9267c&s=sessid20241013221243916
Frame ID: E22B0C3A24B8A6BA2957829C5054290C
Requests: 1 HTTP requests in this frame

Frame: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=7085&t=885853b909d88cc679c0e91cc0f35b97&s=sessid20241013221243916
Frame ID: 1E3E6669D62DBCCD9CB0195F9709D939
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kerassentials - Video Presentation

Page URL History Show full URLs

https://swhv.blob.core.windows.net/sbwhsw/3almks.html Page URL
https://mwebscope.com/7423/1922/2/ HTTP 302
https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922 Page URL
https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_se... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

102
Requests

87 %
HTTPS

0 %
IPv6

13
Domains

20
Subdomains

17
IPs

2
Countries

8351 kB
Transfer

10626 kB
Size

20
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://vturb.com/?via=player
Title: Powered by Vturb

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/checkout.html?sessid2=sessid20241013221243916&aff_id=17778&sid=1922&sid2=7423_sessid20241013221238583&subid5=progress&vid2=progress&account_id=7085&screen=checkout_one&product_codename=1&redirect=aHR0cHM6Ly90aGVrZXJhc3NlbnRpYWxzLmNvbS8vdXBzZWxsLWExLnBocA%3D%3D&item=1&static=https%3A%2F%2Fthekerassentials.com%2F&vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922&_ga=1729503450.1728857549&_b=NDgwMjM4O3RoZWtlcmFzc2VudGlhbHMuY29tL3ZpZGVvX3Byb2dyZXNzLnBocDt1bmRlZmluZWQ7S0VML2xlYWQzX3Z0dXJiOzE7Njk7ZmU%3D

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/checkout.html?sessid2=sessid20241013221243916&aff_id=17778&sid=1922&sid2=7423_sessid20241013221238583&subid5=progress&vid2=progress&account_id=7085&screen=checkout_one&product_codename=3&redirect=aHR0cHM6Ly90aGVrZXJhc3NlbnRpYWxzLmNvbS8vdXBzZWxsLWExLnBocA%3D%3D&item=3&static=https%3A%2F%2Fthekerassentials.com%2F&vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922&_ga=1729503450.1728857549&_b=NDgwMjM4O3RoZWtlcmFzc2VudGlhbHMuY29tL3ZpZGVvX3Byb2dyZXNzLnBocDt1bmRlZmluZWQ7S0VML2xlYWQzX3Z0dXJiOzM7Mjk0O2Zl

Search URL Search Domain Scan URL

URL: https://www.buygoods.com/secure/checkout.html?sessid2=sessid20241013221243916&aff_id=17778&sid=1922&sid2=7423_sessid20241013221238583&subid5=progress&vid2=progress&account_id=7085&screen=checkout_one&product_codename=2&redirect=aHR0cHM6Ly90aGVrZXJhc3NlbnRpYWxzLmNvbS8vdXBzZWxsLWExLnBocA%3D%3D&item=2&static=https%3A%2F%2Fthekerassentials.com%2F&vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922&_ga=1729503450.1728857549&_b=NDgwMjM4O3RoZWtlcmFzc2VudGlhbHMuY29tL3ZpZGVvX3Byb2dyZXNzLnBocDt1bmRlZmluZWQ7S0VML2xlYWQzX3Z0dXJiOzI7MTc3O2Zl

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://swhv.blob.core.windows.net/sbwhsw/3almks.html Page URL
https://mwebscope.com/7423/1922/2/ HTTP 302
https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922 Page URL
https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://mwebscope.com/7423/1922/2/ HTTP 302
https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Request Chain 56

https://www.buygoods.com/images/buygoods_black.png HTTP 301
https://buygoods.com/images/buygoods_black.png

102 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 3almks.html Show response
swhv.blob.core.windows.net/sbwhsw/ 166 B
569 B 40ms
15ms Document
text/html 20.60.102.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://swhv.blob.core.windows.net/sbwhsw/3almks.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.102.1 Canberra, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7bde4f84cfee5558a9a221e507393d615590aefd5dcaa725a751de29da93104c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Length: 166
Content-MD5: SWgDL6BETAo5EXnIcARyDQ==
Content-Type: text/html
Date: Sun, 13 Oct 2024 22:12:27 GMT
ETag: 0x8DCEBA8348D9777
Last-Modified: Sun, 13 Oct 2024 16:58:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 2d57065c-f01e-004d-77bc-1df6d6000000
x-ms-version: 2009-09-19

GET
H3

200

video.php
thekerassentials.com/
Redirect Chain

https://mwebscope.com/7423/1922/2/?
https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

27 KB
8 KB

147ms
51ms

Document
text/html

172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://swhv.blob.core.windows.net/sbwhsw/3almks.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d22abdb6e95a959-SYD
content-encoding: br
content-type: text/html
date: Sun, 13 Oct 2024 22:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52xkfrCrkOC%2BYGCbumk1eBJv6V%2FRFEX1SbSqit9fq0MorcqJ1LZ9l4qlHC74Y8ffwWl14%2BfBeF8V0FNqECuwI4ko0Ao0tHvb7YtIIOmRxnaXbSaK3QoN8sk%2FCABEe556hIH6SzVGDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=3600 private
cf-cache-status: DYNAMIC
cf-ray: 8d22abd7fd9d5d21-SYD
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=UTGF3EpprJdYi9c2k6bgnVIsKksonR53clGILJ.1rJ8-1728857547-1.0.1.1-C.P7nDcmU.JlJYZplHZw2fzBvS7nFHwF0igGyJjTMJBV24RMJNlmcaMerdp88uX2cdYDAEInfgWGGx3DKnO_X9o0TrJN_F8EiF5QotBFVKIyLnBbZu1Q9fu.Milzlw2XCFw6LAv1OUWNUxvoGtEX.g; report-to cf-csp-endpoint
content-type: text/html; charset=UTF-8
date: Sun, 13 Oct 2024 22:12:27 GMT
expires: Sun, 13 Oct 2024 23:12:27 GMT
location: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=UTGF3EpprJdYi9c2k6bgnVIsKksonR53clGILJ.1rJ8-1728857547-1.0.1.1-C.P7nDcmU.JlJYZplHZw2fzBvS7nFHwF0igGyJjTMJBV24RMJNlmcaMerdp88uX2cdYDAEInfgWGGx3DKnO_X9o0TrJN_F8EiF5QotBFVKIyLnBbZu1Q9fu.Milzlw2XCFw6LAv1OUWNUxvoGtEX.g"}],"group":"cf-csp-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=31536000;
x-server: WEB_3

GET
H/1.1 400
One of the request inputs is out of range. favicon.ico
swhv.blob.core.windows.net/ 226 B
485 B 13ms
13ms Other
application/xml 20.60.102.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://swhv.blob.core.windows.net/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.102.1 Canberra, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://swhv.blob.core.windows.net/sbwhsw/3almks.html

Response headers

x-ms-request-id: 2d570668-f01e-004d-80bc-1df6d6000000
Content-Length: 226
Date: Sun, 13 Oct 2024 22:12:27 GMT
Content-Type: application/xml
Server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 speculation
thekerassentials.com/cdn-cgi/ 128 B
570 B 12ms
12ms Other
application/speculationrules+json 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thekerassentials.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thekerassentials.com
Referer: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLVPlNM8HOrUzJwbIXxk4R9e6pGmCo2xUlbb%2BOQ80gYcFjKKqOiUcu6ePGeViqLUJRHFLtFohUA%2Fj7G5DhiPgtPnnepGAqHTywcEYbZBMiJO%2B3np%2BNXeXcl4FoFilzEnt8kazI1GmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22abdbcefea959-SYD
access-control-allow-origin: https://thekerassentials.com
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.min.css
thekerassentials.com//statics/css/ 157 KB
24 KB 12ms
11ms Stylesheet
text/css 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/css/bootstrap.min.css

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"c94a1fa0dca7aa108f77fa3ec46f7a22"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3d4EneVTw%2BJYSTFInuea7Cala%2Bh5sZZXW0JjE0QDbFCN9hqBbXM4TydgkZWPL9Wzfl070V8jo6Ymk6X%2FqE0QgkOGmN2NDdiOqr%2B6IAlNIKXdDOCPc9%2FlTOivEryDbeRmg85Rq9%2BRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdbcf01a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 style.css
thekerassentials.com//statics/css/ 25 KB
6 KB 16ms
15ms Stylesheet
text/css 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/css/style.css

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"dd3367f4ca306541b50473d7ef34d187"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PNbVCgjEQaRLgvyey7kNp2E5l8BPQ7jioGoQNtKjYEBOF9brMz6RDP6UBcftZFmiYEbeHzDK1a6lAWvoZTA0k%2BSWvkI6pBsve42P8qB7i%2BeMav1eDFa96LKiZBgVNjfk0VmXZq0PA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdbdf05a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 statics_js.php
thekerassentials.com//statics/js/ 12 KB
3 KB 14ms
13ms Script
application/javascript 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/js/statics_js.php?static=https://thekerassentials.com/

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"9dcad0dbdaffcee8bc5d50b2a4e527b4"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pXdzttlXcRyk%2BrcMhv%2B0f%2F6hT8AT3fYypF00KgRSgYfACd%2F964ptBjeDafex4rGtuQTKErFTHOdhA9jEM2b1KPJPWVCA5EUXEcyBgyIofj68%2Br7gtq1yEvpDBFFiSnuglX9XGNfxw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdbdf08a959-SYD
access-control-allow-origin: *
server: cloudflare

GET statics.js
static.thekerassentials.com//statics/ 0
0

GET N2O.js
static.thekerassentials.com//statics/ 0
0

GET player.js
static.thekerassentials.com//videoboxes/universal_player/ 0
0

GET /
thekerassentials.com// 0
0

GET
H3 200 69.png
thekerassentials.com//statics/img/ 6 KB
6 KB 18ms
18ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/69.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "2e406a8faf018c3eeef31353c26e84f5"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qyisrv2ktTTsu8y7nUUQc1H0YIsdS%2FKkWpv6HFKdhUYt1StWChbaiPaY4%2BIOi5rA1Pe%2Bf8YInidvs1tMJOBHCX2ur3BE6HIqOpKqBjsZ75fMeC0FDlkvfN9TdisEPIvyNTfFBKVkJA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdbdf0ca959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6082
server: cloudflare

GET
H3 200 buy-now.png
thekerassentials.com//statics/img/ 6 KB
6 KB 14ms
13ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/buy-now.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "6be2d522a77de93704830ec8ccceeca5"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9aiQyc3S%2FOTsfU5kjlDRLQpmPeCmAX87zM%2FZEa6U%2F4YNrYIz4Fw76%2FuF3pgT0wBjiw3sIe3iMxAf5wPpn32WMdMUhEqARKTswSeisQPD6Cq6D34Go3Xp896rdr9pF8RppfiWkJV8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdbff2aa959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5880
server: cloudflare

GET
H3 200 credit-cards.png
thekerassentials.com//statics/img/ 7 KB
7 KB 14ms
14ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/credit-cards.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "05af7d86a914822e3862feefaef66342"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a68eHQDgmA9zHgEvewpoK%2BvlXdwl5dDdawE%2B5PhOmBVks%2BGhdcCEjtdcnsg85%2F7a9%2BOZBM%2FgYpx%2FUYga%2FZ6sC%2BdG1SyW4mpn9vMapjrxMKK0rJtmTFF0ZFlYn4ONSeoIUd8QLTCfeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc0f3fa959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6928
server: cloudflare

GET 49.png
thekerassentials.com//statics/img/ 0
0

GET buy-now2.png
thekerassentials.com//statics/img/ 0
0

GET 59.png
thekerassentials.com//statics/img/ 0
0

GET testimonial-stars.png
thekerassentials.com//statics/img/ 0
0

GET disclaimer
display.buygoods.com/v1/ 0
0

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H3 200 Primary Request video_progress.php Show response
thekerassentials.com/ 28 KB
8 KB 41ms
41ms Document
text/html 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f13829d85860bb1009c622ece55c7c0d14090b276bfe955e4e9e7a2186813f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thekerassentials.com/video.php?aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d22abdbef28a959-SYD
content-encoding: br
content-type: text/html
date: Sun, 13 Oct 2024 22:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1QlQOXmO%2FdgumkPKZAOBJfXXDSmuDC%2F6OjP9IV1QiNY4zGOCj1cxL4eyaWsyLBDW304t9MD13o3raSnXiXOnt64yV5lyyn44RbJK9FwrWTwQqg2VPWVOGClNOTcilm8bB66qjGfpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 speculation
thekerassentials.com/cdn-cgi/ 128 B
578 B 11ms
9ms Other
application/speculationrules+json 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thekerassentials.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thekerassentials.com
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0cgDHZj2gAHc%2F%2FJX%2F5ndkIQn6i5BMqvbUI%2BIwm66CM9gRNpy3sg77cyn%2Bbm0%2FlIB%2Fuj11pmUp%2FkH882mEqDvG5UJV1tvLpoB%2FTBzeChDXk8p8pqG8ETt0EJq5lT%2Fz5t6NhTcsbxrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22abdc3f8fa959-SYD
access-control-allow-origin: https://thekerassentials.com
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.min.css
thekerassentials.com//statics/css/ 157 KB
500 B 31ms
29ms Stylesheet
text/css 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/css/bootstrap.min.css

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"c94a1fa0dca7aa108f77fa3ec46f7a22"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3d4EneVTw%2BJYSTFInuea7Cala%2Bh5sZZXW0JjE0QDbFCN9hqBbXM4TydgkZWPL9Wzfl070V8jo6Ymk6X%2FqE0QgkOGmN2NDdiOqr%2B6IAlNIKXdDOCPc9%2FlTOivEryDbeRmg85Rq9%2BRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc3f92a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 style.css
thekerassentials.com//statics/css/ 25 KB
495 B 37ms
35ms Stylesheet
text/css 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/css/style.css

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e33ba8929540ca58546a9282a4cf362291795adf0b6be0008445accd020395e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"dd3367f4ca306541b50473d7ef34d187"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PNbVCgjEQaRLgvyey7kNp2E5l8BPQ7jioGoQNtKjYEBOF9brMz6RDP6UBcftZFmiYEbeHzDK1a6lAWvoZTA0k%2BSWvkI6pBsve42P8qB7i%2BeMav1eDFa96LKiZBgVNjfk0VmXZq0PA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc3f95a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 statics_js.php Show response
thekerassentials.com//statics/js/ 12 KB
498 B 28ms
26ms Script
application/javascript 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/js/statics_js.php?static=https://thekerassentials.com/

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7de1593b20e8ef1b887ce5e58793d488450421e58dac650f6db30cf809299b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"9dcad0dbdaffcee8bc5d50b2a4e527b4"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pXdzttlXcRyk%2BrcMhv%2B0f%2F6hT8AT3fYypF00KgRSgYfACd%2F964ptBjeDafex4rGtuQTKErFTHOdhA9jEM2b1KPJPWVCA5EUXEcyBgyIofj68%2Br7gtq1yEvpDBFFiSnuglX9XGNfxw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc3f98a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 statics.js Show response
static.thekerassentials.com//statics/ 53 KB
19 KB 19ms
14ms Script
application/javascript 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.thekerassentials.com//statics/statics.js

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9d7bdac55acc64d3839d6f4ebe22579e0b3f5a6cc09d6ac987812c3695b007

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"40d2418de72308870ddea5d1b3f564b7"
age: 2103951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AKOaDeNDASPPZ5Ew8T76tBpGsJK5hrRJgq4vcF99lxM%2BpVBt1gBlv5Z%2Fw%2FqGwGW2YICeGh0YC%2B3V0%2BUdfoZqNTS5Y27%2BApzbbJGLJEyrOkj3zh%2BhQkiXAVReqhD3TSu0FaHZ0DcSa%2B5qB8IsFQI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc38b1a80e-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 N2O.js Show response
static.thekerassentials.com//statics/ 6 KB
3 KB 24ms
18ms Script
application/javascript 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.thekerassentials.com//statics/N2O.js

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8018f851afb0a06dbd8d65b7772dcc0f5c2adbef39854836ca0dbd258aad2fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"eba2682bdc3f8f00012a07114ea16b13"
age: 2103951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZgp%2FZw0dENRGFfQr7ZlfP%2FNT%2FAylXm358R%2B9llCiSORkT3huq9aNIz1SFtdgR8ZWQNl9ZSsE6pdw2n6Y351ikqn1MCqDBh8NVOTMsdEr5tIS%2BvS74mta5WoBk1FShvOsnHIUAaQyvyGz1xn9Q4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc38b5a80e-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 player.js Show response
static.thekerassentials.com//videoboxes/universal_player/ 31 KB
8 KB 23ms
17ms Script
application/javascript 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.thekerassentials.com//videoboxes/universal_player/player.js

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0748d94cbdb4aef9aa3d2d573a0341cf930e77913e8b729b2e16339538eda840

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12324dfd077ef3d307f754a1ced51131"
age: 2103951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPye6QWAH%2BzL5%2F3MbKZjg724SOwCOMo%2B8Ef%2FjenFYxUYjXRUEQse0Z2ySa8%2F%2BRkWhm2x7Zdf8ehzxi5Wtm7RVBQbPz21n4DdJzlYs3gKeA25tqFgS3P2%2FV7XD57wwSiGGOs1cGJefhqE5neA%2FnE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc38b3a80e-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 month1.png
thekerassentials.com//statics/img/ 366 KB
367 KB 17ms
16ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/month1.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60312d2971bdbdb2c23b8aad47e735c0012f98b2168ff16b30fc170368b43c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "88aa660a5e7fb7164091b7117ee95502"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8Yv8KVJ57eAvqKAuMIjrToIEP3%2BoC6j89Jm7J50sI6PuPG8eqklpchlirhV4VCqeOYDQYDqMfnTwx3%2F1dxn%2FWXFmPqAwqD7dqpQq2s0c6EZkRRXWt0kdVS%2B7KtuH2J6lljjpxJ5OA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc3f8ba959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 374689
server: cloudflare

GET
H3 200 green-arrow.png
thekerassentials.com//statics/img/ 15 KB
16 KB 15ms
15ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/green-arrow.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aea2e662cea0d5383334edeab2550275f3a8448638a4b68010ba5c2461d4d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "964d2b6d1f2bb64a9238812c8bc1db11"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDgkRSirZmyplMq9aYqXHFzclndYGAOTZWmo3WKz6hwXyoIsL3Ptbp%2BrGxbhMQs%2B30322V2eQlFV%2FsE6JYxowuNW3QtNVlNTI3IUXewR5TML%2B0z8SxZpCxtTlLdK7Ie9yCmb2okQlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc3f8ca959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15589
server: cloudflare

GET
H3 200 month3.png
thekerassentials.com//statics/img/ 364 KB
364 KB 20ms
20ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/month3.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2041faa3cd79938373dd1ad4087cc284dd8172db8f1c1fe46c610e9071293f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "59dac5ead5b6567dce4e2729176323d5"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQjRmmhOtI9YhxEdxlhOdVFwfeMUXow2DLd3FK3gZwqRXLO4n9t31wo9xzadBK9EZl0rudMr7qLgJQwS3GaV0vo7w%2BHVzRGAj9MIGc0QMHUxaQltEYqqlOYafBy58BCcbxCqauh5Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc5fc3a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 372231
server: cloudflare

GET
H3 200 month6.png
thekerassentials.com//statics/img/ 355 KB
355 KB 19ms
16ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/month6.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d634772d68de32584d8b446095468e61bbeb8a330911a36900e88e00620010b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "3858548fc0485d85502b6fdfb39eb38a"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vL49kW2PSsYRJ66VBZTgIKhqQWv2pFaluEclmedQ%2FCs0R%2FGjVeMGt5HhKF%2FyZ9ppp5fMYn9L03SI3ciPUnUo6gy7x1EWMicT84CkzRgGwp6FOOrRCrAeiCveCzBKCEkZlCigUL3fvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc7811a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 363091
server: cloudflare

GET
H3 404 /
thekerassentials.com// 3 KB
3 KB 59ms
57ms Image
text/html 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e55a5635530d4f8727039d299fd645512762a83b24e1fab67b21ef5295d53c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WW0RUvRYtSO1ytbE9xAf49TsuxUOofIKH7c120arftP4MmksRPUxokE4s5%2FuIgNgo1Wozm3BpWPlg5WTqXeWrADekIZsb9p52YOOhXei4K6TiLoFrjQvdh9FTDQMqPQ8S9uCRS3bQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
link: <https://fonts.googleapis.com>; rel="preconnect"
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc7814a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 69.png
thekerassentials.com//statics/img/ 6 KB
493 B 44ms
40ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/69.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe17e4efc4cd7701dc6ba1d4887db43a5eac02a0d9a7d95c70d50c49f9f5a28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "2e406a8faf018c3eeef31353c26e84f5"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qyisrv2ktTTsu8y7nUUQc1H0YIsdS%2FKkWpv6HFKdhUYt1StWChbaiPaY4%2BIOi5rA1Pe%2Bf8YInidvs1tMJOBHCX2ur3BE6HIqOpKqBjsZ75fMeC0FDlkvfN9TdisEPIvyNTfFBKVkJA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc781ea959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6082
server: cloudflare

GET
H3 200 buy-now.png
thekerassentials.com//statics/img/ 6 KB
494 B 29ms
25ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/buy-now.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62e61b03c45a1cbd52ed2dd896ab8b633605fa78453e80ed111c0580de1b9bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "6be2d522a77de93704830ec8ccceeca5"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9aiQyc3S%2FOTsfU5kjlDRLQpmPeCmAX87zM%2FZEa6U%2F4YNrYIz4Fw76%2FuF3pgT0wBjiw3sIe3iMxAf5wPpn32WMdMUhEqARKTswSeisQPD6Cq6D34Go3Xp896rdr9pF8RppfiWkJV8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc781fa959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5880
server: cloudflare

GET
H3 200 credit-cards.png
thekerassentials.com//statics/img/ 7 KB
501 B 24ms
21ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/credit-cards.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe35d9af4c0fad2364bcbebc476fe497df0eeaca22e1ae4399b236d5725c8e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "05af7d86a914822e3862feefaef66342"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a68eHQDgmA9zHgEvewpoK%2BvlXdwl5dDdawE%2B5PhOmBVks%2BGhdcCEjtdcnsg85%2F7a9%2BOZBM%2FgYpx%2FUYga%2FZ6sC%2BdG1SyW4mpn9vMapjrxMKK0rJtmTFF0ZFlYn4ONSeoIUd8QLTCfeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc7820a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6928
server: cloudflare

GET
H3 200 49.png
thekerassentials.com//statics/img/ 6 KB
6 KB 25ms
22ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/49.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ca5c45cb3588be0b38bfe4fb7aebcd186fdc89824b72fc6b6db3c6f235f534

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "e0eb022b2e967d1e09bbc4772b7c7e76"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UDahPifFu5xbCW76Yc24ujETawNS44dYqSfX9zzw8jnNPLzF3Ow%2Bl1LPKJGBH5la4tEydsZSVMUDX%2B0AGQ1n9gTBxfXQbPSJSY%2FzjmBqeR97wyHItQL1rijG1n6oZOmsaDxKFeyFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc7816a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5960
server: cloudflare

GET
H3 200 buy-now2.png
thekerassentials.com//statics/img/ 9 KB
9 KB 17ms
14ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/buy-now2.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9be3be6e917a45d702b9340b4bbc27199a8992aea2c26e22ac9cdfcfa361174

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "896c60c9cab3c40633178444baa3d1b6"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncGA4fRPU8PkKaI35Kmb%2FtZYfZuN3%2FXoepHNkjknHSCUyWmOzlG%2F8cZRaU1oBnZGeXAGqMWLG6kS6t17Bh%2Bgk65%2FfTlGlWOvruMgUn23PRikHCD2F%2FzbnAq1TfkWn3l8XYFYGq%2BlEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc7818a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8831
server: cloudflare

GET
H3 200 59.png
thekerassentials.com//statics/img/ 6 KB
7 KB 23ms
20ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/59.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1382ccf2d0d09eaf9f4bf1f4bfc641a4a03279e0744f1218405078bdd50391b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "83c2779888a2692403001e8fd6c66999"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uclr2AN7YQIai5wV7CHPDgz%2BnQai49azj9iBzN%2FkPECta%2BE%2BivhmqVeLmj%2BbNacvLhPu10HyGk06igYzNCbqxMsCPpTOwc%2FUv1g2IyvZXDDiJlPOb9bJkw1sOH9E2g9nqjwG6RgEMg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc7819a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6160
server: cloudflare

GET
H3 200 testimonial-stars.png
thekerassentials.com//statics/img/ 11 KB
11 KB 28ms
25ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/testimonial-stars.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddcfdf7dd0ca655392d3ddd807fcb5ada15e24bc824fd74bb83b24fd3f39ad92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "b127453d5093a9698f1482d9adcae0d7"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kqyvbkOzrqesH%2FS1HwFTtYtlQ276GRO2cLlntv1ZgoLZD3jOe3PKxUEH16CBFKEmgg0bZjmipj6TVylaI9cuOvqy7S3xj1WM5t%2FkOBjgkAPeGv89BNBSSpsqA8xhMYm92OHFaQn5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc781ba959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10827
server: cloudflare

GET
H3 200 disclaimer Show response
display.buygoods.com/v1/ 1 KB
2 KB 206ms
203ms Script
text/plain 172.66.40.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7085

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.141 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d22abdc7f4b573b-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
x-powered-by: Express
server: cloudflare
x-server: WEB_3_7500

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
80 KB 220ms
116ms Script
application/javascript 142.250.67.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K35JCCT

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

13ff30412c730744288a3c404205ea839ab171a831b3efdf5272f5b670549345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 13 Oct 2024 22:12:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 13 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81272
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
81 KB 221ms
118ms Script
application/javascript 142.250.67.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5JSL76&l=evttrk_dataLayer

Requested by

Host: static.thekerassentials.com
URL: https://static.thekerassentials.com//statics/statics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4246cce14aadd043dbfd6aa96c644a0437548cd49211519ad9f785e8ae83bf5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 13 Oct 2024 22:12:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 13 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82690
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 lead3_vturb.json Show response
static.thekerassentials.com/setups/KEL/ 1 KB
1019 B 25ms
16ms XHR
application/json 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.thekerassentials.com/setups/KEL/lead3_vturb.json

Requested by

Host: static.thekerassentials.com
URL: https://static.thekerassentials.com//videoboxes/universal_player/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9305b1c2173ada783ee85f9adaaf4a7a0a22160878b62affc2c98cb2febe5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2048d7ba6ab6643e3454aee1afce7f9e"
age: 2103951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcf0h1YNqvctseb3UQ%2B8sYGsVl73ADZ57hJAl4dr9Dw%2FivWZJBXTNgshSuHCKYmr6N7Quit5%2F15AwllmKnTriOSuRs9lmwZnvdAy4jYbmBbRn4NKNmhJMIXq9XujTiIfiAN1kQEYu%2BDkE6wL5G8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdc8b55573f-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 / Show response
tracking.buygoods.com/track/ 645 B
778 B 278ms
217ms Script
application/javascript 172.66.40.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.141 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fce95ee498b98cf61adab53a4a4c77e9dd6ac046e40a6c17c038c4e5c986795

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
expires: Tue, Jan 12 1999 01:01:01 GMT
alt-svc: h3=":443"; ma=86400
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-server: WEB_3
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8d22abdce813573b-SYD
access-control-allow-origin: *
server: cloudflare

GET
H2 200 /
go.maxweb.com/conversion/iframe/ Frame B714 0
0 706ms
384ms Document
text/html 172.66.40.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.maxweb.com/conversion/iframe/?a=7423&token=385bfcd1c31eab5bd7c612a5858fdc7f

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.40.143 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://thekerassentials.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=3600 private
cf-cache-status: DYNAMIC
cf-ray: 8d22abde8f37aabe-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Oct 2024 22:12:28 GMT
expires: Sun, 13 Oct 2024 23:12:28 GMT
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-server: WEB_3

GET
H3 200 RobotoCondensed-Bold.ttf
thekerassentials.com//statics/fonts/ 162 KB
88 KB 15ms
14ms Font
font/ttf 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/fonts/RobotoCondensed-Bold.ttf

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14948aedbcaf906a9cacab38de5fff889bde887ecbd710b8a1ada3ae84c65477

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thekerassentials.com
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b78b2dab22bba8eaa3b04b18b820f282"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ra27K7ejCvdsjKdjf7%2FBBDLQ5dQFjU4DYvdntM4TAdesaO0%2BcEIav17yBtCGSJ1Plrtr5lNswjDVQOL8aTH9aF%2FiI%2Bv%2BXL2wQes%2BAqFoZVMjfqCJZdFNAJ2IZLqq3yxw2XOGQyUEDAxzCGNjqv%2FQBGmxeg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdca84da959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 Quicksand-Regular.ttf
thekerassentials.com//statics/fonts/ 77 KB
40 KB 26ms
24ms Font
font/ttf 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/fonts/Quicksand-Regular.ttf

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe2a5f848c95b8ff0b6c0d086085fda937f8a4d40539c9c4d9fffc6ca8c9a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thekerassentials.com
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"f4b949e3a5ea698035290d6062f89655"
age: 1053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6HcOq016tUuO2GpDfsbpJglN0BDtTbc4brEpAHTxxwFaZEei4Kp6mRXHd%2FfGlCwPMpPK2MrGvOytGdz4MmobZrn3Q9o8P%2FxW7ZLw8T%2BgDdxfqT6pnTmrzbjVhvDYlh98A1WwTkordQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdca852a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 Quicksand-Bold.ttf
thekerassentials.com//statics/fonts/ 76 KB
38 KB 34ms
32ms Font
font/ttf 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/fonts/Quicksand-Bold.ttf

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b4b10cda37475c6d3a29539aad8489e7fcb948086dae422f141146d79ac91bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thekerassentials.com
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b54eadd62f6edb32a017fc3cdd932732"
age: 1053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XRbj15iYQQI2eYGhaFrt8sU8%2Brubm0Xpeoxa%2BLNpBO1jcMxtFaAGcZVcDwlYkoGq7y%2F5TLviYygWqWeqpoO6W65up0lAh4M%2FJCxSvv2HKOQKvF6pv7XNBwWopomi%2F6T4XwGU9u7Q2w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdca854a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 player.css
static.thekerassentials.com/videoboxes/universal_player/ 2 KB
1 KB 17ms
16ms Stylesheet
text/css 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.thekerassentials.com/videoboxes/universal_player/player.css

Requested by

Host: static.thekerassentials.com
URL: https://static.thekerassentials.com//videoboxes/universal_player/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9704b6f2244da214a4d9eed026e1bacf4dbcb9c3a87ce54bf1ae5a1740c337c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"978b940b605921d6bd72c9ca19269a7b"
age: 2103951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtcpVLfF8%2FuOjYF%2F2TmcPmSevQ%2FPiPSuxQDhrwBomIcqeZbeiRVLBEMoE0QtyUG6zuIYJ9DXKz92HIdTMrqJ7EHPQiJd1IGA3dxp7i5dvWH9jG%2Br1JZHg%2BCllRBlCXjbLuoVtPJm%2B1V4icaX144%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abdca920a80e-SYD
access-control-allow-origin: *
server: cloudflare

GET
H2 200 player.js Show response
scripts.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/players/65f836256cab7700086c5f6f/ 4 KB
2 KB 1153ms
823ms Script
text/javascript 23.55.38.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/players/65f836256cab7700086c5f6f/player.js
Requested by: Host: static.thekerassentials.com
URL: https://static.thekerassentials.com//videoboxes/universal_player/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.38.26 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-38-26.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6dda68c837ab716f6b568bb18468b9a5e2cd643e77a8644a6b2e87c7bf8eb183

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
etag: "7b044568fc3ba0368403e19eb51b5b4f"
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1707
x-amz-cf-id: oWvyavMcnFQHnvaQL7hDwYVQS6d-lkUcGvhcCTJvg2br5_VR94TLJA==
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: text/javascript
last-modified: Tue, 08 Oct 2024 14:56:04 GMT
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

OPTIONS
H3 204 saveenv
static.thekerassentials.com/ Frame 0
0 48ms
48ms Preflight 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thekerassentials.com/saveenv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://thekerassentials.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d22abddcc95573f-SYD
date: Sun, 13 Oct 2024 22:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THrjkNF0iFisswdMoq9DCPGdO8onOpKbNtaedsyAz%2FsBEZTuhIXSTef%2BILiB8y9zopSdA4RL9Nh6K3Kg6M0t9yEnCdfNc4q6Z5oHrDMycI8mgKKTDAakS28QCGzPrvL4rpNaVlof0KXksQ1xJbU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 saveenv Show response
static.thekerassentials.com/ 6 B
420 B 892ms
891ms Fetch
application/json 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thekerassentials.com/saveenv
Requested by: Host: static.thekerassentials.com
URL: https://static.thekerassentials.com//statics/statics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9a9c3d49f0a2e23020df599ca72ead9b563bfc0fceb90990acac1fd7b8a6924

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://thekerassentials.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BDaHcrIQFJ0dg4%2Fx%2FhXRIV%2Ba1X4YrAlPtQ1MT%2Bc5ghc3hVdFy2B3HLutedFuKuZZvrARXLWArPeLrUBKDcACmfrzAYG4sbawP4bnATIx6nIh%2F3%2B67Ud9uxAEPYx6sgLp7kTAiiGSWyLOGWWMGg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22abde1cdc573f-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 6
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 prod_1_bottle-new.png
thekerassentials.com//statics/img/ 58 KB
58 KB 15ms
15ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/prod_1_bottle-new.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a63255bb41f5ee3b79205b2d52fd248ef9e4c15de2ace2a3933b9544738bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "65531f7c4df4a32b402741e2f4ec3665"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MEwfxcyoqjYBiIT3l55uGgEqBt7vYtNEdsfPEuS2dRofSbNuIGBHGUiWPhRNQPUmlrc7t6izSZb3He6dVfrzPZjcj%2FF71CNUpM1gIh3AMC5117LHcT5t2JpmjY5oaL6CRzyU3vONQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abddc9b4a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 59248
server: cloudflare

GET
H3 200 prod_6_bottle-new.png
thekerassentials.com//statics/img/ 143 KB
143 KB 14ms
13ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/prod_6_bottle-new.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c48e503a795a7db23481e0d1099ef3ff0c27aae98b7b557aa8a08f5d7b232478

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "0f4f45c704e35db165daf1ceca9487a6"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rf1rLoQHR9gMKb6Xkwyn9hS62hD6Nv5AKB8OiTq4b7W9LUE88bOOzuiTVaEuTboi5lNxr%2BZ7MsOahlxUXQGGPYnyfpWVVA21R%2BLn%2B99Ts9pYFv9RcGoQdc%2BQRoZ9Llil64k5NYhplyZsg9sixGhbJyWBwg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abddc9b7a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 145920
server: cloudflare

GET
H3 200 prod_3_bottle-new.png
thekerassentials.com//statics/img/ 102 KB
103 KB 17ms
16ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/prod_3_bottle-new.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79fd80a3c97a94a7f7f273eceffdc3aa4084bb27c67c552f54264ecea11cc4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "69f985c46cc06c689617b7f72995c52a"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JwYS%2B%2BFpIeIxFTvA2emVyWSWWkGMTB6tX7Ql4ogmWJnh1GdMMFTWrbowt%2FqMHJedq8fwcrWjJe0l9N4iEai0fs7otK38slH0TCvDAbQ0idVmHTIezWdkl4Sr6QJLZu85dzkYIN07AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abddc9bba959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 104645
server: cloudflare

GET
H3 200 refs.php Show response
thekerassentials.com// 7 KB
3 KB 47ms
46ms XHR
text/html 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//refs.php

Requested by

Host: static.thekerassentials.com
URL: https://static.thekerassentials.com//statics/N2O.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c892e45d1d9ee65fa678b7fc6670e4271652e1c2162da36b8c9e249c468d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Z7j2rn8njMglXp2u8Sa0zrf%2FhmwiNOLKS4U0haBQ83WcFLngA3YygNj6YnirBy%2FQuXnxiIkP8swEg2uA3YMSt0VphJLrMQmXbMlYBzSvrZWdq3Z0jb92Upgs5SL1wU6sGnh19ZzeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abddc9bca959-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3

200

buygoods_black.png
buygoods.com/images/
Redirect Chain

https://www.buygoods.com/images/buygoods_black.png
https://buygoods.com/images/buygoods_black.png

4 KB
5 KB

39ms
30ms

Image
image/webp

172.66.40.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buygoods.com/images/buygoods_black.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Server

172.66.40.141 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "59b77ee8-257c"
age: 177417
cf-cache-status: HIT
expires: Wed, 11 Oct 2034 22:12:28 GMT
cf-polished: origFmt=png, origSize=9596
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/webp
content-disposition: inline; filename="buygoods_black.webp"
x-server: WEB_1
last-modified: Tue, 12 Sep 2017 06:30:00 GMT
vary: Accept
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=315360000
cf-ray: 8d22abde29b1573b-SYD
accept-ranges: bytes
content-length: 4492
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=14400
location: https://buygoods.com/images/buygoods_black.png
cf-cache-status: HIT
age: 41
cf-ray: 8d22abddd930573b-SYD
expires: Mon, 14 Oct 2024 02:12:28 GMT
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 22:12:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Quicksand-Light.ttf
thekerassentials.com//statics/fonts/ 77 KB
38 KB 13ms
13ms Font
font/ttf 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/fonts/Quicksand-Light.ttf

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ed40a3659903c3d940f6c60572882cddb6dff453d1eef1c58430af810e3e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thekerassentials.com
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"887168fa46d93bd6885261a66682db25"
age: 1052
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2Bhh2Ml%2B6JbCa4a%2FdPALSEWntrDeeYbik5pUWkxsSWdaneFe1djD1tovG%2BvyUK%2F13bNZJV3xApAlKRAJgmCt55kXC9%2BPsuOLyS23yNjYUsnaTeIinLXClwHk%2FIbXgPWouhpQzKFiEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abddd9c2a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 refs-logos.png
thekerassentials.com//statics/img/ 84 KB
84 KB 15ms
15ms Image
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thekerassentials.com//statics/img/refs-logos.png

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

584f3c745341bfccdd95c6575c34759ab4afb2603dbf00dea1cd6f934d6c8ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "a903d61a8b6f4d993e01e0061b08356c"
age: 18600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2B7M2p19ysVin1Mt7%2B1sCDT73aGF222m%2BVI5XvZY5RzxntKoeyrDajkkbmaccK%2FWl%2FGiK1ikj18jk73boXRS9fT0XPsOQ4P5iHR2KwYG3oDllMQzkv4pwloL2%2F4ktKYHXV5zktjDPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abde1a1ca959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 85961
server: cloudflare

GET
H3 200 Quicksand-Medium.ttf
thekerassentials.com//statics/fonts/ 77 KB
40 KB 14ms
14ms Font
font/ttf 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/fonts/Quicksand-Medium.ttf

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9fa7d61317697621ad713e35b007d0152ab724684056c2d8b5ff2de28afa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://thekerassentials.com
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"c9a659f0ecb6036cf784e740ad84d596"
age: 1052
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CD8JFZHhAib8Il2ypKMBnEjC%2BkX8svR%2BDhozMZG2DzcCzWxZaNnPKfwiMxTWFKF6cURRnaVqx6IUSC7IlowaS%2F2SSqFQ%2FFLGGysvKUijRsLBKa226Ua%2FvyziJkLWmZW7z2Lxky9Plw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abde2a29a959-SYD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 / Show response
tracking.buygoods.com/track/ 7 KB
2 KB 585ms
585ms Script
application/javascript 172.66.40.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.buygoods.com/track/?a=7085&firstcookie=0&referrer=https%3A%2F%2Fthekerassentials.com%2Fvideo.php%3Faff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&product=1%2C2%2C3&sessid2=&caller_url=https%3A%2F%2Fthekerassentials.com%2Fvideo_progress.php%3Fvid2%3Dprogress%26subid5%3Dprogress%26aff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922

Requested by

Host: tracking.buygoods.com
URL: https://tracking.buygoods.com/track/?a=7085&firstcookie=0&referrer=https%3A%2F%2Fthekerassentials.com%2Fvideo.php%3Faff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&product=1,2,3&sessid2=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.141 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4198a60781ef54f798d5322055313da0bf3ce6a55168170355b306706411e939

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
expires: Tue, Jan 12 1999 01:01:01 GMT
alt-svc: h3=":443"; ma=86400
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-server: WEB_3
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8d22abde39c7573b-SYD
access-control-allow-origin: *
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
102 KB 124ms
123ms Script
application/javascript 142.250.67.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-38R9NVYJ43&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K35JCCT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4af142dc0666b2b3bb581ed3269faa13aa8efd08f514433fd205026caaa8d245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 13 Oct 2024 22:12:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103919
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 409ms
2ms Script
text/javascript 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K35JCCT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
age: 2974
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 23:22:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 21:22:55 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
105 KB 156ms
155ms Script
application/javascript 142.250.67.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9KZM1E116M&l=evttrk_dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5JSL76&l=evttrk_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f32a63598cdd762ff500fb1e7b495e55249d6e99456fcbf4f6ba41ce4a4db7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 13 Oct 2024 22:12:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107326
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
analytics.google.com/g/ 0
0 507ms
99ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-38R9NVYJ43&gtm=45je4a90v869410655z8857324498za200zb857324498&_p=1728857548203&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1729503450.1728857549&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728857548&sct=1&seg=0&dl=https%3A%2F%2Fthekerassentials.com%2Fvideo_progress.php%3Fvid2%3Dprogress%26subid5%3Dprogress%26aff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&dr=https%3A%2F%2Fthekerassentials.com%2Fvideo.php%3Faff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&dt=Kerassentials%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=845
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38R9NVYJ43&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 592ms
95ms Ping
text/plain 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-38R9NVYJ43&cid=1729503450.1728857549&gtm=45je4a90v869410655z8857324498za200zb857324498&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38R9NVYJ43&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 3E85 0
0 509ms
104ms Document
text/html 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-38R9NVYJ43&gacid=1729503450.1728857549&gtm=45je4a90v869410655z8857324498za200zb857324498&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=397718359

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38R9NVYJ43&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thekerassentials.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Oct 2024 22:12:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 207ms
108ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-38R9NVYJ43&cid=1729503450.1728857549&gtm=45je4a90v869410655z8857324498za200zb857324498&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685&tag_exp=101671035~101686685&z=1532249974

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 13 Oct 2024 22:12:29 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 449ms
101ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9KZM1E116M&gtm=45je4a90v873026607z8849042281za200zb849042281&_p=1728857548234&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1729503450.1728857549&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728857549&sct=1&seg=0&dl=https%3A%2F%2Fthekerassentials.com%2Fvideo_progress.php%3Fvid2%3Dprogress%26subid5%3Dprogress%26aff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&dr=https%3A%2F%2Fthekerassentials.com%2Fvideo.php%3Faff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&dt=Kerassentials%20-%20Video%20Presentation&en=page_view&_fv=1&_ss=1&tfd=906
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KZM1E116M&l=evttrk_dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 533ms
97ms Ping
text/plain 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9KZM1E116M&cid=1729503450.1728857549&gtm=45je4a90v873026607z8849042281za200zb849042281&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KZM1E116M&l=evttrk_dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 2A5B 0
0 455ms
105ms Document
text/html 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-9KZM1E116M&gacid=1729503450.1728857549&gtm=45je4a90v873026607z8849042281za200zb849042281&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=772621809

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KZM1E116M&l=evttrk_dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thekerassentials.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Oct 2024 22:12:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 154ms
110ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9KZM1E116M&cid=1729503450.1728857549&gtm=45je4a90v873026607z8849042281za200zb849042281&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685&tag_exp=101671035~101686685&z=249578246

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 13 Oct 2024 22:12:29 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
437 B 102ms
100ms XHR
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=737881062&t=pageview&_s=1&dl=https%3A%2F%2Fthekerassentials.com%2Fvideo_progress.php%3Fvid2%3Dprogress%26subid5%3Dprogress%26aff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&ul=en-au&de=UTF-8&dt=Kerassentials%20-%20Video%20Presentation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2018850890&gjid=2031483733&cid=1729503450.1728857549&tid=UA-162981623-11&_gid=1917421571.1728857549&_r=1&_slc=1&gtm=45He4a90n81K35JCCTv857324498za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529666~101533421~101671035~101686685&z=1211854746

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cbcc577aac3b2232f9fcc70e7f0ca3498dfa3b7ebc03fed0f99b33fe7b861ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://thekerassentials.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 102ms
101ms XHR
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=737881062&t=pageview&_s=1&dl=https%3A%2F%2Fthekerassentials.com%2Fvideo_progress.php%3Fvid2%3Dprogress%26subid5%3Dprogress%26aff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&ul=en-au&de=UTF-8&dt=Kerassentials%20-%20Video%20Presentation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1898161775&gjid=1387600088&cid=1729503450.1728857549&tid=UA-194057059-2&_gid=1917421571.1728857549&_r=1&_slc=1&gtm=45He4a90n81N5JSL76v849042281za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&z=252720349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eb3b3220a812b62562bc6d82c9c467712ecb56e8fbf51b7323b99a0b21048b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://thekerassentials.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
96 KB 116ms
115ms Script
application/javascript 142.250.67.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GHRV5J3CLH&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b0a44e38e916f7bebe4b563f8a73da02b3c93141e9e31c83344141b56af3784a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 13 Oct 2024 22:12:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97938
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
96 KB 215ms
214ms Script
application/javascript 142.250.67.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8HEQR6WNRT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7c823810f494e0e05e531b5a842f24e40633a9a366530c04b36da502361a0b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 13 Oct 2024 22:12:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98309
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 bg
buygoods.com/affiliates/go/conversion/iframe/ Frame E22B 0
0 314ms
299ms Document
text/html 172.66.43.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buygoods.com/affiliates/go/conversion/iframe/bg?a=7085&t=83c58f6ec3af6c7d18db89a0a0e9267c&s=sessid20241013221243916

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://thekerassentials.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d22abe2ed8c574b-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Oct 2024 22:12:29 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-server: WEB_2

GET
H3 200 bg
buygoods.com/affiliates/go/conversion/iframe/ Frame 1E3E 0
0 303ms
294ms Document
text/html 172.66.43.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buygoods.com/affiliates/go/conversion/iframe/bg?a=7085&t=885853b909d88cc679c0e91cc0f35b97&s=sessid20241013221243916

Requested by

Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.43.115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://thekerassentials.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d22abe2ed89574b-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Oct 2024 22:12:29 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-server: WEB_2

GET
H2 200 smartplayer.min.js Show response
scripts.converteai.net/lib/js/smartplayer/v1/ 663 KB
178 KB 5ms
4ms Script
text/javascript 23.55.38.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/players/65f836256cab7700086c5f6f/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.38.26 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-38-26.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f62ef9b8b0533f3e354646b92fd14e4ebb56de7d072de6f42399ecef1d5f8045

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

content-encoding: gzip
etag: "9879dd51b502522b40d1624fb052dc6c"
accept-ranges: bytes
content-length: 181703
x-amz-cf-id: p-LuDS2Hs-mzRK7NpRZjG0IQ1WZMSHlfqNUfLMyVeqUGrzQPUAz8Ig==
date: Sun, 13 Oct 2024 22:12:29 GMT
x-amz-cf-pop: SYD62-P2
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 09 Oct 2024 12:33:38 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 thumbnail.jpg
images.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/players/65f836256cab7700086c5f6f/ 1 KB
2 KB 484ms
5ms Image
image/jpeg 23.55.38.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/players/65f836256cab7700086c5f6f/thumbnail.jpg
Requested by: Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.38.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-38-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3cc7696d0fc3250e9c00f2732b28e8a2778ae2f1d6447622d6ec9422afda560c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

etag: "ccbc2a1425d647eb2b2c6849175caa03"
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728857549896_389490189_112892626_150_731_0_5_219";dur=1
content-length: 1265
x-amz-cf-id: g34D-Pswelh8X-uKEo0ieXBQAR1WkizjmfH-IgEcU1lRg-pUKeQ5Pw==
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: image/jpeg
last-modified: Tue, 19 Mar 2024 08:20:14 GMT
x-amz-cf-pop: SYD62-P2
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 x
a.vturb.net/ Frame 0
0 736ms
204ms Preflight 54.88.170.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.170.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-170-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://thekerassentials.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 43200
date: Sun, 13 Oct 2024 22:12:30 GMT

OPTIONS
H2 403 check
api.vturb.com.br/vturb/ Frame 0
0 628ms
204ms Preflight
text/html 54.164.69.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vturb.com.br/vturb/check
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.69.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-69-141.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://thekerassentials.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 520
content-type: text/html
date: Sun, 13 Oct 2024 22:12:30 GMT
server: awselb/2.0

GET
H/1.1 200
OK main.m3u8 Show response
cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/ 497 B
1020 B 328ms
5ms XHR
application/x-mpegurl 23.205.115.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/main.m3u8
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.115.25 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-115-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e0a198d3b8f330ed6063d3489b1123a58698db436a1a4163db03f4232d971d4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Content-Encoding: gzip
ETag: "a97c51a782ff9ac4ceeac28ce5a6df32:1719336632.926906"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 22:12:29 GMT
Content-Type: application/x-mpegURL
Last-Modified: Tue, 25 Jun 2024 17:29:32 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=27748131
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 243
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

POST
H2 204 x
a.vturb.net/ 0
0 205ms
204ms Fetch 54.88.170.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.170.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-170-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://thekerassentials.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Sun, 13 Oct 2024 22:12:30 GMT
access-control-allow-origin: *

GET
H/1.1 200
OK 6536301a30fe40000931a43b.png
cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/2023/10/23/ 22 KB
22 KB 337ms
6ms Image
application/x-www-form-urlencoded 23.205.115.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/2023/10/23/6536301a30fe40000931a43b.png
Requested by: Host: thekerassentials.com
URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.115.25 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-115-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 35ab52f68704cd319510159bd6ff3c1d24f4c5b575a08dbe59f1061ef6837660

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "66a8cab6a8ed86dacbc60d79e19538c2"
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Amz-Cf-Id: z-NoRERwVL47aE_VC2qfwZZRX4qbUWmXBlnmh6ij3qojZZEZd0ny7g==
Date: Sun, 13 Oct 2024 22:12:29 GMT
Content-Type: application/x-www-form-urlencoded
Last-Modified: Mon, 23 Oct 2023 08:34:36 GMT
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=24428932
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 22078
X-Amz-Cf-Pop: EWR50-C1
Server: AmazonS3
Akamai-Mon-Iucid-Del: 1429301
x-amz-server-side-encryption: AES256

POST check
api.vturb.com.br/vturb/ 0
0

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 101ms
101ms Fetch
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GHRV5J3CLH&gtm=45je4a90v9133785116za200&_p=1728857548203&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101671035~101686685~101794736&ul=en-au&sr=1600x1200&cid=1729503450.1728857549&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fthekerassentials.com%2Fvideo_progress.php%3Fvid2%3Dprogress%26subid5%3Dprogress%26aff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&dt=Kerassentials%20-%20Video%20Presentation&sid=1728857549&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1412
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GHRV5J3CLH&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 102ms
102ms Fetch
text/plain 216.239.32.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8HEQR6WNRT&gtm=45je4a90v9134126875za200&_p=1728857548203&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101671035~101686685&ul=en-au&sr=1600x1200&cid=1729503450.1728857549&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fthekerassentials.com%2Fvideo_progress.php%3Fvid2%3Dprogress%26subid5%3Dprogress%26aff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&dt=Kerassentials%20-%20Video%20Presentation&sid=1728857549&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1510
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8HEQR6WNRT&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:29 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK original_360p.m3u8 Show response
cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/ 11 KB
1 KB 5ms
5ms XHR
application/x-mpegurl 23.205.115.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_360p.m3u8
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.115.25 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-115-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6c479f14730b2daecdb1d51ea46f44d4ec4b81e8d6ce4adce15e7678521a42e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Content-Encoding: gzip
ETag: "ea0be0bfebcdcabd9fb925ef85232f3e:1719336633.069292"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 22:12:29 GMT
Content-Type: application/x-mpegURL
Last-Modified: Tue, 25 Jun 2024 17:29:33 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=27748067
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 753
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

GET
H/1.1 200
OK segment__00001.ts Show response
cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_360p/ 1 MB
1 MB 6ms
6ms XHR
video/mp2t 23.205.115.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_360p/segment__00001.ts
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.115.25 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-115-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 04f6eba2fd6d6a472445dd54a89bd46fb2014c3b28287174d126a03953530b86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "aaf6d29407aabcda83ec6063aa9ec6c2:1719336633.33919"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 22:12:29 GMT
Last-Modified: Tue, 25 Jun 2024 17:28:01 GMT
Content-Type: video/MP2T
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=26877830
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1059568
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

GET 3cabc151-8c8e-4228-879d-ac1edbe92280
https://thekerassentials.com/ Frame 0
0

GET
H/1.1 200
OK original_720p.m3u8 Show response
cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/ 11 KB
1 KB 11ms
10ms XHR
application/x-mpegurl 23.205.115.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_720p.m3u8
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.115.25 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-115-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 160b33eaa192c48d1554091554eda715569da3972b14ff44bb3eca9d55b7174b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Content-Encoding: gzip
ETag: "0b1d47877bd4818d09920fdf59aedf42:1719336633.222275"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 22:12:30 GMT
Content-Type: application/x-mpegURL
Last-Modified: Tue, 25 Jun 2024 17:29:32 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=27748066
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 753
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

GET
H/1.1 200
OK segment__00002.ts Show response
cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_720p/ 2 MB
2 MB 8ms
7ms XHR
video/mp2t 23.205.115.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_720p/segment__00002.ts
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.115.25 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-115-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5dade861a5efb88b7dde140141717f3b2462e384fc4e96acb368862f6ea969ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "20201c505b14dadee1de9f2ea1f6b05c:1719336692.612057"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 22:12:30 GMT
Last-Modified: Tue, 25 Jun 2024 17:28:01 GMT
Content-Type: video/MP2T
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=27748062
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1766260
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

OPTIONS
H2 204 x
a.vturb.net/ Frame 0
0 204ms
204ms Preflight 54.88.170.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.170.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-170-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://thekerassentials.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 43200
date: Sun, 13 Oct 2024 22:12:30 GMT

POST
H2 204 x
a.vturb.net/ 0
0 207ms
205ms Fetch 54.88.170.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.170.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-170-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://thekerassentials.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

date: Sun, 13 Oct 2024 22:12:30 GMT
access-control-allow-origin: *

GET
H/1.1 200
OK segment__00003.ts Show response
cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_720p/ 1 MB
1 MB 7ms
6ms XHR
video/mp2t 23.205.115.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_720p/segment__00003.ts
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.115.25 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-115-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5ecb3fa41492b5a70c7e7c77c76035cf9fbc18a9320c7c281b57cbd594c4d1c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "db34e13a29c40ae10e04c4df8f0cdb1a:1719336693.159988"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 22:12:30 GMT
Last-Modified: Tue, 25 Jun 2024 17:28:01 GMT
Content-Type: video/MP2T
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=28733160
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1279716
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

POST
H3 200 saveenv Show response
static.thekerassentials.com/ 4 B
414 B 907ms
906ms Fetch
application/json 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.thekerassentials.com/saveenv
Requested by: Host: static.thekerassentials.com
URL: https://static.thekerassentials.com//statics/statics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://thekerassentials.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syL24t%2BHz5Q821vtBXKFtQjq4aDhV8k6Tw03pZSsnIw91HHjJKOrhpuuNo9Phi%2BzpZlUPrPcjoJ9qURHG29Ppr1%2FKaRkfixvXcPsdFI8MH26SN4RsY%2BXJRXjqAIv591bJdfHSXXpRrU4kIMOyMs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d22abea299f573f-SYD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 4
date: Sun, 13 Oct 2024 22:12:31 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK segment__00004.ts Show response
cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_720p/ 2 MB
2 MB 6ms
5ms XHR
video/mp2t 23.205.115.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/ce688e7a-dee8-4930-a8b8-05c94609b151/65f836078b54210008273afd/original_720p/segment__00004.ts
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.115.25 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-205-115-25.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 79b940213f3c64311bb13fa621530369643006b61995dda16d53ec44f5dcb62d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
ETag: "1d793759cf457ef24f9d66765e29e3f0:1719336693.512751"
Access-Control-Allow-Methods: GET,POST,OPTIONS
Date: Sun, 13 Oct 2024 22:12:30 GMT
Last-Modified: Tue, 25 Jun 2024 17:28:02 GMT
Content-Type: video/MP2T
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Cache-Control: max-age=28424099
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1694068
Server: AkamaiNetStorage
Akamai-Mon-Iucid-Del: 1429301

GET
H3 200 favicon-notice.png
thekerassentials.com//statics/img/ 1 KB
2 KB 14ms
14ms Other
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/img/favicon-notice.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e5b9bc7611d575a2f06ac45dce89898eda5a863e894c8725e40d26ece4686a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "28cebd2f6e1a4378838b8750c0f1bf0a"
age: 18598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFUsEw85vKMUVo2pPxaQaXnYdG9XCDjhnAzz3nNqbGKH%2FYCNtGcgzIyBHbrGpUFk4%2BW1pPpbzl5dDbC6%2B24HBhoe7jTkHEMKhhNu%2FWTAVig6bpXavKqHmSD858C9MYspIehuABb3%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:30 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abec8b52a959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1148
server: cloudflare

GET
H3 200 favicon.png
thekerassentials.com//statics/img/ 1 KB
2 KB 21ms
21ms Other
image/png 172.67.202.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thekerassentials.com//statics/img/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.202.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5f026ffd2de6fd9cd9c4186a63c5aaca9323b98f810c18c284411779bac70fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922

Response headers

cf-cache-status: HIT
etag: "1da30892481ab722d866a5cee9c4ad02"
age: 18598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42jEv25NIdrV5ew%2FOpGCQD3m3Z0tn6WuXzHLUMAHlqrKL4T5tDDij%2FYgoxR913bad9Dv7fEvWpNzBb6mvdsxSXF%2Fwi6UjxHZGvFNgB5MeC6pzslbHdgM2gDghNNp7yjrE5nMtSN9dg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 22:12:30 GMT
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8d22abecab6ba959-SYD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1188
server: cloudflare

POST
H2 204 collect
analytics.google.com/g/ 0
0 102ms
100ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9KZM1E116M&gtm=45je4a90v873026607z8849042281za200zb849042281&_p=1728857548234&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1729503450.1728857549&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=Ag&_s=2&sid=1728857549&sct=1&seg=0&dl=https%3A%2F%2Fthekerassentials.com%2Fvideo_progress.php%3Fvid2%3Dprogress%26subid5%3Dprogress%26aff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&dr=https%3A%2F%2Fthekerassentials.com%2Fvideo.php%3Faff_id%3D17778%26subid2%3D7423_sessid20241013221238583%26subid%3D1922&dt=Kerassentials%20-%20Video%20Presentation&en=lion-video&ep.lion_event_label=1&ep.lion_event_host=thekerassentials.com&ep.lion_event_vsl=KEL%2Flead3_vturb&_et=2282&tfd=3195
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KZM1E116M&l=evttrk_dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://thekerassentials.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thekerassentials.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 22:12:31 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.thekerassentials.com
URL: https://static.thekerassentials.com//statics/statics.js

Domain: static.thekerassentials.com
URL: https://static.thekerassentials.com//statics/N2O.js

Domain: static.thekerassentials.com
URL: https://static.thekerassentials.com//videoboxes/universal_player/player.js

Domain: thekerassentials.com
URL: https://thekerassentials.com//

Domain: thekerassentials.com
URL: https://thekerassentials.com//statics/img/49.png

Domain: thekerassentials.com
URL: https://thekerassentials.com//statics/img/buy-now2.png

Domain: thekerassentials.com
URL: https://thekerassentials.com//statics/img/59.png

Domain: thekerassentials.com
URL: https://thekerassentials.com//statics/img/testimonial-stars.png

Domain: display.buygoods.com
URL: https://display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7085

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K35JCCT

Domain: api.vturb.com.br
URL: https://api.vturb.com.br/vturb/check

Domain: thekerassentials.com
URL: blob:https://thekerassentials.com/3cabc151-8c8e-4228-879d-ac1edbe92280

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mwebscope.com/	1970-01-21 00:15:40	Name: __cflb Value: 02DiuDvnJbjKdBkxKLUNnR5XRfWaf6WDLYPtJHEuEAN1S
thekerassentials.com/	1970-01-21 01:40:41	Name: __split Value: 1
thekerassentials.com/	1969-12-31 23:59:59	Name: aff Value: 17778
.thekerassentials.com/	1970-01-21 09:50:17	Name: _ga_38R9NVYJ43 Value: GS1.1.1728857548.1.0.1728857548.60.0.0
.thekerassentials.com/	1970-01-21 09:50:17	Name: _ga Value: GA1.2.1729503450.1728857549
.thekerassentials.com/	1970-01-21 00:15:43	Name: _gid Value: GA1.2.1917421571.1728857549
.thekerassentials.com/	1970-01-21 00:14:17	Name: _gat_UA-162981623-11 Value: 1
.thekerassentials.com/	1970-01-21 00:14:17	Name: _gat_UA-194057059-2 Value: 1
.thekerassentials.com/	1970-01-21 02:23:53	Name: sessid2 Value: sessid20241013221243916
.thekerassentials.com/	1970-01-21 02:23:53	Name: spi_funnel_codename Value:
.thekerassentials.com/	1970-01-21 02:23:53	Name: aff_id Value: 17778
.thekerassentials.com/	1970-01-21 02:23:53	Name: sid Value: 1922%7C7423_sessid20241013221238583
.thekerassentials.com/	1970-01-21 02:23:53	Name: campaign_id Value:
.thekerassentials.com/	1970-01-21 02:23:53	Name: referrer Value: 66.203.112.162:thekerassentials.com/video:thekerassentials.com%2Fvideo_progress
.tiktok.com/	1970-01-21 09:35:53	Name: _ttp Value: 2nOwhb8QjwY1ClVozHKLXvCYHof
.doubleclick.net/	1970-01-21 00:14:18	Name: test_cookie Value: CheckForPermission
.thekerassentials.com/	1970-01-21 09:50:17	Name: _ga_GHRV5J3CLH Value: GS1.2.1728857549.1.0.1728857549.0.0.0
.thekerassentials.com/	1970-01-21 09:50:17	Name: _ga_8HEQR6WNRT Value: GS1.2.1728857549.1.0.1728857549.0.0.0
.thekerassentials.com/	1970-01-21 09:50:17	Name: _ga_9KZM1E116M Value: GS1.1.1728857549.1.0.1728857551.58.0.0
thekerassentials.com/	1969-12-31 23:59:59	Name: return_visit Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://swhv.blob.core.windows.net/favicon.ico Message: Failed to load resource: the server responded with a status of 400 (One of the request inputs is out of range.)
network	error	URL: https://thekerassentials.com// Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js Message: Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
javascript	error	URL: https://thekerassentials.com/video_progress.php?vid2=progress&subid5=progress&aff_id=17778&subid2=7423_sessid20241013221238583&subid=1922 Message: Access to XMLHttpRequest at 'https://api.vturb.com.br/vturb/check' from origin 'https://thekerassentials.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.vturb.com.br/vturb/check Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vturb.net
analytics.google.com
api.vturb.com.br
buygoods.com
cdn.converteai.net
display.buygoods.com
go.maxweb.com
images.converteai.net
mwebscope.com
scripts.converteai.net
static.thekerassentials.com
stats.g.doubleclick.net
swhv.blob.core.windows.net
td.doubleclick.net
thekerassentials.com
tracking.buygoods.com
www.buygoods.com
www.google-analytics.com
www.google.com.au
www.googletagmanager.com
api.vturb.com.br
display.buygoods.com
static.thekerassentials.com
thekerassentials.com
www.googletagmanager.com
142.250.204.2
142.250.204.3
142.250.67.8
172.66.40.141
172.66.40.143
172.66.43.115
172.67.202.25
172.67.213.103
20.60.102.1
216.239.32.178
216.239.34.181
23.205.115.25
23.55.38.17
23.55.38.26
54.164.69.141
54.88.170.186
74.125.130.157
04f6eba2fd6d6a472445dd54a89bd46fb2014c3b28287174d126a03953530b86
0748d94cbdb4aef9aa3d2d573a0341cf930e77913e8b729b2e16339538eda840
0e9d7bdac55acc64d3839d6f4ebe22579e0b3f5a6cc09d6ac987812c3695b007
0fce95ee498b98cf61adab53a4a4c77e9dd6ac046e40a6c17c038c4e5c986795
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
12ca5c45cb3588be0b38bfe4fb7aebcd186fdc89824b72fc6b6db3c6f235f534
13ff30412c730744288a3c404205ea839ab171a831b3efdf5272f5b670549345
14948aedbcaf906a9cacab38de5fff889bde887ecbd710b8a1ada3ae84c65477
160b33eaa192c48d1554091554eda715569da3972b14ff44bb3eca9d55b7174b
1aea2e662cea0d5383334edeab2550275f3a8448638a4b68010ba5c2461d4d1f
1cbcc577aac3b2232f9fcc70e7f0ca3498dfa3b7ebc03fed0f99b33fe7b861ec
1d2041faa3cd79938373dd1ad4087cc284dd8172db8f1c1fe46c610e9071293f
23c892e45d1d9ee65fa678b7fc6670e4271652e1c2162da36b8c9e249c468d41
2b4b10cda37475c6d3a29539aad8489e7fcb948086dae422f141146d79ac91bb
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
35ab52f68704cd319510159bd6ff3c1d24f4c5b575a08dbe59f1061ef6837660
3cc7696d0fc3250e9c00f2732b28e8a2778ae2f1d6447622d6ec9422afda560c
3f13829d85860bb1009c622ece55c7c0d14090b276bfe955e4e9e7a2186813f4
4198a60781ef54f798d5322055313da0bf3ce6a55168170355b306706411e939
4246cce14aadd043dbfd6aa96c644a0437548cd49211519ad9f785e8ae83bf5c
4af142dc0666b2b3bb581ed3269faa13aa8efd08f514433fd205026caaa8d245
51e55a5635530d4f8727039d299fd645512762a83b24e1fab67b21ef5295d53c
584f3c745341bfccdd95c6575c34759ab4afb2603dbf00dea1cd6f934d6c8ecf
5dade861a5efb88b7dde140141717f3b2462e384fc4e96acb368862f6ea969ea
5ecb3fa41492b5a70c7e7c77c76035cf9fbc18a9320c7c281b57cbd594c4d1c3
60312d2971bdbdb2c23b8aad47e735c0012f98b2168ff16b30fc170368b43c47
62e61b03c45a1cbd52ed2dd896ab8b633605fa78453e80ed111c0580de1b9bbd
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6c479f14730b2daecdb1d51ea46f44d4ec4b81e8d6ce4adce15e7678521a42e8
6dda68c837ab716f6b568bb18468b9a5e2cd643e77a8644a6b2e87c7bf8eb183
6e5b9bc7611d575a2f06ac45dce89898eda5a863e894c8725e40d26ece4686a1
79b940213f3c64311bb13fa621530369643006b61995dda16d53ec44f5dcb62d
79fd80a3c97a94a7f7f273eceffdc3aa4084bb27c67c552f54264ecea11cc4bc
7bde4f84cfee5558a9a221e507393d615590aefd5dcaa725a751de29da93104c
7c823810f494e0e05e531b5a842f24e40633a9a366530c04b36da502361a0b3f
8018f851afb0a06dbd8d65b7772dcc0f5c2adbef39854836ca0dbd258aad2fd2
9704b6f2244da214a4d9eed026e1bacf4dbcb9c3a87ce54bf1ae5a1740c337c7
99ed40a3659903c3d940f6c60572882cddb6dff453d1eef1c58430af810e3e01
b0a44e38e916f7bebe4b563f8a73da02b3c93141e9e31c83344141b56af3784a
b13361361dead3e8f8e37c273ea784761ba62008f9a6775fa36ff671302a3236
b9be3be6e917a45d702b9340b4bbc27199a8992aea2c26e22ac9cdfcfa361174
c1382ccf2d0d09eaf9f4bf1f4bfc641a4a03279e0744f1218405078bdd50391b
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c48e503a795a7db23481e0d1099ef3ff0c27aae98b7b557aa8a08f5d7b232478
c9a9c3d49f0a2e23020df599ca72ead9b563bfc0fceb90990acac1fd7b8a6924
d5f026ffd2de6fd9cd9c4186a63c5aaca9323b98f810c18c284411779bac70fc
d634772d68de32584d8b446095468e61bbeb8a330911a36900e88e00620010b7
dbe2a5f848c95b8ff0b6c0d086085fda937f8a4d40539c9c4d9fffc6ca8c9a3c
ddcfdf7dd0ca655392d3ddd807fcb5ada15e24bc824fd74bb83b24fd3f39ad92
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9fa7d61317697621ad713e35b007d0152ab724684056c2d8b5ff2de28afa07
dfe35d9af4c0fad2364bcbebc476fe497df0eeaca22e1ae4399b236d5725c8e2
e0a198d3b8f330ed6063d3489b1123a58698db436a1a4163db03f4232d971d4c
e33ba8929540ca58546a9282a4cf362291795adf0b6be0008445accd020395e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a63255bb41f5ee3b79205b2d52fd248ef9e4c15de2ace2a3933b9544738bf6
eb3b3220a812b62562bc6d82c9c467712ecb56e8fbf51b7323b99a0b21048b70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32a63598cdd762ff500fb1e7b495e55249d6e99456fcbf4f6ba41ce4a4db7ac
f62ef9b8b0533f3e354646b92fd14e4ebb56de7d072de6f42399ecef1d5f8045
f7de1593b20e8ef1b887ce5e58793d488450421e58dac650f6db30cf809299b5
f9305b1c2173ada783ee85f9adaaf4a7a0a22160878b62affc2c98cb2febe5cb
fe17e4efc4cd7701dc6ba1d4887db43a5eac02a0d9a7d95c70d50c49f9f5a28a

thekerassentials.com Open in urlscan Pro 172.67.202.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

87 %HTTPS

0 %IPv6

13 Domains

20 Subdomains

17 IPs

2 Countries

8351 kBTransfer

10626 kBSize

20 Cookies

4 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thekerassentials.com Open in urlscan Pro
172.67.202.25 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

87 %
HTTPS

0 %
IPv6

13
Domains

20
Subdomains

17
IPs

2
Countries

8351 kB
Transfer

10626 kB
Size

20
Cookies

102 HTTP transactions
1 data transactions