xencel.com Open in urlscan Pro
2606:4700:3035::6815:2113 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xencel.com/
Submission: On January 29 via manual (January 29th 2024, 4:50:27 pm UTC) from IN — Scanned from DE

Summary HTTP 128 Redirects Links 74 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 20 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3035::6815:2113, located in United States and belongs to CLOUDFLARENET, US. The main domain is xencel.com.
TLS certificate: Issued by GTS CA 1P5 on December 4th 2023. Valid for: 3 months.

This is the only time xencel.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Fallabela (Banking)

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3035::6815:2113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.126.37.185 104.126.37.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	108.138.32.115 108.138.32.115	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20a... 2600:9000:20a0:5600:a:b89d:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 _) (CDN77 _)
1	18.66.192.39 18.66.192.39	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.18.246.44 104.18.246.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	107.23.44.14 107.23.44.14	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a05:d014:58f... 2a05:d014:58f:6200::64	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:237... 2600:9000:237d:ac00:15:ad21:c740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.173.154.84 18.173.154.84	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:cb16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2600:9000:211... 2600:9000:211e:4e00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
9 18	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
11	5.75.153.142 5.75.153.142	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	44.239.191.39 44.239.191.39	16509 (AMAZON-02) (AMAZON-02)
128	26

16 2606:4700:3035::6815:2113 (United States)

ASN13335 (CLOUDFLARENET, US)

xencel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.126.37.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-185.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.32.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-115.muc50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20a0:5600:a:b89d:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-39.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.246.44 (None, )

ASN13335 (CLOUDFLARENET, US)

static.fif.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.44.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-44-14.compute-1.amazonaws.com

detectca.easysol.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d014:58f:6200::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

unruffled-shannon-1a7413.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:237d:ac00:15:ad21:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)

st.dynamicyield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-84.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cb16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:211e:4e00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.198 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

8645928.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 5.75.153.142 (Heinrichsthal, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.153.75.5.clients.your-server.de

bfaf6gq7.staticmon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.191.39 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-191-39.us-west-2.compute.amazonaws.com

eum-red-saas.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	doubleclick.net 9 redirects 8645928.fls.doubleclick.net td.doubleclick.net — Cisco Umbrella Rank: 488 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	11 KB
16	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3705	417 KB
16	xencel.com xencel.com	160 KB
11	staticmon.com bfaf6gq7.staticmon.com — Cisco Umbrella Rank: 472794	5 KB
10	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 2	2 KB
10	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	358 KB
9	dynamicyield.com cdn.dynamicyield.com — Cisco Umbrella Rank: 8995 st.dynamicyield.com — Cisco Umbrella Rank: 8356	201 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	487 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	142 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	instana.io eum.instana.io — Cisco Umbrella Rank: 6116 eum-red-saas.instana.io — Cisco Umbrella Rank: 14037	10 KB
2	netlify.app unruffled-shannon-1a7413.netlify.app — Cisco Umbrella Rank: 257997	5 KB
2	easysol.net detectca.easysol.net — Cisco Umbrella Rank: 66931	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	59 KB
2	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 21628	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	31 KB
1	fif.tech static.fif.tech — Cisco Umbrella Rank: 326495	1 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1454	48 KB
0	Failed function sub() { [native code] }. Failed
128	20

	Domain	Requested by
18	8645928.fls.doubleclick.net	9 redirects xencel.com www.googletagmanager.com
16	images.ctfassets.net	xencel.com
16	xencel.com	xencel.com
11	bfaf6gq7.staticmon.com	www.datadoghq-browser-agent.com
10	analytics.tiktok.com	xencel.com analytics.tiktok.com
9	adservice.google.com	8645928.fls.doubleclick.net
6	st.dynamicyield.com	xencel.com
6	www.googletagmanager.com	xencel.com
4	connect.facebook.net	xencel.com
3	cdn.dynamicyield.com	xencel.com
3	www.google-analytics.com	xencel.com www.google-analytics.com www.googletagmanager.com
2	td.doubleclick.net	xencel.com
2	unruffled-shannon-1a7413.netlify.app	xencel.com
2	detectca.easysol.net	xencel.com
2	web-sdk.smartlook.com	xencel.com
1	eum-red-saas.instana.io	eum.instana.io
1	www.google.de	xencel.com
1	www.google.com	xencel.com
1	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
1	eum.instana.io	xencel.com
1	script.hotjar.com	xencel.com
1	ajax.googleapis.com	xencel.com
1	static.fif.tech	xencel.com
1	static.hotjar.com	xencel.com
1	www.datadoghq-browser-agent.com	xencel.com
0	eppiocemhmnlbhjplcgkofciiegomcon Failed	xencel.com
128	26

This site contains links to these domains. Also see Links.

Domain
solicitudes.bancofalabella.pe
pagorapido.bancofalabella.pe
www.bancofalabella.pe
pagorapidocreditos.bancofalabella.pe
www.segurosfalabella.com.pe
web.segurosfalabella.com
www.falabella.com.pe
www.viajesfalabella.com.pe
www.sodimac.com.pe
www.tottus.com.pe
www.maestro.com.pe
www.linio.com.pe
beneficios.bancofalabella.pe
www.tottus.com
www.youtube.com
cmrpuntos.pe
wa.me
assets.ctfassets.net
www.smv.gob.pe
downloads.ctfassets.net
extranet.bancofalabella.pe
canaldeintegridad.ines.cl
falabella.paperless.com.pe
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
xencel.com GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
*.dynamicyield.com Amazon RSA 2048 M02	`2023-09-03` - `2024-10-01`	a year	crt.sh
1688964705.rsc.cdn77.org R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-07` - `2024-02-05`	3 months	crt.sh
flagr.fif.tech GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.easysol.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-04` - `2024-09-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
*.instana.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-20` - `2024-09-19`	a year	crt.sh
images.ctfassets.net Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.staticmon.com Go Daddy Secure Certificate Authority - G2	`2023-02-25` - `2024-03-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://xencel.com/
Frame ID: 3253C15FC0C338E91CCF58E76FBCA8A0
Requests: 108 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F726d1ffb-8bbf-48ac-bd3c-30b62188609f-00-6hepv77rrgmd.spock.replit.dev%2F
Frame ID: 4E8A7494EC4DDA1033E4EFE8C33557B6
Requests: 2 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FGilmer%2FDesktop%2Ffalabella%2Findex.html
Frame ID: 4CC0E987BD752C7BD889FDE162C1BD09
Requests: 2 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F7d6852d5-b259-418e-8121-4cf7efc1ba43-00-138wvmjik5xce.picard.replit.dev%2F
Frame ID: CD487906BFA80660CE616A64C69565CA
Requests: 2 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fd18adc05-3c41-492a-9312-0879aaf85434-00-1rwtndj0owdt.kirk.replit.dev%2F
Frame ID: D420EBD1021E6BBCE78EB6CBDF5D1659
Requests: 2 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124
Frame ID: 98AE338A89A4F5E98D68C3E68797FB8E
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124
Frame ID: F4B2F7F52481BFBE19363A86F815C45F
Requests: 1 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bancofalabella.pe%2F
Frame ID: 23FD7A79FAD26EE11B067776179749F4
Requests: 2 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F6fe5fc55-3a40-4dce-8f59-21f76c417d29-00-1jlx3vuzyjhrs.riker.replit.dev%2F
Frame ID: 7A2123B8E786AB91F3D0FC09044ED06E
Requests: 2 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F
Frame ID: 17F99028DE275EC5298E213D2F7F5FA7
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F
Frame ID: B89DA65554712D7C002BC3563507775D
Requests: 1 HTTP requests in this frame

Frame: https://8645928.fls.doubleclick.net/activityi;dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%2F%2Fxencel.com%2F
Frame ID: 363CFF2DB9ACA2A3BCE248A9379C3DC5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banco Falabella

Detected technologies

Dynamic Yield (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

cdn\.dynamicyield\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

128
Requests

87 %
HTTPS

64 %
IPv6

20
Domains

26
Subdomains

26
IPs

4
Countries

1977 kB
Transfer

6447 kB
Size

19
Cookies

74 Outgoing links

These are links going to different origins than the main page.

URL: https://solicitudes.bancofalabella.pe/?detalleClic=pu_menudesplegable_solicitacmr
Title: Solicita tu CMR

Search URL Search Domain Scan URL

URL: https://pagorapido.bancofalabella.pe/
Title: Paga tu CMR aquí

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/tarjeta-migracion-cmr
Title: Migra hoy a una nueva tarjeta CMR

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/prestamo-comercial-digital
Title: Préstamo Comercial Digital

Search URL Search Domain Scan URL

URL: https://pagorapidocreditos.bancofalabella.pe/
Title: Paga Tu Préstamo Comercial

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/recibe-tu-sueldo-con-nosotros
Title: Recibe tu sueldo con nosotros

Search URL Search Domain Scan URL

URL: https://www.segurosfalabella.com.pe/seguro-vehicular/?utm_source=BANCO&utm_medium=SITIOPUBLICO&utm_campaign=AUTO_MENUSUPERIOR
Title: Seguro Vehicular

Search URL Search Domain Scan URL

URL: https://www.segurosfalabella.com.pe/seguro-soat/?utm_source=BANCO&utm_medium=SITIOPUBLICO&utm_campaign=SOAT_MENUSUPERIOR
Title: SOAT

Search URL Search Domain Scan URL

URL: https://web.segurosfalabella.com/pe/seguros-de-salud/bienestar-total-la-positiva/?utm_source=BANCO&utm_medium=SITIOPUBLICO&utm_campaign=BIENESTARTOTAL_MENUSUPERIOR
Title: Seguro Bienestar Total

Search URL Search Domain Scan URL

URL: https://web.segurosfalabella.com/pe/seguros-de-vida/educacion-superior/?utm_source=BANCO&utm_medium=SITIOPUBLICO&utm_campaign=EDUCACIONSUPERIOR_MENUSUPERIOR
Title: Seguro Educación Superior

Search URL Search Domain Scan URL

URL: https://web.segurosfalabella.com/pe/seguros-de-vida/adulto-seguro/?utm_source=BANCO&utm_medium=SITIOPUBLICO&utm_campaign=ADULTOSEGURO_MENUSUPERIOR
Title: Seguro Adulto Seguro

Search URL Search Domain Scan URL

URL: https://www.segurosfalabella.com.pe/seguro-de-vida/a-tu-medida/?utm_source=BANCO&utm_medium=SITIOPUBLICO&utm_campaign=VIDA_MENUSUPERIOR
Title: Seguro Vida a tu medida

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/sostenibilidad
Title: SOSTENIBILIDAD

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/blog
Title: EDUCACIÓN FINANCIERA

Search URL Search Domain Scan URL

URL: https://www.falabella.com.pe/falabella-pe/
Title: Falabella

Search URL Search Domain Scan URL

URL: http://www.viajesfalabella.com.pe/
Title: Viajes Falabella

Search URL Search Domain Scan URL

URL: https://web.segurosfalabella.com/pe/
Title: Seguros Falabella

Search URL Search Domain Scan URL

URL: http://www.sodimac.com.pe/sodimac-pe/
Title: Sodimac

Search URL Search Domain Scan URL

URL: http://www.tottus.com.pe/tottus/
Title: Tottus

Search URL Search Domain Scan URL

URL: http://www.maestro.com.pe/
Title: Maestro

Search URL Search Domain Scan URL

URL: https://www.linio.com.pe/
Title: Linio

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/seguro-de-vida-con-devolucion?utm_source=BANCOPUBLICO&utm_medium=BANNERHOME&utm_campaign=VIDABANCO_LANZAMIENTO_ENERO2024
Title: Conoce más aquí

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/pagar-cmr/?detalleClic=banner_carruselhome_grati
Title: Hazlo hoy

Search URL Search Domain Scan URL

URL: https://beneficios.bancofalabella.pe/cmr-consumos/?detalleClic=carruselweb_landingconsumos
Title: Inscríbete AQUÍ

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/onboarding/ahorro-falabella/?detalleClic=carruselweb_sitio_publico_cuenta_bf
Title: Ábrela aquí

Search URL Search Domain Scan URL

URL: https://www.tottus.com/link/8vmb
Title: DESCARGA LA APP

Search URL Search Domain Scan URL

URL: https://solicitudes.bancofalabella.pe/?detalleClic=pu_home_ctabloque_solicitacmr
Title: INGRESA TUS DATOS AQUÍ

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/autoadhesion/?detalleClic=carrusel_inicio
Title: ¿Quieres cambiar tu Clave Internet? Hazlo con tu Token Móvil

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=XEke7aEtboc
Title: Pide tu adicional 100% online

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=xe7YxipVe9I&list=PLZsZTf4HKmLHCkcy3Pji2nVqFs3czNGZz&index=72
Title: Haz transferencias interbancarias inmediatas gratuitas

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LaGvpjWBgXY
Title: Resuelve tus dudas desde tu App

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=QUvQ2Clf0lI
Title: Configura tu CMR desde tu APP

Search URL Search Domain Scan URL

URL: https://beneficios.bancofalabella.pe/rapicash?detalleClic=pu_home_banner50
Title: Conoce más aquí

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/cuentas/cuenta-ahorro-clasico?detalleClic=pu_home_banner50
Title: Conoce más aquí

Search URL Search Domain Scan URL

URL: https://cmrpuntos.pe/
Title: Conoce más aquí

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/promociones/tottus?detalleClic=pu_home_banner50
Title: Conoce más aquí

Search URL Search Domain Scan URL

URL: https://beneficios.bancofalabella.pe/cmr-consumos/?detalleClic=popup_sitiopublico

Search URL Search Domain Scan URL

URL: https://wa.me/message/QFZGVIUVV2KBP1
Title: Haz tus consultas por WhatsApp

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/4HWvZ5mD84hJXbPOAiyvi5/57d69cdd1eb5095ccfe2637282a2e2b0/memoria-anual_BF_2022_V04__1_.pdf
Title: Memoria Anual

Search URL Search Domain Scan URL

URL: https://www.smv.gob.pe/SIMV/Bp_LisDatosGenerales?data=BC58736B3F8B883BE95AD29DF062&op=bq1
Title: SMV - Información pública

Search URL Search Domain Scan URL

URL: https://downloads.ctfassets.net/jsyhqx93uo07/36vOz6isCGMomrfqh7a7kK/6ccb3eee8e017e0f394fac8d4fb45f45/REPORTE_FIF_FALABELLA_SEPT_2022-37-.pdf
Title: Reporte de Sostenibilidad

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/4ZiDEGbM92zgdUMKgVDmjz/b111dbbb4ddc68a88f5e5e180fe77756/Carta_Corporativa.pdf
Title: Comunicado Covid-19

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/sucursales
Title: Ubica nuestra oficina más cercana

Search URL Search Domain Scan URL

URL: https://extranet.bancofalabella.pe/
Title: Extranet

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/mapa-de-sitio
Title: Mapa de Sitio

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/4FmBAVIY7zJydAZo3KlxZL/ceaea3fcb5e01872360c491fcfcce869/Hoja_Informativa_-_Tratamiento_Videovigilancia_-_V-mar.20.pdf
Title: Hoja Informativa Videovigilancia

Search URL Search Domain Scan URL

URL: https://canaldeintegridad.ines.cl/bancofalabella/
Title: Canal de integridad

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/6bUYaxggJJAApFcNkXFDP4/38871cdff915df5d4fdd6cce1fe1c331/codigo-de-etica-bf_agosto2020.pdf
Title: Código de ética

Search URL Search Domain Scan URL

URL: http://falabella.paperless.com.pe/BoletaBancoFalabella/
Title: Comprobantes de pago electrónico

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/5RB6sXVu8CrUqPmbEaU3wr/434b7076b930ee55da0e06c1946f2a8d/POL-004-19_POL__TICA_DE_PREVENCI__N_DE_DELITOS__1___1_.pdf
Title: Política de Prevención del Delito

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/2KTJsmvkrosWkIvBzv2rvL/ba297ae844f50ac1a56817d6ba6d0182/Reglamento_del_Programa_CMR_Puntos_Nov_2023.pdf
Title: Reglamento CMR Puntos

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/1qB2Zwv2ntL6R5iiN2eLI3/91de16ce73ed3bd0d5281ada13f5c450/LANDING-CATEGORIAS_2022_PE.pdf
Title: Nuevas categorías CMR Puntos

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/v1rCHOJsGQaUMLWmLfsFw/c1527bcf73fa58daf5bb2c143a8edb81/Politica_de_Cookies_Banco_Falabella.pdf
Title: Políticas de Cookies

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/57fLoB4ph3D1HV0VRysK0q/478fd9bcad6aca367ecd5cb24d6e15b7/Guia_Practica_de_cumplimiento_para_Proveedores.pdf
Title: Guía Práctica de Cumplimiento para Proveedores

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/1BhHqLEPoFj4ci543XewBs/3ee5de4ed64556935a17d4a1ddb47293/Publicaci__n_de_cuentas_inactivas_FDS__junio_2021_.pdf
Title: Publicación Regulatoria Fondo Seguro de Depósito – Julio 21

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/1EF0amyb5XD2giCkiSY8cB/0713e67a203af5ac5dd34eb9509491c9/Publicaci__n_de_cuentas_inactivas.pdf
Title: Publicación Regulatoria Fondo Seguro de Depósito – Enero 22

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/3a2fGJiTk5VVYFicfgYBLl/11ce5e2eb141eaff3992827f38b4ab42/cuentas_FDS_1er_semestre_2022.pdf
Title: Publicación Regulatoria Fondo Seguro de Depósito – Julio 22

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/4GrO0GR5EZoztelh0wLcCw/872306da8470306ffa2c62521b72c914/Publicaci__n_Regulatoria_Fondo_Seguro_de_Dep__sito_____Enero_23.pdf
Title: Publicación Regulatoria Fondo Seguro de Depósito – Enero 23

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/6UdXVPSMIR3AoWu0rq6BxL/074157a364e0fe2ebf2d33cc504183de/01_cuentas_FDS_2do_semestre_Julio2023__1_.pdf
Title: Publicación Regulatoria Fondo Seguro de Depósito – Julio 23

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/2Zpelc5fYJLyBHybUKfSlv/cfe78591f1f5db1007f96813f6280d8f/01_Base_FSD_Enero2024_Final_V01.pdf
Title: Publicación Regulatoria Fondo Seguro de Depósito – Enero 24

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/4td2Rq1GwRDm8TOldwZW0D/234cbed6e949357af690d36db39da40f/SIMULADOR_CRONOGRAMA_PRESTAMO_EFECTIVO_CONDEVOLUCION__3_.XLSX
Title: Simulador de Préstamo Efectivo

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/1Cpm709ar0q2DuJSSQNfri/d79d8f0e0cfa65c8a184c8ea6cc36158/Simulador_Pr__stamo_Comercial.xlsx
Title: Simulador de Préstamo Comercial Digital

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/1CrIj9GTjHG5pisM1WHPTe/bd0e7e317d77f0ce2ffb19d45f69ff6e/Banco_Falabella_-_Cuestionario_de_autoevaluaci_n_2023__CBP_.pdf
Title: Buenas Prácticas

Search URL Search Domain Scan URL

URL: https://assets.ctfassets.net/jsyhqx93uo07/6xy27iiABQZ7VHNWEs0Dos/167264b754f7e14c84c1d791d4149615/Simulador_de_Cuotas_RC_-_Ene24.xlsx
Title: Simulador de Cuotas Rapicash

Search URL Search Domain Scan URL

URL: https://beneficios.bancofalabella.pe/financiamientocuotas
Title: Simulador de Tarjeta de Crédito

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/gratificacion-que-es-calculo
Title: Gratificación 2023

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/cyber-wow-fechas-cuando-es-ofertas
Title: Cyber Wow 2024

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/page/deposito-de-cts-retiro-pago-calculo
Title: Depósito de CTS

Search URL Search Domain Scan URL

URL: https://www.bancofalabella.pe/libro-reclamaciones
Title: Libro de Reclamaciones

Search URL Search Domain Scan URL

URL: https://wa.me/message/BPQEHBEAVT6KJ1
Title: Bloquear mi tarjeta

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BancoFalabellaPeru/?fref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/BcoFalabellaPe

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bancofalabella_pe/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BancoFalabellaPeru

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F726d1ffb-8bbf-48ac-bd3c-30b62188609f-00-6hepv77rrgmd.spock.replit.dev%2F HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F726d1ffb-8bbf-48ac-bd3c-30b62188609f-00-6hepv77rrgmd.spock.replit.dev%2F

Request Chain 84

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FGilmer%2FDesktop%2Ffalabella%2Findex.html HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FGilmer%2FDesktop%2Ffalabella%2Findex.html

Request Chain 85

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F7d6852d5-b259-418e-8121-4cf7efc1ba43-00-138wvmjik5xce.picard.replit.dev%2F HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F7d6852d5-b259-418e-8121-4cf7efc1ba43-00-138wvmjik5xce.picard.replit.dev%2F

Request Chain 86

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fd18adc05-3c41-492a-9312-0879aaf85434-00-1rwtndj0owdt.kirk.replit.dev%2F HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fd18adc05-3c41-492a-9312-0879aaf85434-00-1rwtndj0owdt.kirk.replit.dev%2F

Request Chain 87

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124 HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124

Request Chain 89

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bancofalabella.pe%2F HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bancofalabella.pe%2F

Request Chain 92

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F6fe5fc55-3a40-4dce-8f59-21f76c417d29-00-1jlx3vuzyjhrs.riker.replit.dev%2F HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F6fe5fc55-3a40-4dce-8f59-21f76c417d29-00-1jlx3vuzyjhrs.riker.replit.dev%2F

Request Chain 93

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F

Request Chain 95

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%2F%2Fxencel.com%2F HTTP 302
https://8645928.fls.doubleclick.net/activityi;dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%2F%2Fxencel.com%2F

128 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xencel.com/ 696 KB
39 KB 852ms
784ms Document
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7440021fda30ca271e4b1af08f52a84740a494e58b6afec88f7d1b9a6df681

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84d2f93b89b4199e-FRA
content-encoding: br
content-type: text/html
date: Mon, 29 Jan 2024 16:50:20 GMT
last-modified: Thu, 25 Jan 2024 02:17:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yeLNGIr9a0wRFOZxQ8YzdSTCWLabrDjhOTDnTNQNrhe4w621uVRYoG%2F35EPA08K6oMQP8l1oUXmS%2BNdcCHjHfDz3AZanaKm%2FZs%2FnXwofhUvGrCQgpUUOrmfJhRPK3XbcsZMbUD2XTEF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 main.MWI0MWYzMDk5MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 378 KB
102 KB 60ms
20ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MA.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e14cfdff7c80a9f1f400cb90dc1adf7f3f49a6c183279187e0411e2511efb27f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 6648af3c
date: Mon, 29 Jan 2024 16:50:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401231515434BE3B6E3D1C290C09F1F
x-tt-trace-id: 00-2401231515434BE3B6E3D1C290C09F1F-7A1666C0B42C50DF-00
vary: Accept-Encoding
x-cache: TCP_HIT from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01476898453b59740a5a1f5193190effb848b9d715a3c7215c28662f509d59aeefae68ca08392bf947676560e00cf9a220f8509cc55a06f701d2d212334daf68af0f43099b41fc9ff6c61067c6b9564c8cc1515352cf29291dc61677fa5ff36548
server-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, inner; dur=4
content-length: 104153

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 147ms
108ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C96BHERC77UB71TGI2OG&lib=ttq
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ad517a7a22f30e2f479eba29aacd507b83fa9230eb593fc6d2f62b7716c0aaaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 63c45a4.6648af3b
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401291650207EDCB7AB84D196E2D86F-2BF055DADDB90AC0-00
x-cache: TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 90,104.126.37.181
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=6, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202401291650207EDCB7AB84D196E2D86F
x-cache-remote: TCP_MISS from a23-48-200-40.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.48.200.40
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e7bd45ae3c656f8604201225b27934923a9b88b25ba4b30b0097a86780674a749b0bf7b28fdeba7a42e3ee42f2a605a7d9f4a76edba856befcd8c1e8dcdc433f8988421fa909eaa8751f6b41ae9eff0f038fc20e48d98342271057811f59c91a88
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 61ms
17ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 15:30:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4777
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 29 Jan 2024 17:30:44 GMT

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 150 KB
48 KB 75ms
11ms Script
application/javascript 108.138.32.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-115.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:49:55 GMT
content-encoding: br
via: 1.1 349eb6985da057f318665aa6bde74732.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 30
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: cugLbyWLJ5pby_IjgZkKr6C9tgjYdTNQQj5xa4GgS376CuxQtl88Dg==

GET
H2 200 dy-coll-nojq-min.js Show response
cdn.dynamicyield.com/scripts/2.23.0/ 104 KB
33 KB 109ms
22ms Script
text/javascript 2600:9000:20a0:5600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/scripts/2.23.0/dy-coll-nojq-min.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 89183010b8f2a67c2e0020b4f6d75cf2b9f7ed25992eb6f2498956478f24ee8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:02:11 GMT
content-encoding: gzip
via: 1.1 3237261dc7a40dff5065abc108a85afa.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 14:00:31 GMT
server: DYCDN
age: 1154891
x-amz-cf-pop: AMS58-P2
etag: W/"b8f19c13f339a1e91896c2521ddc2c51"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: gudhNKQr32S6qxmQHytqmEttTZLHTSAmd6NfgNKzhiPUzGubFlRCZg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 506 KB
133 KB 109ms
69ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56LP6S7

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e31bfb0d66b6160813438402e27d6f3cc0205920161b024699363495b97e0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136109
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
66 KB 83ms
43ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8645928&l=dataLayer&cx=c

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

008e1a85392fa6c8a3edc7ca913e9e022495215fb37eda11f5c04f093986a9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67831
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
90 KB 87ms
47ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MJPWB6Z9P5&l=dataLayer&cx=c

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ee570daba682c5f398e67884a79874d7a1e30abf2f0d3b32dbb6fa922ac1ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91966
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
80 KB 94ms
55ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KMJCS9WZ6R&l=dataLayer&cx=c

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce25a7765ed12e77afec71548793f5ab3ea89bd9851d15c97c17c55130c63ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 135 KB
51 KB 66ms
27ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQZJKGRD&l=dataLayer

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab50e1e490117df2591a26ac55e11ba3dc3ad8d7297166ea6291620cfde4e4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51608
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 186ms
183ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLFQQ13C77U4D7KCGCSG&lib=ttq
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a89c69dc3f40af4df3df3184823bcac43c404dbb2dcee5328731a7e86a1969a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 6648bc7a
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240129165021638354146CE9D2E31B0C-362BF4B31C9A656C-00
x-cache: TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=10, origin; dur=147
content-length: 1348
pragma: no-cache
server: nginx
x-tt-logid: 20240129165021638354146CE9D2E31B0C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 148,104.126.37.181
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e7ce56f7bd27ba78029b9f0cfa6b72730acb81bcb19d3b77ded98c6e0284a4a9cb85bdbf063b7f4d6c6893478097af8576d965d4de4a77774a833f54ff5217d0b4c889789ec2a7f86ef87ab647bc71ea3a
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 49ms
10ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 6648af26
date: Mon, 29 Jan 2024 16:50:20 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401231515446A5F9594963C1C97A7E4
x-tt-trace-id: 00-2401231515446A5F9594963C1C97A7E4-6E9507D48E434750-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01df44dae11d3c200464c328a8af956f9110aadf24e1a9456eced2c49e1ba927580babd73faf3270bc93758032b9846a20f242bbad2e131ad8eec0db9ab4d3f30f59739437f9df094ba4f22abfd68eaf2b40444fa623d2eddffc045239171bf331
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37074

GET
H2 200 main.MWI0MWYzMDk5NA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 413 KB
108 KB 26ms
24ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5NA.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 92379c1a60ad17058baa2f596fa895c4682e8f543baa9c5957f23e552f22f55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 6648bc7b
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401231515598029707E99C2A098EDB0
x-tt-trace-id: 00-2401231515598029707E99C2A098EDB0-3475F468AC4728F5-00
vary: Accept-Encoding
x-cache: TCP_HIT from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01732352562e1ec6605b53b751f39b49f7009a29b723ae32b28335e8b49f179f10fece089f2ffbe457706076a58bce9d5666c673a1f7bb03b57e364b7a8b80a9e85409bc5a4799b14701855f11bde8079fc78de43cacd75f85a59387b931222606
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 109823

GET vi-tr.js
eppiocemhmnlbhjplcgkofciiegomcon/executers/ 0
0

GET location.js
eppiocemhmnlbhjplcgkofciiegomcon/content/location/ 0
0

GET extend-native-history-api.js
eppiocemhmnlbhjplcgkofciiegomcon/libs/ 0
0

GET requests.js
eppiocemhmnlbhjplcgkofciiegomcon/libs/ 0
0

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 6 KB
2 KB 40ms
25ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

fb576185303ffb977caf190e49acd628dab4f5f1d05707ed1f866f63a742aa70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 16:50:21 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-age-lb: 536
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-accel-date: 1706546485
x-77-nzt: EgwBw7WvDgH3GAIAAAwBJRPCMQH3AAAAAA
x-accel-expires: @1706547085
x-77-age: 536
x-cache-lb: HIT
last-modified: Thu, 25 Jan 2024 11:22:42 GMT
server: CDN77-Turbo
etag: W/"65b24482-17d1"
x-77-nzt-ray: 9083393003785cba4dd7b765efad182a
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 hotjar-2480705.js Show response
static.hotjar.com/c/ 9 KB
4 KB 119ms
52ms Script
application/javascript 18.66.192.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2480705.js?sv=7

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-39.muc50.r.cloudfront.net

Software

Resource Hash

ed2cc045d89661389477f56a5a16e9d9dc5661656f17f273b6cda5b76151243e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/83850b29c6bb3093925720e36f02e60b
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: D1G5AwIpxDNbrHeJvl0mKdPkqwjRRlrU2iNq2UcPMpdJCO3bKK9zXg==

GET
H2 200 2183481648633977 Show response
connect.facebook.net/signals/config/ 59 KB
14 KB 202ms
160ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2183481648633977?v=2.9.142&r=stable&domain=www.bancofalabella.pe

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

137fd2319109bc7edcee6316ff2b0f66c11fed901768405244b236766ecb912d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 16:50:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 6X+UuOwyTCqq7VzOu3S1dBaWNGkKV+d0GX9NRKomXTnkdivQ7evDAMXogQw3gFwYe8zPVOQtmqj8DW/dqH9ODQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 313326399627294 Show response
connect.facebook.net/signals/config/ 143 KB
35 KB 141ms
141ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/313326399627294?v=2.9.142&r=stable&domain=www.bancofalabella.pe

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

851ca5e9fdb91487fd1b766b56e7d50ab35ce7c73340d1637b14279cd0515d0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 16:50:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 9nIu77Fz8Y+TqoHkan8Azicg6ZtLnKwxNCUbKeqzzVbzQdMxTe0+geUcDrtDyHhIXZkVuojnuCwMoAU7A3WqnQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 399879852247149 Show response
connect.facebook.net/signals/config/ 136 KB
35 KB 90ms
90ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/399879852247149?v=2.9.142&r=stable&domain=www.bancofalabella.pe

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e0326d1af4f35605a74434e6292a3c190efaf8fd8fdfe8151d35384debe64d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 16:50:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: HUtSPIB9Pg6SWxD2cRQIscoVnYKUS/qi/hGUq9LUGljpnwyPG0MFvO5WrlSfHpCr4RAr/nvelMlgZSRpBKPzLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 29 Jan 2024 16:50:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: Z5HXWQiFEtuNeQ0teMnddXa7vlW7RjgSGhFn+WVqPzTe798hoFX8BU4JcNhgtsZEJhFcA64H3068F2bFnFaKhA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bfpe_web.js Show response
static.fif.tech/fif-common-analytics/google/ 638 B
1 KB 519ms
480ms Script
application/javascript 104.18.246.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fif.tech/fif-common-analytics/google/bfpe_web.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.246.44 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa88911b0921c4db2f57cdad62f5eb362689ce7cf13c0046b1fd5f0c3b7a81c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 29 Jan 2024 16:50:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
content-md5: 19sYXXIh7PXxN3CevyoFkQ==
x-ms-lease-status: unlocked
last-modified: Thu, 08 Sep 2022 21:13:27 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 01150fd2-701e-004b-49d3-52b650000000
access-control-expose-headers: ETag
cache-control: max-age=300
x-ms-version: 2009-09-19
cf-ray: 84d2f9463a4971bf-FRA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK detect.js Show response
detectca.easysol.net/detectca/scripts/eR881v0fKOmLNU5IJJNH0RhxcStatD/ 2 KB
2 KB 490ms
91ms Script
application/javascript 107.23.44.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://detectca.easysol.net/detectca/scripts/eR881v0fKOmLNU5IJJNH0RhxcStatD/detect.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 107.23.44.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-44-14.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7b10e5a55f8e6392608b87724787c97449eaf080911fb0d24abb6e2b925713a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Last-Modified: Mon, 29 Jan 2024 16:00:00 GMT
Server: nginx
ETag: "65b7cb80-66c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1644

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
66 KB 36ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8645928

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

399c937d2b00ad0b7bcbca3b09df0f770dbc514b9c3b293dc6518406431430be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67853
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H2 200 styles.51b89efc20e0e54e7086.css
xencel.com/ 161 KB
29 KB 805ms
804ms Stylesheet
text/css 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/styles.51b89efc20e0e54e7086.css
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c0a0d5f18b8ad0ed53dea0138d74be554159da6f1992ebb9b74e3a729df81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 02:17:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4xC9txrvEGB%2Bi3AaLvTM1IyHhFRfSu%2BEQ2O5tja1e3kbeK51Q5NV1RWv8D1Hxkt%2FyshYS0pCoHvBFEosAMnc%2FFtim5Lw%2FdPArjSeh4QO06TfTkCXOYMcwPlrfNlAzfDkcI%2FFJpB1wup"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f9407a98199e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 16:50:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 13:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 13:14:28 GMT

GET
H2 200 bfaf6gq7.js Show response
unruffled-shannon-1a7413.netlify.app/ 21 KB
4 KB 47ms
8ms Script
application/javascript 2a05:d014:58f:6200::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unruffled-shannon-1a7413.netlify.app/bfaf6gq7.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

162e45acfeac0ee73784013b64ea0696682f813d766ecc29cf842d08190384d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HNB22205EHE13ETX2JY6EB1E
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 192514
cache-status: "Netlify Edge"; hit
etag: "404b8f3cd5adc00d31051c080ab8fba7-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 4052

GET
H2 200 st Show response
st.dynamicyield.com/ 49 KB
6 KB 161ms
122ms Script
text/javascript 2600:9000:237d:ac00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8774592&inHead=true&id=0&jsession=&ref=https%3A%2F%2Freplit.com%2F&scriptVersion=2.23.0&dyid_server=
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ac00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c986e50bf1ccda541e1ac287ad5906bf92fa0db159dc1aa3b87311462c6440fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: HDx63Tm1OT7HwzmQfWznvQ0BAF89y7WR_j0angApkLuHNx6KRiJzPg==
expires: Mon, 29 Jan 2024 16:50:20 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 49 KB
6 KB 155ms
121ms Script
text/javascript 2600:9000:237d:ac00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8774592&inHead=true&id=-4012707025764211592&jsession=934bd0ed5740f4a0afdedf9f228d80c1&ref=https%3A%2F%2Freplit.com%2F&scriptVersion=2.23.0&dyid_server=
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ac00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 49139bb8487f9a594f64fd433bb59e6a746964f1e71cc6ea6377ff5f85c0e02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: NdMCt21nl1InwNt8WDatKAS-u22S0LX62DlmcZpFEvd3Zto2TfNtIQ==
expires: Mon, 29 Jan 2024 16:50:20 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 49 KB
6 KB 148ms
124ms Script
text/javascript 2600:9000:237d:ac00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8774592&inHead=true&id=-4012707025764211592&jsession=934bd0ed5740f4a0afdedf9f228d80c1&ref=&scriptVersion=2.23.0&dyid_server=
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ac00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 49139bb8487f9a594f64fd433bb59e6a746964f1e71cc6ea6377ff5f85c0e02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: ptxWdqTC1hjaDKnHOrNium1tJJiWu_70SR1Yd62V2eYaJj-NcirpbA==
expires: Mon, 29 Jan 2024 16:50:20 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 49 KB
6 KB 147ms
123ms Script
text/javascript 2600:9000:237d:ac00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8774592&inHead=true&id=-4012707025764211592&jsession=934bd0ed5740f4a0afdedf9f228d80c1&ref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F&scriptVersion=2.23.0&dyid_server=
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ac00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 49139bb8487f9a594f64fd433bb59e6a746964f1e71cc6ea6377ff5f85c0e02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: xXgNBeDqxI0wYcbt1KK1UOaF2kVcKimPr5q7CiCSflvvZ4GpdEjm6w==
expires: Mon, 29 Jan 2024 16:50:20 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 49 KB
6 KB 140ms
119ms Script
text/javascript 2600:9000:237d:ac00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8774592&inHead=true&id=-4012707025764211592&jsession=&ref=https%3A%2F%2Fwww.google.com%2F&scriptVersion=2.23.0&dyid_server=
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ac00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a6e2b19c5b1ff3570e237e93eab78d4722d2fd28b5c0cb14dd07b2e63e8499df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: jVtUSpZW0TwVvO5GoA5iOb_of1Z5JgGYXyn3lFZVE5ZsgPD1MZsznQ==
expires: Mon, 29 Jan 2024 16:50:20 GMT

GET
H2 200 modules.0c2aac1b2d1ba79f2a01.js Show response
script.hotjar.com/ 219 KB
55 KB 59ms
8ms Script
application/javascript 18.173.154.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-84.muc50.r.cloudfront.net

Software

Resource Hash

8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 15:40:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 436215
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55804
last-modified: Wed, 24 Jan 2024 15:39:41 GMT
etag: "252eda316b5dfe5750655c881f809a75"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bdA5MYPMhHWWKRZqDXObrupIIEaWQxXuDfu5lhk-6tpwNCwa-HKpOg==

GET
H2 200 init.a40149584974a699867a.js Show response
web-sdk.smartlook.com/es6/ 62 KB
18 KB 46ms
6ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/es6/init.a40149584974a699867a.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

9ab7d9748bdfba5d61ea83f56d3f0db0fc4a4f822c624fa4bfa26e2e6deb4512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://xencel.com/
Origin: https://xencel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 16:50:20 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-age-lb: 1668956
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-accel-date: 1704878064
x-77-nzt: EgwBw7WvDgH3XHcZAAwB1GY4AQH3FAAAAA
x-accel-expires: @1736414044
x-77-age: 1668976
x-cache-lb: HIT
last-modified: Wed, 10 Jan 2024 08:37:20 GMT
server: CDN77-Turbo
etag: W/"659e5740-f605"
x-77-nzt-ray: 90833930706bd2a44cd7b76550ec8636
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

GET
H2 200 logo.svg
xencel.com/assets/ 26 KB
10 KB 647ms
647ms Image
image/svg+xml 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xencel.com/assets/logo.svg
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6307e3342603f7a2c52be07da21708c2cd46f2cebe0e5b5aa5f4491b1f76a252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 02:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzy7CEye4Q8Qtn8T2poMA3IqAlarKHfmjr1XbksG36AqxD0nabMewbFIUi9GSnAAdqxSGz2DUVSbdKrVpEjeNbxOtrh%2BiThmxcnBdm39kYrhHSDjFyBjEI4oy9siDstQ9U5hjGoVZhZJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f9407a9c199e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 16:50:21 GMT

GET
H2 404 ic-prev-slide.svg
xencel.com/assets/icons/ 1 KB
1 KB 470ms
470ms Image
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xencel.com/assets/icons/ic-prev-slide.svg
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81931f052a38cad16e3b96a99325b5e81b50283153254481d605c37f8b02ee2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4feTklobpUCOrTRRlUhh2hJS5lXvkEaIDskD0p3YB0Ot88uJ5SVf31yoy5%2FTKkODldRk%2Bj3GBp5uNR%2FlRdSYwonuFiICJ1TXNP%2Bwhos1lz%2BAspZYcfVot1Q6KyrJG34yXE5EjbUm5pS"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f9407a9d199e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 ic-next-slide.svg
xencel.com/assets/icons/ 1 KB
1 KB 488ms
488ms Image
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xencel.com/assets/icons/ic-next-slide.svg
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81931f052a38cad16e3b96a99325b5e81b50283153254481d605c37f8b02ee2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKUs4mcDgzYeZhn0xQrgQ%2FEvUm8cH6qk1oPcdaJaAQDZ7rsjFcUaazUalc0Dn864h%2FK1mgVTL0RIF%2BhwILhnfbRr733wzqUEPFaQMuYuxqnAkFAJOwariCdvZpINB1B2Ho1w2AQRxKEJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f9436a803826-FRA
alt-svc: h3=":443"; ma=86400

GET location.js
eppiocemhmnlbhjplcgkofciiegomcon/content/location/ 0
0

GET vi-tr.js
eppiocemhmnlbhjplcgkofciiegomcon/executers/ 0
0

GET extend-native-history-api.js
eppiocemhmnlbhjplcgkofciiegomcon/libs/ 0
0

GET requests.js
eppiocemhmnlbhjplcgkofciiegomcon/libs/ 0
0

GET location.js
eppiocemhmnlbhjplcgkofciiegomcon/content/location/ 0
0

GET vi-tr.js
eppiocemhmnlbhjplcgkofciiegomcon/executers/ 0
0

GET extend-native-history-api.js
eppiocemhmnlbhjplcgkofciiegomcon/libs/ 0
0

GET requests.js
eppiocemhmnlbhjplcgkofciiegomcon/libs/ 0
0

GET location.js
eppiocemhmnlbhjplcgkofciiegomcon/content/location/ 0
0

GET vi-tr.js
eppiocemhmnlbhjplcgkofciiegomcon/executers/ 0
0

GET extend-native-history-api.js
eppiocemhmnlbhjplcgkofciiegomcon/libs/ 0
0

GET requests.js
eppiocemhmnlbhjplcgkofciiegomcon/libs/ 0
0

GET vi-tr.js
eppiocemhmnlbhjplcgkofciiegomcon/executers/ 0
0

GET
H3 404 libro-reclamacion.png
xencel.com/assets/ 1 KB
1 KB 469ms
469ms Image
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xencel.com/assets/libro-reclamacion.png
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81931f052a38cad16e3b96a99325b5e81b50283153254481d605c37f8b02ee2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1a%2FpEV0OcQxABHmOO4pwoui5SB%2B8f%2Fj1RaSmV%2B52GPqVwHNWR1ikn8etyQaSs3%2FUsswX%2B3xOp7DvR4noEPitkr2w3tm%2BKkWGx%2Bt%2BvaxxynTmP3s0YBs1AT7OQyAmp6be%2FkC1YYFlPML"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f9448b933826-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 runtime-es2015.51917490486e0476e183.js
xencel.com/ 0
0 471ms
470ms Script
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/runtime-es2015.51917490486e0476e183.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://xencel.com/
Origin: https://xencel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8X%2FPSkSMsWoXLAviA8GT9yyL%2B%2FuiVYhWH2QPlIteqQjB2Q1%2BSFYS4X2fQOclG6RnmWMYGm%2FTYdol5M8kKi1gVvdp%2BMZLNe5%2BOaYgyFWDlP5nwJIeuYBN%2BjGF2DZaxSE4FKqOz6b1pUqj"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f941c8c23826-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 polyfills-es2015.af9f8798171e8857bce9.js
xencel.com/ 0
0 494ms
493ms Script
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/polyfills-es2015.af9f8798171e8857bce9.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://xencel.com/
Origin: https://xencel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Y7YQQSEJFefUN27%2BpjrKn7PQ0nSDRx%2Bgwa%2BirU1Yl%2Fan%2FlbvA5D8hWpOEcaZZVVJLKgNO8a9gindT4Ti1jQF8bNGL6STiAOQMgFtgsFYmNmzfCgBixrHHaENsabgBfDG5kqEiDK57oa"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f941c8c53826-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 scripts.270e99c0bb84a944a79e.js
xencel.com/ 0
0 472ms
472ms Script
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/scripts.270e99c0bb84a944a79e.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAHTbF2rVOVWdJDuFElDq46HxE1DXYOK4t7iGcBd3IhvjqQPS00tpb2SSbj2lLlJ4%2FaYs4wT%2FBRuscwIfFdHcNKBS%2F0%2FkF96k3Ms5EMUHOGo4wn2A8C%2Fk%2B5%2BZLwKq4QziEZJPkzwnr5r"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f9459c993826-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 main-es2015.7f6a638e8a3e0ab40bdf.js
xencel.com/ 0
0 495ms
495ms Script
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/main-es2015.7f6a638e8a3e0ab40bdf.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://xencel.com/
Origin: https://xencel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXUF2kzGBz5gi4qVGItyz%2BNUhmF1RAyaPJOqPQO6vYhvX9DYR6mFPx4nlqNXRgDR%2BSnmVKQHQLWuZOOVLL7UccGbdfl4b4K%2BdXAkVJPcuaCUYgEFgjoFqUURx63i1T3ZwJACOMcjmpnp"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f941c8c63826-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api_dynamic.js Show response
cdn.dynamicyield.com/api/8774592/ 299 KB
30 KB 426ms
426ms Script
application/javascript 2600:9000:20a0:5600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8774592/api_dynamic.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: 8bc6bebc2a25b32582d9412e118b0f81059a06232a599385d6833c4d7cccb097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:23 GMT
content-encoding: gzip
via: 1.1 3237261dc7a40dff5065abc108a85afa.cloudfront.net (CloudFront)
last-modified: Sun, 28 Jan 2024 10:10:11 GMT
server: DYCDN
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
etag: W/"e705bacb17631b4284533d3ac2e90568"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=30
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: 4pgZR4xoPnvCKa4eQxP3AIM9tzTK255bExHo1d63sdzWV0b48zdBRA==

GET
H2 200 api_static.js Show response
cdn.dynamicyield.com/api/8774592/ 355 KB
105 KB 16ms
16ms Script
application/javascript 2600:9000:20a0:5600:a:b89d:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dynamicyield.com/api/8774592/api_static.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:5600:a:b89d:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DYCDN /
Resource Hash: e31d34f3a651c988a2d0c7f70350bcd01e807c9387040ddda086bb3121ee048e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:19:34 GMT
content-encoding: gzip
via: 1.1 3237261dc7a40dff5065abc108a85afa.cloudfront.net (CloudFront)
last-modified: Sun, 28 Jan 2024 10:10:11 GMT
server: DYCDN
age: 23448
x-amz-cf-pop: AMS58-P2
etag: W/"b23423a96ec53a7598a8c8c9d7fc3595"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
link: <//st.dynamicyield.com>; rel="dns-prefetch", <//st.dynamicyield.com>; rel="preconnect", <//rcom.dynamicyield.com>; rel="dns-prefetch", <//rcom.dynamicyield.com>; rel="preconnect", <//async-px.dynamicyield.com>; rel="dns-prefetch", <//async-px.dynamicyield.com>; rel="preconnect"
x-amz-cf-id: ou_qMZTwyrhImaAB8JZMJTSw6-IN1exy9iM1ykncKt5_tE9cKPZw_A==

GET
H2 200 bfaf6gq7-red.js Show response
unruffled-shannon-1a7413.netlify.app/ 2 KB
769 B 8ms
7ms Script
application/javascript 2a05:d014:58f:6200::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unruffled-shannon-1a7413.netlify.app/bfaf6gq7-red.js

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6200::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

343160097eb12156ef49457815639f68dbd2ec73d272741eef7c5805339fb690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id: 01HNB2220CZV0DXT6BQK6MXX0G
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 192725
cache-status: "Netlify Edge"; hit
etag: "527869ff3a0a67b9f6d4eeb729eb90fd-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 672

GET
H2 200 eum.min.js Show response
eum.instana.io/ 27 KB
10 KB 73ms
32ms Script
application/javascript 2606:4700::6810:cb16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a6fdd83eb858f126fc5b8c408c0bf49fda96e9dedb44d893d88932cc40294d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 1 Jan 1970 00:00:01 GMT
server: cloudflare
age: 141967
etag: -724079698--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin: *
cf-ray: 84d2f946cab10472-FRA

GET
H2 200 main.MTU3YmJkODI0MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 379 KB
102 KB 14ms
13ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C96BHERC77UB71TGI2OG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 6648bc7c
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401252008486664CB3D3A77D36D5204
x-tt-trace-id: 00-2401252008486664CB3D3A77D36D5204-21124434B1998D91-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016229f81049823936d3cb85cce8bcbe9b3121cdfbf847eba3c86cf6a93d2792f5dc203aa8367c77e73b689827d4d567afd59aa07d1e4f26e117fc92b4ad310eb9e7e1992329d1d903f715ec667b2b51eb1e5f75a056cccc88179eae40e6505f2c
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 104107

GET
H3 404 ic-help.svg
xencel.com/assets/icons/ 1 KB
1 KB 471ms
470ms Image
text/html 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xencel.com/assets/icons/ic-help.svg
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81931f052a38cad16e3b96a99325b5e81b50283153254481d605c37f8b02ee2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NISrq7wsJxMyIYYJSYdUePMqoXLhdW1XXdNEd3sFN3%2FzJzk%2Fxzbe7TEfbHIA7XMueYa5Gd8eyhl%2BxTvDQEdSdJ%2BDfmw6G%2BTVHgzTKob1RSHqzqV0sq0Wib5ntlomxTFK0%2FdEYhU7qcOW"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f945ccd03826-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ic-select.b33b90cf591d757f1509.svg
xencel.com/ 206 B
665 B 166ms
166ms Image
image/svg+xml 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xencel.com/ic-select.b33b90cf591d757f1509.svg
Requested by: Host: xencel.com
URL: https://xencel.com/styles.51b89efc20e0e54e7086.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6bbbb43233258760b2f06274468f23ba75572678aeff3a6d3db1a2aa6cbe0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/styles.51b89efc20e0e54e7086.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 02:17:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xry0lCCoXHWj%2BdBOKLwDMB2TbzsozCSmX8Ts3CYcRYTCOShq3uFJtUg3MHFpTiUmQsiwk6%2Br0TX%2FBmcMiC4ZE4ifex1gX0KBqntkMrAkd1mITMA0UPcSAxcCsPgtc1q1Z1mdxw9y%2F0Wf"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f945ccd33826-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 16:50:21 GMT

GET
H2 200 seguro_vida_con_devolucion_cotizar_online_beneficios_requisitos.jpg
images.ctfassets.net/jsyhqx93uo07/3JluPmhFeAkx2uBU1SHw3d/98fc2e834e812e2ce138cd4a251acc32/ 82 KB
82 KB 65ms
32ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/3JluPmhFeAkx2uBU1SHw3d/98fc2e834e812e2ce138cd4a251acc32/seguro_vida_con_devolucion_cotizar_online_beneficios_requisitos.jpg?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: d5bd5120d33e271fc9f0f32a8310594eadd543bfcf90b6c46107cad4d86fac07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jan 2024 17:16:46 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 131
etag: "baf5c1ed4bd6740947241bf52b3a7a04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 83638
x-amz-cf-id: RjtB6RPNxYW4LzNAPuPScVAQE6XM6xWNskdpcvyqDF-CZ9QJxqHBFw==

GET
H2 200 pagar_cmr_online_tarjeta_de_credito_banco_falabella.jpg
images.ctfassets.net/jsyhqx93uo07/5CtspASMzB7vFXdMYo0uv7/87eda11377ac5f9bd27078ad534dd1f0/ 35 KB
36 KB 57ms
24ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/5CtspASMzB7vFXdMYo0uv7/87eda11377ac5f9bd27078ad534dd1f0/pagar_cmr_online_tarjeta_de_credito_banco_falabella.jpg?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ae021b3f1e396802a4ea4670700ee24d3320f72033f61b6d4b945d9d4775c0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:19:36 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Wed, 03 Jan 2024 14:47:51 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 23445
etag: "1d8f5403879b49837bdea023959745ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 36344
x-amz-cf-id: FuYQMVOP4ZbjGh7jPinpZ8qrde8uIx6UjJVGCsUDMmjJklv90o3K8w==

GET
H2 200 oportunidades__nicas_beneficios_descuentos_tarjeta_de_credito_cmr.jpg
images.ctfassets.net/jsyhqx93uo07/3UaKaoSacxDA1SYmvtnMsv/0f5b017cfe00f1ae1d97010c068e2345/ 61 KB
61 KB 18ms
15ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/3UaKaoSacxDA1SYmvtnMsv/0f5b017cfe00f1ae1d97010c068e2345/oportunidades__nicas_beneficios_descuentos_tarjeta_de_credito_cmr.jpg?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b7b1bbf44c590f7eb630ddff3160f294b81fbaca2d708fe66a33da8862e5addd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:49:30 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:50:20 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 3650
etag: "7d147a6bba496b51301aba3912121e4b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 62034
x-amz-cf-id: quF6lAOD659GlId621vdZbbQ8HpUXs7eDpmjaIGoIJzImvFopzQfZw==

GET
H2 200 solicitar_cuenta_ahorro_independiente_online_digital_transfiere_gratuito.png
images.ctfassets.net/jsyhqx93uo07/3OGFnF4wWL4Z5ecWNeHJtd/7a4ef616de139837919240c11549a9aa/ 63 KB
63 KB 20ms
17ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/3OGFnF4wWL4Z5ecWNeHJtd/7a4ef616de139837919240c11549a9aa/solicitar_cuenta_ahorro_independiente_online_digital_transfiere_gratuito.png?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: cbff7e6d5536fe45c2ed2f12cb2b725a460a22baa969ad4d093c3c004649214c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:26:40 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 08:32:34 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 73421
etag: "c840da45b5668b4e01b5dc73959709ad"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 64310
x-amz-cf-id: swd8n6xCKUHOj1YJ81ZxhfaEisjnmQBnB0NBaL1_D8LSqCmuG5kipA==

GET
H2 200 tottus_ofertas_tarjetas_cupones.jpg
images.ctfassets.net/jsyhqx93uo07/6DfgDHgrAY8Wl1eiQZQ1a/ce955998931a5994ddcc2adf240ec04b/ 5 KB
5 KB 14ms
11ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/6DfgDHgrAY8Wl1eiQZQ1a/ce955998931a5994ddcc2adf240ec04b/tottus_ofertas_tarjetas_cupones.jpg?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ba124cff5d94d03953199afa7c7e54ff69625107f8a493a3ccd755f6096ab63a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 19:43:36 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 21:38:23 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 76005
etag: "ff06b924fc5b7c7370d734687948af19"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 5158
x-amz-cf-id: BWPQ10Z5HkwxzRQUuT5HvZ0-C48kgu463LgL1qUqsIQna6DW3uhbng==

GET
H2 200 seguro_vida_con_devolucion_cotizar_online_requisitos__1_.jpg
images.ctfassets.net/jsyhqx93uo07/79ykpRm7EcwOq6kIonrAVz/9d45d9a5af0aadc89dff9de43d26d181/ 28 KB
29 KB 27ms
24ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/79ykpRm7EcwOq6kIonrAVz/9d45d9a5af0aadc89dff9de43d26d181/seguro_vida_con_devolucion_cotizar_online_requisitos__1_.jpg?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: dae56141e1aa87e5a8a188a420ae36ffb609033f40294f75e3f9e76f6378ec0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jan 2024 17:15:40 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 131
etag: "43c9d70dcf15993199c02edfc17fae4a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 29084
x-amz-cf-id: PyuDjhfb4w2-nzzJ5MhMPtJ7PvcAHctlGIHAZsWCRcWF2rw50lIZEA==

GET
H3 200 pfbeausanspro-bold-webfont.4870f99dd015ac639421.woff2
xencel.com/ 25 KB
25 KB 627ms
626ms Font
font/woff2 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/pfbeausanspro-bold-webfont.4870f99dd015ac639421.woff2
Requested by: Host: xencel.com
URL: https://xencel.com/styles.51b89efc20e0e54e7086.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a502c4b365f644f6eb498cd67d459c11dbab6d5b024f58b86218ecee7258e5c7

Request headers

Referer: https://xencel.com/styles.51b89efc20e0e54e7086.css
Origin: https://xencel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:22 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 02:17:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC69Fgpp2u6WCDunE78enVZz%2FOeYZZ1A%2B%2FqIaQS9r84josEp6dxXkgAKNeF34EGDqAiIXbKmE96x66dnmQ6bItNmZ2FEUgpLwvcZixKkpaGKjxcTZ2pXdDt3w6b3faaaTJYrjBZtbHUF"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84d2f945ccd63826-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25236
expires: Mon, 05 Feb 2024 16:50:22 GMT

GET
H3 200 pfbeausanspro-reg-webfont.be8262f6f93a8b345acd.woff2
xencel.com/ 25 KB
25 KB 636ms
636ms Font
font/woff2 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/pfbeausanspro-reg-webfont.be8262f6f93a8b345acd.woff2
Requested by: Host: xencel.com
URL: https://xencel.com/styles.51b89efc20e0e54e7086.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7de9e7a9d927da32a7c521e6a78e574468867277676591bdf6d0cf38a0dac7

Request headers

Referer: https://xencel.com/styles.51b89efc20e0e54e7086.css
Origin: https://xencel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:22 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 02:17:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frxKRIsWlNQDJ88tlw6uTzpH0Qm6VRC974rBW1MPrCGtFuyq1V7ro2alade7Kn6sg%2B5qDnGobQfkStOUpY4OvsEB9Vyh2MKGl%2Fa3A01uJHIn8MKiM7VynAWb3VlG%2BYqCYhnNzXQGfD9G"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84d2f945ccd73826-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25216
expires: Mon, 05 Feb 2024 16:50:22 GMT

GET
H3 200 pfbeausanspro-thin-webfont.78b53d9b7ecdf6e3ae35.woff2
xencel.com/ 24 KB
24 KB 620ms
620ms Font
font/woff2 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xencel.com/pfbeausanspro-thin-webfont.78b53d9b7ecdf6e3ae35.woff2
Requested by: Host: xencel.com
URL: https://xencel.com/styles.51b89efc20e0e54e7086.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba8806694863df8a5f69887588ade5670433c22271ed26a7fbc29b09dc143d63

Request headers

Referer: https://xencel.com/styles.51b89efc20e0e54e7086.css
Origin: https://xencel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:22 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 02:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FQLmv4kxvMgQnANhCqWAJJ1YBiSSfxrRMzqGoZ2YC118hiMoKMA8uGLTuq7ycqW2mYZqs2VvgnyWXGmrAao%2FWiJQQ1ruKw3DMRaE%2BbdV%2BIu%2FnwvMT%2FRvdKSe2KShOwnEZRJdf%2FZuxMq"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84d2f945ccda3826-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24492
expires: Mon, 05 Feb 2024 16:50:22 GMT

GET
H2 200 Paga-tu-CMR_v1.png
images.ctfassets.net/jsyhqx93uo07/12rNYYTJoAtV78bqfWvZD3/0365133656545786eeefce1b4a98c4da/ 7 KB
7 KB 14ms
13ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/12rNYYTJoAtV78bqfWvZD3/0365133656545786eeefce1b4a98c4da/Paga-tu-CMR_v1.png?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f9d2e8cde517065375cacc780cb3806892bdced51b04cea32401bf6dc2f1e1ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 19:43:36 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 12:17:52 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 76005
etag: "7c3c63576e6fafb5c6348bcc59ca846c"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 6982
x-amz-cf-id: 3N6AARRwmr6LmZ-6Eb-8NWDNmj_Her754DtPPyeemInU3EEMbio7-g==

GET
H2 200 banca_por_internet_clave_internet_token_movil.jpg
images.ctfassets.net/jsyhqx93uo07/64UXtVQ0bV50Rci9c04qav/0bae8918557defd608793e54f94e430c/ 5 KB
5 KB 25ms
24ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/64UXtVQ0bV50Rci9c04qav/0bae8918557defd608793e54f94e430c/banca_por_internet_clave_internet_token_movil.jpg?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c12d2f24ce44d36248b889316b9178b0f68120eaf8f4ebb4fceca41685763939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 16:51:00 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 23445
etag: "939817c3797b61e8a7169af0b9278cb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 5086
x-amz-cf-id: l_R8nrY1L4Kiu7jZrLWhzeqjNbwulTe27vbn9o7coUvutYD0RRjxiA==

GET
H2 200 Solicita-Adicional_v1.png
images.ctfassets.net/jsyhqx93uo07/486NEOvAnbcfixUhmSDv77/c3b7970cea4e02bb7ba06fe74b432938/ 6 KB
7 KB 22ms
21ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/486NEOvAnbcfixUhmSDv77/c3b7970cea4e02bb7ba06fe74b432938/Solicita-Adicional_v1.png?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 452f984842946fd52328155800cef24669845ffccadb31b53a524815a155defa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 19:43:36 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 12:11:54 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 76005
etag: "02fa3cad6a7af4954da80ac88e46fdd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 6580
x-amz-cf-id: N8S_GdM0ADvYtURfQaOUzE5qzYEEQF5OdVZsH3zBJIsqmQno8Y0Liw==

GET
H2 200 transferencias-interbancarias_v1.png
images.ctfassets.net/jsyhqx93uo07/5yI4hI9A0ermYWYDT2bUqU/5eed375fe98ebbc96a05d436a6a51839/ 4 KB
5 KB 23ms
22ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/5yI4hI9A0ermYWYDT2bUqU/5eed375fe98ebbc96a05d436a6a51839/transferencias-interbancarias_v1.png?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ab4b4e4980e6f9c11cbc4d97aa830f8a92c052f8c9c235a8449b61c1b4f91fee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jan 2024 15:19:06 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 535
etag: "a4b80b133d50b172b944f0d3a846fce8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 4240
x-amz-cf-id: tdgniQsrfxNsCTotTp4IZsrevA6P-5o27FcfWdW40Ys89DsBZP0x_g==

GET
H2 200 Banner_Carrusel_Web_CentroAyuda_388x260_V6__1_.png
images.ctfassets.net/jsyhqx93uo07/3Hxw7EakqtuTswOSMdABjF/ca137d09cea11ad2f770fc9a1dd25fb3/ 4 KB
5 KB 22ms
21ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/3Hxw7EakqtuTswOSMdABjF/ca137d09cea11ad2f770fc9a1dd25fb3/Banner_Carrusel_Web_CentroAyuda_388x260_V6__1_.png?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: fe3a1afbe486d69fc633195fc2f44c6916b322211844a336de56ee4a3af14a55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Sun, 24 Dec 2023 12:18:42 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 533
etag: "c92e24dafb6f92c4d4f9258190b2ae3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 4584
x-amz-cf-id: 511UGfd3k1ZN-xHhlZF7mHbdN97uW-hmcsN4GvSb_7VFJSx2K-TgMQ==

GET
H2 200 solicitar_rapicash_online_pedir_prestamo_con_tarjeta_de_credito.jpg
images.ctfassets.net/jsyhqx93uo07/fL0T9Et3tAwjQH5NjHzcE/b5c22c727d497e1fe06ddff81d826bf6/ 12 KB
13 KB 24ms
23ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/fL0T9Et3tAwjQH5NjHzcE/b5c22c727d497e1fe06ddff81d826bf6/solicitar_rapicash_online_pedir_prestamo_con_tarjeta_de_credito.jpg?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 1464c64199488a3115e864b69ab61145bd8e8c0027f540535d26179cbffb0a3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 12:51:02 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 534
etag: "73d033e94460a926b3711eb328cf5570"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 12478
x-amz-cf-id: OBRymjmM7FxM8tbuRo8IawWy-KQPWsPTMsgtlRDoScE9oWuD3k-1jA==

GET
H2 200 cuenta-ahorro-clasico_home_BF.png
images.ctfassets.net/jsyhqx93uo07/1NyjURlMN448m2Ehj2nTLp/37363d0359a53cfd8f410905e3f90d4b/ 13 KB
13 KB 26ms
25ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/1NyjURlMN448m2Ehj2nTLp/37363d0359a53cfd8f410905e3f90d4b/cuenta-ahorro-clasico_home_BF.png?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b29dcfa9f3dc37d4653e02a301f034cded9225abc7babc452e66b285a7ab7aff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2024 09:20:57 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 120
etag: "5b4a86c01f1e6bf5bb9dd0f6a55b6676"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 13192
x-amz-cf-id: EeG1d-aA1NfRq77iA5C0QOy5HATmU7OiagZe5Djjdc63b48oV2rnZQ==

GET
H2 200 banner-636x350-cmr-agosto__1_.png
images.ctfassets.net/jsyhqx93uo07/BctFesvpeVmMXq3Gng83W/ea77a34d930801d1c450076da83bb2fe/ 28 KB
29 KB 27ms
26ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/BctFesvpeVmMXq3Gng83W/ea77a34d930801d1c450076da83bb2fe/banner-636x350-cmr-agosto__1_.png?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0d4019d438bf9f0023abf829d01bb1066c118b2c6e3389413168d95812c8915f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 15:41:28 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 534
etag: "8b49bf41d6ddcf3950f16807d0a026ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 28796
x-amz-cf-id: Qz6-9XTJiMPZapVFbJxSnClvttEqzAKQMEYim6fxZREqrJunpGxcVg==

GET
H2 200 banner-web-pg-1.png
images.ctfassets.net/jsyhqx93uo07/4UQ8mGHC1g9jlaP9oXAWJU/c0267154a90af012a69bf8131ea96c79/ 19 KB
19 KB 28ms
27ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/4UQ8mGHC1g9jlaP9oXAWJU/c0267154a90af012a69bf8131ea96c79/banner-web-pg-1.png?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2e5fbb95d8a91e01d65b3a2b0ad3cce8e630a26e1db8393894e8d380f822cd13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:21 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Wed, 03 Jan 2024 01:11:46 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 15869
etag: "55087ba15b38d5adfb12dafb2e94f06f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 19268
x-amz-cf-id: JSmcCSfb4epPbWihm0QKmNVc-RSceX0qkv7fP5_L48nX2VRWruuloQ==

GET
H2 200 oportunidades_unicas_tarjeta_de_credito_cmr_online_comprar.jpg
images.ctfassets.net/jsyhqx93uo07/5fmgbYGhzXAndrPdkr4Gs4/1181895ad31aad4fd36fd36a9e3c6d24/ 38 KB
38 KB 29ms
14ms Image
image/webp 2600:9000:211e:4e00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/jsyhqx93uo07/5fmgbYGhzXAndrPdkr4Gs4/1181895ad31aad4fd36fd36a9e3c6d24/oportunidades_unicas_tarjeta_de_credito_cmr_online_comprar.jpg?fm=webp&q=70
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 8713642ace126bc5407bdafeecbce80d54706eb33a597585327c63091e7693a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 19:43:34 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:54:08 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 76007
etag: "4990c0f9ac93eec02d3e32953713f15c"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 38744
x-amz-cf-id: nbVwnld7I2Na8qdhwt7huvIzPihdoRL0MuQtKFnpWfqW3Vzm9CO5cg==

GET
H2

200

activityi;dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;t... Show response
8645928.fls.doubleclick.net/ Frame 4E8A
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0...
https://8645928.fls.doubleclick.net/activityi;dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi...

683 B
712 B

130ms
130ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F726d1ffb-8bbf-48ac-bd3c-30b62188609f-00-6hepv77rrgmd.spock.replit.dev%2F?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

a59ad9aad95e9237729f70b4dcffcd01b30c96633b12c18de3de3517251cc58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 417
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Mon, 29 Jan 2024 16:50:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F726d1ffb-8bbf-48ac-bd3c-30b62188609f-00-6hepv77rrgmd.spock.replit.dev%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64... Show response
8645928.fls.doubleclick.net/ Frame 4CC0
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=...
https://8645928.fls.doubleclick.net/activityi;dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;d...

659 B
688 B

189ms
189ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FGilmer%2FDesktop%2Ffalabella%2Findex.html?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

3342e064beed4e6e2f97279b0b827d9c8b75acddc34bd584f6a0e3e8d10ac2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Mon, 29 Jan 2024 16:50:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FGilmer%2FDesktop%2Ffalabella%2Findex.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;ta... Show response
8645928.fls.doubleclick.net/ Frame CD48
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;...
https://8645928.fls.doubleclick.net/activityi;dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;...

684 B
810 B

183ms
183ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F7d6852d5-b259-418e-8121-4cf7efc1ba43-00-138wvmjik5xce.picard.replit.dev%2F?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

ab8dab327a9403ae001ed9846090b623216ffe4f86bfd6b6b6060bcf8355b7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Mon, 29 Jan 2024 16:50:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F7d6852d5-b259-418e-8121-4cf7efc1ba43-00-138wvmjik5xce.picard.replit.dev%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_... Show response
8645928.fls.doubleclick.net/ Frame D420
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;ta...
https://8645928.fls.doubleclick.net/activityi;dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gt...

680 B
809 B

123ms
121ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fd18adc05-3c41-492a-9312-0879aaf85434-00-1rwtndj0owdt.kirk.replit.dev%2F?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

a36e17c664f177a05a817c6476b28c2f05229239df2d3e18c5b41a2618b2082c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 417
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Mon, 29 Jan 2024 16:50:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fd18adc05-3c41-492a-9312-0879aaf85434-00-1rwtndj0owdt.kirk.replit.dev%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;ta... Show response
8645928.fls.doubleclick.net/ Frame 98AE
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;...
https://8645928.fls.doubleclick.net/activityi;dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;...

779 B
860 B

125ms
124ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

96a14dd8299dbff1b301c247576df0849d7e318d747f09da3e611f5a25d5720e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 468
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Mon, 29 Jan 2024 16:50:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=6... Show response
td.doubleclick.net/td/fls/rul/ Frame F4B2 13 B
184 B 100ms
27ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;ta... Show response
8645928.fls.doubleclick.net/ Frame 23FD
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;...
https://8645928.fls.doubleclick.net/activityi;dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;...

635 B
716 B

124ms
124ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bancofalabella.pe%2F?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

f4b1ea745b245b790c7be8ca96da877f607132bf58380d1fd95dc12fb3bbae9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 378
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Mon, 29 Jan 2024 16:50:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bancofalabella.pe%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 111ms
111ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C96BHERC77UB71TGI2OG&lib=ttq
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 354584e177d94afc025297b8ea971d988631f3e2992b42025c21068de1510fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 6648bd65
date: Mon, 29 Jan 2024 16:50:21 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240129165021BAA46FFEB3928CE563AC-0EF308C2CA362D89-00
x-cache: TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
content-length: 1347
pragma: no-cache
server: nginx
x-tt-logid: 20240129165021BAA46FFEB3928CE563AC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,104.126.37.181
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e7ce56f7bd27ba78029b9f0cfa6b72730a1611011f7f77f2454f85a65923c8ed0304fc3f60bf4e58b6739ca0c2798692c2317dfa009ef4b521f5f795e713aad57eaeeea2c16948fb0ccab72db0948fb5d8
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H3 200 ic-whatsapp-logo.3865b18c3f6fb79ecee1.svg
xencel.com/ 4 KB
2 KB 515ms
515ms Image
image/svg+xml 2606:4700:3035::6815:2113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xencel.com/ic-whatsapp-logo.3865b18c3f6fb79ecee1.svg
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9cb2f9cbcfb2fb1337b91afe317f9022044103a33eaa28d0bff8749c63b7321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 02:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRG2q96kMGRV4Bbrvp8ZWrYxnJEdDzM44wv9yrmSNwzWLo%2FyW10wgIMzG3fc%2FneC3hGv8Dc6hc%2BygxcwlbzDEv2qegz5uiZoGFG4WMG%2BcL6pv8WoQ8q6JqyyNXG38N1lQcm1d%2B%2FEubVO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84d2f945ecfb3826-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 16:50:22 GMT

GET
H2

200

activityi;dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;ta... Show response
8645928.fls.doubleclick.net/ Frame 7A21
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;...
https://8645928.fls.doubleclick.net/activityi;dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;...

683 B
718 B

124ms
124ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F6fe5fc55-3a40-4dce-8f59-21f76c417d29-00-1jlx3vuzyjhrs.riker.replit.dev%2F?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

ff022dad83bd896359b6aae46531c80f636bf7c6c5958d11b68f978f649cd608

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 419
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Mon, 29 Jan 2024 16:50:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F6fe5fc55-3a40-4dce-8f59-21f76c417d29-00-1jlx3vuzyjhrs.riker.replit.dev%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag... Show response
8645928.fls.doubleclick.net/ Frame 17F9
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;t...
https://8645928.fls.doubleclick.net/activityi;dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;g...

682 B
443 B

135ms
130ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

89fd5b8aa741699f0621a179e01a07b050a703f419be5a36706aac50ef99c92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 419
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:22 GMT
expires: Mon, 29 Jan 2024 16:50:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab... Show response
td.doubleclick.net/td/fls/rul/ Frame B89D 13 B
531 B 51ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F?

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%... Show response
8645928.fls.doubleclick.net/ Frame 363C
Redirect Chain

https://8645928.fls.doubleclick.net/activityi;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3...
https://8645928.fls.doubleclick.net/activityi;dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1...

432 B
277 B

242ms
240ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8645928.fls.doubleclick.net/activityi;dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%2F%2Fxencel.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8645928&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

57f2f2daa889443b50a4e704bb86c4111b17d19ee35551382e8cc488464f1de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xencel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 254
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:22 GMT
expires: Mon, 29 Jan 2024 16:50:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8645928.fls.doubleclick.net/activityi;dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%2F%2Fxencel.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 151ms
14ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 155ms
19ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 157ms
22ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 155ms
20ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 164ms
14ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 152ms
18ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 157ms
23ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 168ms
13ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 161ms
9ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 168ms
15ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

POST
H2 200 collect
www.google-analytics.com/ 35 B
237 B 15ms
14ms Ping
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://xencel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 88ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-55867730-1&cid=1285215199.1706547022&jid=1375134011&gjid=1285725197&_gid=1497271991.1706547022&_u=aGBAgEABEAAAAEAHK~&z=629793649

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xencel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KMJCS9WZ6R&gtm=45je41o0z878463597&_p=1706547020940&gcd=11l1l1l1l1&dma=0&cid=1285215199.1706547022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706547022&sct=1&seg=0&dl=https%3A%2F%2Fxencel.com%2F&dt=Banco%20Falabella&en=page_view&_fv=1&_ss=1&tfd=2112
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KMJCS9WZ6R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xencel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 189ms
188ms Ping
text/plain 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 468971d.6648c489
date: Mon, 29 Jan 2024 16:50:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401291650227EB7F22855F77CE9A8A4-204B9C5E2D8F7826-00
x-cache: TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 147,104.126.37.181
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=61, inner; dur=58
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401291650227EB7F22855F77CE9A8A4
x-cache-remote: TCP_MISS from a23-48-200-48.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 61,23.48.200.48
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e7bd45ae3c656f8604201225b27934923aa120485d7ae038e8f30ccadbf23a05d009101a79deb67a23f0767e8e48a17dc2f885ae5e64b5bab93d61f172f852dbc2f97c8ef005b7a1326800f1d8613b19f2ed3a2e5250328bfb1bb7086dff751a01
access-control-allow-headers: Authorization,*
expires: Mon, 29 Jan 2024 16:50:22 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
704 B 180ms
180ms Ping
text/plain 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6648c48a
date: Mon, 29 Jan 2024 16:50:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24012916502296A57AC3F2A001E91BF3-5F5D597B1CD2DB84-00
x-cache: TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=45, cdn-cache; desc=MISS, edge; dur=8, origin; dur=138
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024012916502296A57AC3F2A001E91BF3
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 138,104.126.37.181
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e7ce56f7bd27ba78029b9f0cfa6b72730afcc12ccac4a96d310f0ae545022459622d7ba083376dfef4a4c7541c840e1b73760a3710de83de8138457769e7546b390e641b60a855e321960b5bf29500f570
access-control-allow-headers: Authorization,*
expires: Mon, 29 Jan 2024 16:50:22 GMT

GET
H2 200 dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=*;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64...
adservice.google.com/ddm/fls/z/ Frame 23FD 42 B
107 B 187ms
164ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=*;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bancofalabella.pe%2F

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=CL_EnoiHg4QDFYO10QQdfgMLEw;src=8645928;type=invmedia;cat=pixel00;ord=6591209492009;auiddc=312970982.1704731773;ps=1;pcor=1695322539;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.bancofalabella.pe%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=*;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;u...
adservice.google.com/ddm/fls/z/ Frame D420 42 B
107 B 186ms
164ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=*;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fd18adc05-3c41-492a-9312-0879aaf85434-00-1rwtndj0owdt.kirk.replit.dev%2F

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=COLRnoiHg4QDFaax0QQdB0MF6w;src=8645928;type=invmedia;cat=pixel00;ord=4471070335010;auiddc=216090930.1706123130;ps=1;pcor=17138367;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fd18adc05-3c41-492a-9312-0879aaf85434-00-1rwtndj0owdt.kirk.replit.dev%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=*;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;ua...
adservice.google.com/ddm/fls/z/ Frame 98AE 42 B
401 B 185ms
164ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=*;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=CNvRnoiHg4QDFeet0QQd-gUNmQ;src=8645928;type=invmedia;cat=pixel00;ord=8844111778730;auiddc=216090930.1706123130;ps=1;pcor=1994006036;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=1;uam=SM-G981B;uap=Android;uapv=13;uaw=0;epver=2;~oref=https%3A%2F%2F721b3edc-04be-452f-9d86-7fbdcbfc2d30-00-kxfj7bqom4pp.picard.replit.dev%2F%3FidentificationTypeContext%3DDNI%26inputUserDesktop%3D124124%26inputPasswordDesktop%3D124124?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=*;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;...
adservice.google.com/ddm/fls/z/ Frame 7A21 42 B
107 B 182ms
164ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=*;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F6fe5fc55-3a40-4dce-8f59-21f76c417d29-00-1jlx3vuzyjhrs.riker.replit.dev%2F

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=CLfXnoiHg4QDFdUDTwgdkyAHlw;src=8645928;type=invmedia;cat=pixel00;ord=803657376227;auiddc=1101910310.1706117348;ps=1;pcor=1191039735;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F6fe5fc55-3a40-4dce-8f59-21f76c417d29-00-1jlx3vuzyjhrs.riker.replit.dev%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=*;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64...
adservice.google.com/ddm/fls/z/ Frame 4E8A 42 B
107 B 181ms
164ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=*;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F726d1ffb-8bbf-48ac-bd3c-30b62188609f-00-6hepv77rrgmd.spock.replit.dev%2F

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=CP7cnoiHg4QDFZQHTwgd9ssM2Q;src=8645928;type=invmedia;cat=pixel00;ord=4481833799495;auiddc=1101910310.1706117348;ps=1;pcor=1031335515;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F726d1ffb-8bbf-48ac-bd3c-30b62188609f-00-6hepv77rrgmd.spock.replit.dev%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=*;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;...
adservice.google.com/ddm/fls/z/ Frame CD48 42 B
107 B 185ms
169ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=*;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F7d6852d5-b259-418e-8121-4cf7efc1ba43-00-138wvmjik5xce.picard.replit.dev%2F

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=COnVnoiHg4QDFQsKTwgdfKAFwQ;src=8645928;type=invmedia;cat=pixel00;ord=956471379152;auiddc=1101910310.1706117348;ps=1;pcor=1784849931;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2F7d6852d5-b259-418e-8121-4cf7efc1ba43-00-138wvmjik5xce.picard.replit.dev%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not...
adservice.google.com/ddm/fls/z/ Frame 4CC0 42 B
107 B 182ms
166ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FGilmer%2FDesktop%2Ffalabella%2Findex.html

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=CJrWnoiHg4QDFau80QQdG9wBqQ;src=8645928;type=invmedia;cat=pixel00;ord=2620552510188;ps=1;pcor=334053943;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FGilmer%2FDesktop%2Ffalabella%2Findex.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/ 16 B
510 B 57ms
10ms XHR
application/json 5.75.153.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bfaf6gq7.staticmon.com/tun/bfaf6gq7/input/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.75.153.142 Heinrichsthal, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.142.153.75.5.clients.your-server.de

Software

nginx/1.21.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Date: Mon, 29 Jan 2024 16:50:22 GMT
Strict-Transport-Security: max-age=60; includeSubDomains; preload
Server: nginx/1.21.0
Vary: Cookie
Allow: POST, OPTIONS
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
Content-Length: 16
X-XSS-Protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 65ms
43ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-55867730-1&cid=1285215199.1706547022&jid=1375134011&_u=aGBAgEABEAAAAEAHK~&z=1227318080

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 62ms
41ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-55867730-1&cid=1285215199.1706547022&jid=1375134011&_u=aGBAgEABEAAAAEAHK~&z=1227318080

Requested by

Host: xencel.com
URL: https://xencel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
st.dynamicyield.com/ 49 KB
6 KB 122ms
122ms Script
text/javascript 2600:9000:237d:ac00:15:ad21:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.dynamicyield.com/st?sec=8774592&inHead=true&id=0&jsession=&ref=&scriptVersion=2.23.0&dyid_server=
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:ac00:15:ad21:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcf0ef878722fdec576ee72d4ef15192d4730044da23c37b196f8e855ff73824

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:50:22 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: no-cache
x-amz-cf-id: 86-U_jW60ubjj70Df9qmSji0QmZQtbHBGpccr2T_4yqjHsvHimclpg==
expires: Mon, 29 Jan 2024 16:50:21 GMT

GET
H/1.1 200
OK DetectCA.png
detectca.easysol.net/detectca/images/eR881v0fKOmLNU5IJJNH0RhxcStatD/ 82 B
296 B 92ms
92ms Image
image/png 107.23.44.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://detectca.easysol.net/detectca/images/eR881v0fKOmLNU5IJJNH0RhxcStatD/DetectCA.png?ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.224%20Safari/537.36&sr=1600%20x%201200&url=https://xencel.com/&rf=&nc=0.09393647322245169
Requested by: Host: xencel.com
URL: https://xencel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 107.23.44.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-44-14.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xencel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 29 Jan 2024 16:50:22 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=*;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;u...
adservice.google.com/ddm/fls/z/ Frame 17F9 42 B
107 B 163ms
163ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=*;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=CIOUpYiHg4QDFVyh0QQdvV4NYw;src=8645928;type=invmedia;cat=pixel00;ord=5333501440366;auiddc=1101910310.1706117348;ps=1;pcor=30139623;pscdl=noapi;gtm=45fe41m0;gcd=11l1l1l1l1;dma=0;tag_exp=71847096;uaa=x86;uab=64;uafvl=Not_A%2520Brand%3B8.0.0.0%7CChromium%3B120.0.6099.225%7CGoogle%2520Chrome%3B120.0.6099.225;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;epver=2;~oref=https%3A%2F%2Fcee63275-0411-4784-9eb0-3e17a6de5c24-00-19cq7h587qzcg.riker.replit.dev%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
704 B 127ms
127ms Ping
text/plain 104.126.37.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6648c759
date: Mon, 29 Jan 2024 16:50:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401291650229F781A88715F2C5B7085-2B2ABC0628725205-00
x-cache: TCP_MISS from a104-126-37-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=9, origin; dur=109
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401291650229F781A88715F2C5B7085
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 109,104.126.37.181
x-tt-trace-host: 01298db42370454958dde2a4f129e6e2e7ce56f7bd27ba78029b9f0cfa6b72730a8a870a1d253785e98d51e62dc57cb2d44d991574fedbb5cbde4aa7563349c86e1b1e06ecbac43f72f2184fb3c77e403b3267d55a8f0ba6ddeaa3776ded07296f
access-control-allow-headers: Authorization,*
expires: Mon, 29 Jan 2024 16:50:22 GMT

GET
H2 200 dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=*;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%2F%2Fxencel.com%2F
adservice.google.com/ddm/fls/z/ Frame 363C 42 B
107 B 162ms
161ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=*;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%2F%2Fxencel.com%2F

Requested by

Host: 8645928.fls.doubleclick.net
URL: https://8645928.fls.doubleclick.net/activityi;dc_pre=CMPspoiHg4QDFeO-0QQdDhsCrw;src=8645928;type=invmedia;cat=pixel00;ord=3210254089471;auiddc=963830962.1706547022;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=https%3A%2F%2Fxencel.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8645928.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 400
Bad Request /
eum-red-saas.instana.io/ 11 B
211 B 756ms
183ms Ping
text/plain 44.239.191.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-red-saas.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.191.39 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-191-39.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 158f66e524e9465bd53af835e4c7a34ca0fb6ea8b99d901a4bd19a7fcdfad8c0

Request headers

Referer: https://xencel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Mon, 29 Jan 2024 16:50:24 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 11

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/location/location.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/extend-native-history-api.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/requests.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/location/location.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/extend-native-history-api.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/requests.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/location/location.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/extend-native-history-api.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/requests.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/location/location.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/extend-native-history-api.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/requests.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Fallabela (Banking)

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-21 03:24:03	Name: _ttp Value: 2bdZfhQNliPd85qSmX4CF6VTKP0
.xencel.com/	1970-01-20 20:12:03	Name: _gcl_au Value: 1.1.963830962.1706547022
.dynamicyield.com/	1970-01-21 02:49:29	Name: DYID Value: -4012707025764211592
.dynamicyield.com/	1969-12-31 23:59:59	Name: DYSES Value: 934bd0ed5740f4a0afdedf9f228d80c1
.doubleclick.net/	1970-01-20 22:21:39	Name: receive-cookie-deprecation Value: 1
.xencel.com/	1970-01-20 18:03:53	Name: _gid Value: GA1.2.1497271991.1706547022
.xencel.com/	1970-01-20 18:02:27	Name: _dc_gtm_UA-55867730-1 Value: 1
.doubleclick.net/	1970-01-21 03:24:03	Name: IDE Value: AHWqTUk2khKMBAqAuFkkjNLReSEn8BqTkZ67QMqFTUzjugu-RdHmtIonol6Aq0jEvlk
.xencel.com/	1970-01-21 03:38:27	Name: _ga_KMJCS9WZ6R Value: GS1.1.1706547022.1.0.1706547022.0.0.0
.xencel.com/	1970-01-21 03:38:27	Name: _ga Value: GA1.1.1285215199.1706547022
.xencel.com/	1970-01-21 03:24:03	Name: _tt_enable_cookie Value: 1
.xencel.com/	1970-01-21 03:24:03	Name: _ttp Value: H5e8ma-UBaufUtVatmMaoS0CH5A
.xencel.com/	1970-01-20 18:45:39	Name: _dy_ses_load_seq Value: 16070%3A1706547022264
.xencel.com/	1969-12-31 23:59:59	Name: _dy_csc_ses Value: t
.xencel.com/	1970-01-20 18:45:39	Name: _dy_c_exps Value:
.fif.tech/	1970-01-20 18:02:28	Name: __cf_bm Value: .uGFkZ0lMGivJ0qIecuux.lbUavRUrMht_Ed6MeYPAk-1706547022-1-ATLvC3qloaIW1izCehmzecWYiy9mUy5gGSkVFq2chfUJCqj6MnaRPnojHW935N0egmpqvanSIgdVlFlHC5mgHQRJ/B4qSNdqppON93TbkQ+Q
.fif.tech/	1969-12-31 23:59:59	Name: __cfruid Value: 3815890a2db44a1ef64cd14bbe56c8b078d2b66f-1706547022
.xencel.com/	1970-01-21 02:48:03	Name: _dy_soct Value: 488367.897058.1706547022554564.1069690.1706547025562530.1099896.1706547025
xencel.com/	1970-01-20 18:02:27	Name: _dd_s Value: rum=0&expire=1706547921904

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/location/location.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/extend-native-history-api.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/requests.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/location/location.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/extend-native-history-api.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/requests.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/location/location.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/extend-native-history-api.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/requests.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/location/location.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/extend-native-history-api.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/libs/requests.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://xencel.com/assets/icons/ic-prev-slide.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xencel.com/runtime-es2015.51917490486e0476e183.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xencel.com/polyfills-es2015.af9f8798171e8857bce9.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xencel.com/main-es2015.7f6a638e8a3e0ab40bdf.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://xencel.com/(Line 893) Message: Origin trial controlled feature not enabled: 'join-ad-interest-group'.
network	error	URL: https://xencel.com/assets/icons/ic-next-slide.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xencel.com/assets/libro-reclamacion.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xencel.com/scripts.270e99c0bb84a944a79e.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xencel.com/assets/icons/ic-help.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://eum-red-saas.instana.io/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8645928.fls.doubleclick.net
adservice.google.com
ajax.googleapis.com
analytics.tiktok.com
bfaf6gq7.staticmon.com
cdn.dynamicyield.com
connect.facebook.net
detectca.easysol.net
eppiocemhmnlbhjplcgkofciiegomcon
eum-red-saas.instana.io
eum.instana.io
images.ctfassets.net
script.hotjar.com
st.dynamicyield.com
static.fif.tech
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
unruffled-shannon-1a7413.netlify.app
web-sdk.smartlook.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
xencel.com
eppiocemhmnlbhjplcgkofciiegomcon
104.126.37.185
104.18.246.44
107.23.44.14
108.138.32.115
172.217.16.198
18.173.154.84
18.66.192.39
2001:4860:4802:38::178
2600:9000:20a0:5600:a:b89d:a6c0:93a1
2600:9000:211e:4e00:12:94b3:c380:93a1
2600:9000:237d:ac00:15:ad21:c740:93a1
2606:4700:3035::6815:2113
2606:4700::6810:cb16
2a00:1450:4001:802::2002
2a00:1450:4001:809::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:6ea0:c700::10
2a03:2880:f084:105:face:b00c:0:3
2a05:d014:58f:6200::64
44.239.191.39
5.75.153.142
008e1a85392fa6c8a3edc7ca913e9e022495215fb37eda11f5c04f093986a9a8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d4019d438bf9f0023abf829d01bb1066c118b2c6e3389413168d95812c8915f
137fd2319109bc7edcee6316ff2b0f66c11fed901768405244b236766ecb912d
1464c64199488a3115e864b69ab61145bd8e8c0027f540535d26179cbffb0a3d
158f66e524e9465bd53af835e4c7a34ca0fb6ea8b99d901a4bd19a7fcdfad8c0
162e45acfeac0ee73784013b64ea0696682f813d766ecc29cf842d08190384d9
1e0326d1af4f35605a74434e6292a3c190efaf8fd8fdfe8151d35384debe64d1
1e31bfb0d66b6160813438402e27d6f3cc0205920161b024699363495b97e0d6
28a6fdd83eb858f126fc5b8c408c0bf49fda96e9dedb44d893d88932cc40294d
2e5fbb95d8a91e01d65b3a2b0ad3cce8e630a26e1db8393894e8d380f822cd13
3342e064beed4e6e2f97279b0b827d9c8b75acddc34bd584f6a0e3e8d10ac2ab
343160097eb12156ef49457815639f68dbd2ec73d272741eef7c5805339fb690
354584e177d94afc025297b8ea971d988631f3e2992b42025c21068de1510fef
399c937d2b00ad0b7bcbca3b09df0f770dbc514b9c3b293dc6518406431430be
3b7440021fda30ca271e4b1af08f52a84740a494e58b6afec88f7d1b9a6df681
3ee570daba682c5f398e67884a79874d7a1e30abf2f0d3b32dbb6fa922ac1ca2
3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e
452f984842946fd52328155800cef24669845ffccadb31b53a524815a155defa
49139bb8487f9a594f64fd433bb59e6a746964f1e71cc6ea6377ff5f85c0e02b
57f2f2daa889443b50a4e704bb86c4111b17d19ee35551382e8cc488464f1de4
6307e3342603f7a2c52be07da21708c2cd46f2cebe0e5b5aa5f4491b1f76a252
7b10e5a55f8e6392608b87724787c97449eaf080911fb0d24abb6e2b925713a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851ca5e9fdb91487fd1b766b56e7d50ab35ce7c73340d1637b14279cd0515d0d
8713642ace126bc5407bdafeecbce80d54706eb33a597585327c63091e7693a3
8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f
89183010b8f2a67c2e0020b4f6d75cf2b9f7ed25992eb6f2498956478f24ee8b
89fd5b8aa741699f0621a179e01a07b050a703f419be5a36706aac50ef99c92d
8bc6bebc2a25b32582d9412e118b0f81059a06232a599385d6833c4d7cccb097
8c0a0d5f18b8ad0ed53dea0138d74be554159da6f1992ebb9b74e3a729df81a1
92379c1a60ad17058baa2f596fa895c4682e8f543baa9c5957f23e552f22f55b
96a14dd8299dbff1b301c247576df0849d7e318d747f09da3e611f5a25d5720e
9ab7d9748bdfba5d61ea83f56d3f0db0fc4a4f822c624fa4bfa26e2e6deb4512
9b6bbbb43233258760b2f06274468f23ba75572678aeff3a6d3db1a2aa6cbe0c
a36e17c664f177a05a817c6476b28c2f05229239df2d3e18c5b41a2618b2082c
a502c4b365f644f6eb498cd67d459c11dbab6d5b024f58b86218ecee7258e5c7
a59ad9aad95e9237729f70b4dcffcd01b30c96633b12c18de3de3517251cc58a
a6e2b19c5b1ff3570e237e93eab78d4722d2fd28b5c0cb14dd07b2e63e8499df
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a89c69dc3f40af4df3df3184823bcac43c404dbb2dcee5328731a7e86a1969a6
a9cb2f9cbcfb2fb1337b91afe317f9022044103a33eaa28d0bff8749c63b7321
ab4b4e4980e6f9c11cbc4d97aa830f8a92c052f8c9c235a8449b61c1b4f91fee
ab50e1e490117df2591a26ac55e11ba3dc3ad8d7297166ea6291620cfde4e4f4
ab8dab327a9403ae001ed9846090b623216ffe4f86bfd6b6b6060bcf8355b7a8
ad517a7a22f30e2f479eba29aacd507b83fa9230eb593fc6d2f62b7716c0aaaf
ae021b3f1e396802a4ea4670700ee24d3320f72033f61b6d4b945d9d4775c0be
b29dcfa9f3dc37d4653e02a301f034cded9225abc7babc452e66b285a7ab7aff
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b7b1bbf44c590f7eb630ddff3160f294b81fbaca2d708fe66a33da8862e5addd
ba124cff5d94d03953199afa7c7e54ff69625107f8a493a3ccd755f6096ab63a
ba8806694863df8a5f69887588ade5670433c22271ed26a7fbc29b09dc143d63
c12d2f24ce44d36248b889316b9178b0f68120eaf8f4ebb4fceca41685763939
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c986e50bf1ccda541e1ac287ad5906bf92fa0db159dc1aa3b87311462c6440fa
ca2613f315c93819ed7c4a14d44dcf8b041a71c5e032bd0aec9b399a6f4eb491
cbff7e6d5536fe45c2ed2f12cb2b725a460a22baa969ad4d093c3c004649214c
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
ce25a7765ed12e77afec71548793f5ab3ea89bd9851d15c97c17c55130c63ced
cf7de9e7a9d927da32a7c521e6a78e574468867277676591bdf6d0cf38a0dac7
d5bd5120d33e271fc9f0f32a8310594eadd543bfcf90b6c46107cad4d86fac07
dae56141e1aa87e5a8a188a420ae36ffb609033f40294f75e3f9e76f6378ec0b
dcf0ef878722fdec576ee72d4ef15192d4730044da23c37b196f8e855ff73824
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e14cfdff7c80a9f1f400cb90dc1adf7f3f49a6c183279187e0411e2511efb27f
e31d34f3a651c988a2d0c7f70350bcd01e807c9387040ddda086bb3121ee048e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2cc045d89661389477f56a5a16e9d9dc5661656f17f273b6cda5b76151243e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b1ea745b245b790c7be8ca96da877f607132bf58380d1fd95dc12fb3bbae9b
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f81931f052a38cad16e3b96a99325b5e81b50283153254481d605c37f8b02ee2
f9d2e8cde517065375cacc780cb3806892bdced51b04cea32401bf6dc2f1e1ed
fa88911b0921c4db2f57cdad62f5eb362689ce7cf13c0046b1fd5f0c3b7a81c4
fb576185303ffb977caf190e49acd628dab4f5f1d05707ed1f866f63a742aa70
fe3a1afbe486d69fc633195fc2f44c6916b322211844a336de56ee4a3af14a55
ff022dad83bd896359b6aae46531c80f636bf7c6c5958d11b68f978f649cd608

xencel.com Open in urlscan Pro 2606:4700:3035::6815:2113 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

87 %HTTPS

64 %IPv6

20 Domains

26 Subdomains

26 IPs

4 Countries

1977 kBTransfer

6447 kBSize

19 Cookies

74 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xencel.com Open in urlscan Pro
2606:4700:3035::6815:2113 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

87 %
HTTPS

64 %
IPv6

20
Domains

26
Subdomains

26
IPs

4
Countries

1977 kB
Transfer

6447 kB
Size

19
Cookies

128 HTTP transactions
0 data transactions