p.afirmeseguro.com Open in urlscan Pro
138.197.170.158  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response p.afirmeseguro.com/	257 KB 32 KB	779ms 102ms	Document text/html	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash 08fd31e56de94ec9a1bcbed641ca534f62b20dc30b65adcc6beeb1c6afb3b63e Security Headers Name Value Strict-Transport-Security max-age=31531000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority p.afirmeseguro.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Wed, 29 Sep 2021 11:42:47 GMT content-type text/html last-modified Mon, 27 Sep 2021 20:20:15 GMT etag W/"6152277f-402f2" expires Thu, 01 Jan 1970 00:00:01 GMT cache-control no-cache x-content-type-options nosniff x-xss-protection 1; mode=block strict-transport-security max-age=31531000; includeSubdomains feature-policy autoplay 'none'; camera 'none' x-frame-options SAMEORIGIN referrer-policy no-referrer access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET,POST,OPTIONS,PUT,DELETE,PATCH content-encoding br
GET H2	200	gtm.js Show response www.googletagmanager.com/	102 KB 39 KB	55ms 33ms	Script application/javascript	142.250.186.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P7BWFM4&l=dataLayer Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f8.1e100.net Software Google Tag Manager / Resource Hash 4e9cab54f1827fb9b7879f70c46402d4f362b2c63fbdd53acdcd01b471db8dea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:48 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39786 x-xss-protection 0 last-modified Wed, 29 Sep 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 29 Sep 2021 11:42:48 GMT
GET H2	200	pixel.svg p.afirmeseguro.com/img/assets/	333 B 645 B	774ms 774ms	Image image/svg+xml	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://p.afirmeseguro.com/img/assets/pixel.svg Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash 2f82c5118d6dce95dd792b3d1709fa7ed8a7debf223e1391708e0cbaae6f180d Request headers :path /img/assets/pixel.svg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority p.afirmeseguro.com :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:49 GMT content-encoding br last-modified Mon, 22 Mar 2021 21:15:49 GMT server nginx x-amz-meta-s3cmd-attrs atime:1582847413/ctime:1582847184/gid:1002/gname:sftponly/md5:40d524802791d588125d1096e5aea1e8/mode:33277/mtime:1582847184/uid:1003/uname:servici1 x-amz-request-id tx0000000000000525b2c10-0061545138-167fa22c-fra1a etag W/"40d524802791d588125d1096e5aea1e8" x-hw 1632915768.dop002.tr2.t,1632915768.cds218.tr2.shn,1632915768.dop002.tr2.t,1632915768.cds208.tr2.p content-type image/svg+xml x-rgw-object-type Normal cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	afirmeN.jpg p.afirmeseguro.com/img/	46 KB 46 KB	812ms 811ms	Image image/jpeg	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://p.afirmeseguro.com/img/afirmeN.jpg Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash 641e9cf9b3088e65921c898b4c81235492ccbd9d542a4f947f7b83918d0a4feb Request headers :path /img/afirmeN.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority p.afirmeseguro.com :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:49 GMT last-modified Tue, 18 May 2021 19:02:18 GMT server nginx x-amz-meta-s3cmd-attrs atime:1620344960/ctime:1620344960/gid:1008/gname:deploy/md5:b3513f2e0374835dd0ef6d3d2cc44a8a/mode:33188/mtime:1620344958/uid:1008/uname:deploy x-amz-request-id tx0000000000000525f8286-0061545138-167f9124-fra1a etag "b3513f2e0374835dd0ef6d3d2cc44a8a" x-hw 1632915768.dop003.tr2.t,1632915768.cds213.tr2.shn,1632915768.dop003.tr2.t,1632915768.cds202.tr2.p content-type image/jpeg x-rgw-object-type Normal accept-ranges bytes content-length 46999 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	spriteAfirme.svg p.afirmeseguro.com/img/assets/	143 KB 88 KB	808ms 808ms	Image image/svg+xml	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://p.afirmeseguro.com/img/assets/spriteAfirme.svg Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash b3730ecef3d72269e1c21e493bfff5cf6d28a1b23c330e58c54aa39bd6b452b8 Request headers :path /img/assets/spriteAfirme.svg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority p.afirmeseguro.com referer https://p.afirmeseguro.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://p.afirmeseguro.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:49 GMT content-encoding br last-modified Mon, 22 Mar 2021 21:15:47 GMT server nginx x-amz-meta-s3cmd-attrs atime:1616447477/ctime:1616447477/gid:1008/gname:deploy/md5:a15726506feb9894ee4af16051d966ba/mode:33188/mtime:1616447475/uid:1008/uname:deploy x-amz-request-id tx0000000000000525b2c16-0061545138-167fa22c-fra1a etag W/"a15726506feb9894ee4af16051d966ba" x-hw 1632915768.dop004.tr2.shc,1632915768.dop004.tr2.t,1632915768.cds206.tr2.p content-type image/svg+xml x-rgw-object-type Normal cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated /	183 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	manifest.700536aed772f54dc7af.js Show response p.afirmeseguro.com/_nuxt/	2 KB 1 KB	778ms 777ms	Script text/plain	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://p.afirmeseguro.com/_nuxt/manifest.700536aed772f54dc7af.js Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash 6e08fab261d952a36de592a007d1f917a6075b4aa8f307056a909fc226f80604 Request headers :path /_nuxt/manifest.700536aed772f54dc7af.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority p.afirmeseguro.com :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:49 GMT content-encoding br last-modified Mon, 27 Sep 2021 20:24:06 GMT server nginx x-amz-meta-s3cmd-attrs atime:1632774016/ctime:1632774016/gid:1008/gname:deploy/md5:ff78f91e28fcb09894b96b2543094132/mode:33188/mtime:1632774015/uid:1008/uname:deploy x-amz-request-id tx0000000000000525b2c2d-0061545138-167fa22c-fra1a etag W/"ff78f91e28fcb09894b96b2543094132" x-hw 1632915768.dop004.tr2.shc,1632915768.dop004.tr2.t,1632915768.cds009.tr2.p content-type text/plain x-rgw-object-type Normal cache-control max-age=31536000 expires Wed, 29 Sep 2021 11:43:49 GMT
GET H2	200	index.3d00b24a9639fee47676.js Show response p.afirmeseguro.com/_nuxt/layouts/	22 KB 7 KB	1065ms 1064ms	Script text/plain	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://p.afirmeseguro.com/_nuxt/layouts/index.3d00b24a9639fee47676.js Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash 8194232dac7a220297396b91cd287046b360672d7c92b0b7504cbd601c0fbb69 Request headers :path /_nuxt/layouts/index.3d00b24a9639fee47676.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority p.afirmeseguro.com :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:49 GMT content-encoding br last-modified Mon, 27 Sep 2021 20:24:06 GMT server nginx x-amz-meta-s3cmd-attrs atime:1632774016/ctime:1632774016/gid:1008/gname:deploy/md5:c9683810c8111e4d054e5e72305ff695/mode:33188/mtime:1632774015/uid:1008/uname:deploy x-amz-request-id tx0000000000000525b2c63-0061545139-167fa22c-fra1a etag W/"c9683810c8111e4d054e5e72305ff695" x-hw 1632915768.dop005.tr2.shc,1632915768.dop005.tr2.t,1632915769.cds212.tr2.p content-type text/plain x-rgw-object-type Normal cache-control max-age=31536000 expires Wed, 29 Sep 2021 11:43:49 GMT
GET H2	200	index.0b74c271765f47e985aa.js Show response p.afirmeseguro.com/_nuxt/pages/	54 KB 13 KB	1064ms 1063ms	Script text/plain	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://p.afirmeseguro.com/_nuxt/pages/index.0b74c271765f47e985aa.js Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash d725e82ef7f14855d4b1d443d2d7ec9b7f0b80c1851775bbf5e8e020ccf6d4b5 Request headers :path /_nuxt/pages/index.0b74c271765f47e985aa.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority p.afirmeseguro.com :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:49 GMT content-encoding br last-modified Mon, 27 Sep 2021 20:24:06 GMT server nginx x-amz-meta-s3cmd-attrs atime:1632774016/ctime:1632774016/gid:1002/gname:sftponly/md5:21ed896b480c820f2225c5321365c945/mode:33188/mtime:1632774015/uid:1008/uname:deploy x-amz-request-id tx0000000000000525f82a2-0061545138-167f9124-fra1a etag W/"21ed896b480c820f2225c5321365c945" x-hw 1632915768.dop211.tr2.shc,1632915768.dop211.tr2.t,1632915768.cds211.tr2.p content-type text/plain x-rgw-object-type Normal cache-control max-age=31536000 expires Wed, 29 Sep 2021 11:43:49 GMT
GET H2	200	vendor.a6ae22dd7d14aab41ada.js Show response p.afirmeseguro.com/_nuxt/	219 KB 63 KB	1064ms 1064ms	Script text/plain	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://p.afirmeseguro.com/_nuxt/vendor.a6ae22dd7d14aab41ada.js Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash 4bd8a68dde883e17ba6d675f5bd6d8b6bea862178b9931fca0972a49402ac9fc Request headers :path /_nuxt/vendor.a6ae22dd7d14aab41ada.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority p.afirmeseguro.com :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:49 GMT content-encoding br last-modified Wed, 05 May 2021 15:29:18 GMT server nginx x-amz-meta-s3cmd-attrs atime:1620228121/ctime:1620228121/gid:1002/gname:sftponly/md5:718c4a148113e3fc02d29dc3c1c0414c/mode:33188/mtime:1620228119/uid:1008/uname:deploy x-amz-request-id tx0000000000000525b2c33-0061545139-167fa22c-fra1a etag W/"718c4a148113e3fc02d29dc3c1c0414c" x-hw 1632915768.dop005.tr2.shc,1632915768.dop005.tr2.t,1632915768.cds217.tr2.p content-type text/plain x-rgw-object-type Normal cache-control max-age=31536000 expires Wed, 29 Sep 2021 11:43:49 GMT
GET H2	200	app.6213c7cc7b9824790cb8.js Show response p.afirmeseguro.com/_nuxt/	251 KB 33 KB	1064ms 1063ms	Script text/plain	138.197.170.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://p.afirmeseguro.com/_nuxt/app.6213c7cc7b9824790cb8.js Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 138.197.170.158 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS pruebas.ahorraseguros.mx Software nginx / Resource Hash d92369f3274f3f42779d54430309802a118e110a6036ff9e30d7ed250620dba2 Request headers :path /_nuxt/app.6213c7cc7b9824790cb8.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority p.afirmeseguro.com :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:49 GMT content-encoding br last-modified Wed, 22 Sep 2021 21:16:42 GMT server nginx x-amz-meta-s3cmd-attrs atime:1632345190/ctime:1632345190/gid:1002/gname:sftponly/md5:eb47846046453a5975a65e4c8cf5d758/mode:33188/mtime:1632345188/uid:1008/uname:deploy x-amz-request-id tx0000000000000525f829d-0061545138-167f9124-fra1a etag W/"eb47846046453a5975a65e4c8cf5d758" x-hw 1632915768.dop002.tr2.shc,1632915768.dop002.tr2.t,1632915768.cds211.tr2.p content-type text/plain x-rgw-object-type Normal cache-control max-age=31536000 expires Wed, 29 Sep 2021 11:43:49 GMT
OPTIONS H2	200	authenticate dev.core-brandingservice.com/v1/	0 0	266ms 214ms	Preflight	104.21.38.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dev.core-brandingservice.com/v1/authenticate Protocol H2 Server 104.21.38.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://p.afirmeseguro.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 29 Sep 2021 11:42:51 GMT content-length 0 vary Origin Access-Control-Request-Method Access-Control-Request-Headers access-control-allow-origin * access-control-allow-methods POST access-control-allow-headers content-type access-control-max-age 1800 x-content-type-options nosniff x-xss-protection 1; mode=block cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires 0 x-frame-options DENY cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upLb7iZFEOL%2FcfyH1iSL1EmFRdlTDqkyDO4Rx%2B1wFBj2cgaUHkwnlfEN6tUoZhL%2B7cAnFDnFA%2FyCxuqEFr7q5nggN0UtAfQqm3yVmXhuDeWOs6fS8ob4z1yyrMeuH%2BK5FanoTw2oBIY8J%2FmpGYpv"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6964f351ecc42790-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	37 KB 14 KB	64ms 27ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7BWFM4&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 936790ccabd26acddebd039c54120623734e2aa82310def49cc535912338fc0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:51 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14166 x-xss-protection 0 server cafe etag 5348393372526461885 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 29 Sep 2021 11:42:51 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	33ms 32ms	Script application/javascript	142.250.186.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-621217330 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7BWFM4&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f8.1e100.net Software Google Tag Manager / Resource Hash ecb240e11137cf44146241158119e4556dcbaf038308d818482fbf499641141b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:51 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39160 x-xss-protection 0 last-modified Wed, 29 Sep 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 29 Sep 2021 11:42:51 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	22ms 7ms	Script application/x-javascript	31.13.92.14 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frt3.fbcdn.net Software / Resource Hash 4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 25969 x-xss-protection 0 pragma public x-fb-debug DW8Yp9doUBOF+BMJrbwSK8pUh//g4isf9IQqkANG/bPZLI9jVJv3UyzJZJYubiCQYLvmvA4aXQs49Q3NKjtz4A== x-fb-trip-id 686109401 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Wed, 29 Sep 2021 11:42:51 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	97 KB 38 KB	19ms 18ms	Script application/javascript	142.250.186.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-818909840 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7BWFM4&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f8.1e100.net Software Google Tag Manager / Resource Hash 86fff41c6d5c1c853d312537973a3f1c532d8bf3c28d37e5e941aa890f711ad2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:51 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39232 x-xss-protection 0 last-modified Wed, 29 Sep 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 29 Sep 2021 11:42:51 GMT
GET H/1.1	200 OK	AFIRME Show response api-promos.ahorraseguros.mx/insurers/	239 B 506 B	329ms 104ms	XHR application/json	142.93.155.31 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://api-promos.ahorraseguros.mx/insurers/AFIRME Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/_nuxt/vendor.a6ae22dd7d14aab41ada.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.93.155.31 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS apis.nexosmedia.com Software nginx/1.14.2 / Express Resource Hash 67b7954003f35d25f7efe15a8ab95b6467e239ebd59664c15c7011a77d94ac32 Request headers Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 29 Sep 2021 11:42:51 GMT ETag W/"ef-I9d3NSMlsB35ZJpfMX9i8Tx2iSQ" Server nginx/1.14.2 X-Powered-By Express Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 239
POST H3	200	authenticate Show response dev.core-brandingservice.com/v1/	200 B 875 B	348ms 328ms	XHR application/json	104.21.38.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dev.core-brandingservice.com/v1/authenticate Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/_nuxt/vendor.a6ae22dd7d14aab41ada.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.38.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04bfceee6654b9e47bfac1b54764797be52a621ccee3c13f0ae7dc7bab7f709d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Wed, 29 Sep 2021 11:42:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache server cloudflare x-frame-options DENY expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKklL%2FadbQ0B2t6j3H8O7cBip8qLFi3p3jABA39YqYN7qv5YH59IiZ0DCWVAJeXpv0qbQC1S8sDUlB1rwFNyhwWEkLwgyci5N%2FtRjeuq%2FS2HRZWubyGxX%2F54wbXd8Ip0vWZgLQs3MorY06Gw0mUj"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, must-revalidate cf-ray 6964f3536e812794-PRG expires 0
GET H3	200	135034840475526 Show response connect.facebook.net/signals/config/	490 KB 143 KB	101ms 93ms	Script application/x-javascript	31.13.92.14 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/135034840475526?v=2.9.47&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frt3.fbcdn.net Software / Resource Hash 79a76bf7be2b6e5ef2b02042e2061b17665c0c11a44979b5c3a4b86b674d72d7 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug u6MWCs38I1PMR/4uPvcOiYBcjdK1xo4gSzq2Fds1Up2kYyP5QVALFWEfVognwORgxPO9n2ttTPo/b3cjc8XuZg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Wed, 29 Sep 2021 11:42:51 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/818909840/	43 B 224 B	44ms 22ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/818909840/?random=1632915771182&cv=9&fst=1632915771182&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fp.afirmeseguro.com%2F&tiba=Afirme%20Seguros%202020%20-%20%C2%A1Cotiza%20Seguro%20de%20Auto%20Afirme%20en%20Segundos!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 29 Sep 2021 11:42:51 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/818909840/	43 B 712 B	40ms 21ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/818909840/?random=1632915771188&cv=9&fst=1632915771188&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fp.afirmeseguro.com%2F&tiba=Afirme%20Seguros%202020%20-%20%C2%A1Cotiza%20Seguro%20de%20Auto%20Afirme%20en%20Segundos!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 29 Sep 2021 11:42:51 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/621217330/	2 KB 1 KB	42ms 24ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/621217330/?random=1632915771189&cv=9&fst=1632915771189&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fp.afirmeseguro.com%2F&tiba=Afirme%20Seguros%202020%20-%20%C2%A1Cotiza%20Seguro%20de%20Auto%20Afirme%20en%20Segundos!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 29db6ea9edb45a6d4b49a2e0db37409d68237283442e7af94486843c59293104 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 29 Sep 2021 11:42:51 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1051 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/621217330/	42 B 569 B	42ms 21ms	Image image/gif	172.217.18.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/621217330/?random=1632915771189&cv=9&fst=1632913200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fp.afirmeseguro.com%2F&tiba=Afirme%20Seguros%202020%20-%20%C2%A1Cotiza%20Seguro%20de%20Auto%20Afirme%20en%20Segundos!&async=1&fmt=3&is_vtc=1&random=3341889678&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 29 Sep 2021 11:42:51 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 313 B	22ms 7ms	Image image/gif	31.13.92.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=135034840475526&ev=PageView&dl=https%3A%2F%2Fp.afirmeseguro.com%2F&rl=&if=false&ts=1632915771308&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1632915771307.394050185&it=1632915771154&coo=false&rqm=GET Requested by Host: p.afirmeseguro.com URL: https://p.afirmeseguro.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frt3.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:51 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 29 Sep 2021 11:42:51 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	15ms 7ms	Image image/gif	31.13.92.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=135034840475526&ev=Microdata&dl=https%3A%2F%2Fp.afirmeseguro.com%2F&rl=&if=false&ts=1632915771811&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Afirme%20Seguros%202020%20-%20%C2%A1Cotiza%20Seguro%20de%20Auto%20Afirme%20en%20Segundos!%22%2C%22meta%3Akeywords%22%3A%22Afirme%20Seguros%2C%20Seguros%20Afirme%2C%20Seguros%20de%20Autos%20Afirme%2C%20Aseguradora%20Afirme.%22%2C%22meta%3Adescription%22%3A%22Afirme%20Seguros%20cuenta%20con%20m%C3%A1s%20de%2025%20a%C3%B1os%20de%20experiencia%20en%20M%C3%A9xico%20ofreciendo%20la%20mayor%20variedad%20de%20Coberturas%20para%20tu%20Auto%20%C2%A1Cotiza%20tu%20Seguro%20en%20Segundos!%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fafirmeseguro.com%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Afirme%20Seguros%202020%20-%20%C2%A1Cotiza%20Seguro%20de%20Auto%20Afirme%20en%20Segundos!%22%2C%22og%3Akeywords%22%3A%22Afirme%20Seguros%2C%20Seguros%20Afirme%2C%20Seguros%20de%20Autos%20Afirme%2C%20Aseguradora%20Afirme.%22%2C%22og%3Adescription%22%3A%22Afirme%20Seguros%20cuenta%20con%20m%C3%A1s%20de%2025%20a%C3%B1os%20de%20experiencia%20en%20M%C3%A9xico%20ofreciendo%20la%20mayor%20variedad%20de%20Coberturas%20para%20tu%20Auto%20%C2%A1Cotiza%20tu%20Seguro%20en%20Segundos!%22%2C%22og%3Aimage%22%3A%22.%2Fimg%2Fbanner.jpg%22%2C%22og%3Aalt%22%3A%22Afirme%20Seguros%202020%20-%20%C2%A1Cotiza%20Seguro%20de%20Auto%20Afirme%20en%20Segundos!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1632915771307.394050185&it=1632915771154&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frt3.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 29 Sep 2021 11:42:51 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Wed, 29 Sep 2021 11:42:51 GMT

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| __NUXT__ object| google_tag_manager object| dataLayer function| webpackJsonp function| setImmediate function| clearImmediate object| __core-js_shared__ object| _nuxtReadyCbs function| onNuxtReady object| google_tag_data function| fbq function| _fbq object| $nuxt function| gtag function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_noFurtherRedirects object| regeneratorRuntime object| JSON3

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.afirmeseguro.com/	1970-01-19 23:44:51	Name: _gcl_au Value: 1.1.745449838.1632915771
			.doubleclick.net/	1970-01-19 21:35:16	Name: test_cookie Value: CheckForPermission
			.afirmeseguro.com/	1970-01-19 23:44:51	Name: _fbp Value: fb.1.1632915771307.394050185

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31531000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-promos.ahorraseguros.mx
connect.facebook.net
dev.core-brandingservice.com
googleads.g.doubleclick.net
p.afirmeseguro.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.21.38.8
138.197.170.158
142.250.184.226
142.250.185.194
142.250.186.136
142.93.155.31
172.217.18.100
31.13.92.14
31.13.92.36
04bfceee6654b9e47bfac1b54764797be52a621ccee3c13f0ae7dc7bab7f709d
08fd31e56de94ec9a1bcbed641ca534f62b20dc30b65adcc6beeb1c6afb3b63e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
29db6ea9edb45a6d4b49a2e0db37409d68237283442e7af94486843c59293104
2f82c5118d6dce95dd792b3d1709fa7ed8a7debf223e1391708e0cbaae6f180d
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4bd8a68dde883e17ba6d675f5bd6d8b6bea862178b9931fca0972a49402ac9fc
4e9cab54f1827fb9b7879f70c46402d4f362b2c63fbdd53acdcd01b471db8dea
641e9cf9b3088e65921c898b4c81235492ccbd9d542a4f947f7b83918d0a4feb
67b7954003f35d25f7efe15a8ab95b6467e239ebd59664c15c7011a77d94ac32
6e08fab261d952a36de592a007d1f917a6075b4aa8f307056a909fc226f80604
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
79a76bf7be2b6e5ef2b02042e2061b17665c0c11a44979b5c3a4b86b674d72d7
8194232dac7a220297396b91cd287046b360672d7c92b0b7504cbd601c0fbb69
829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6
86fff41c6d5c1c853d312537973a3f1c532d8bf3c28d37e5e941aa890f711ad2
936790ccabd26acddebd039c54120623734e2aa82310def49cc535912338fc0c
b3730ecef3d72269e1c21e493bfff5cf6d28a1b23c330e58c54aa39bd6b452b8
d725e82ef7f14855d4b1d443d2d7ec9b7f0b80c1851775bbf5e8e020ccf6d4b5
d92369f3274f3f42779d54430309802a118e110a6036ff9e30d7ed250620dba2
ecb240e11137cf44146241158119e4556dcbaf038308d818482fbf499641141b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629