gestion.pe Open in urlscan Pro
2a02:26f0:1700:16::b856:fbcb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lc.cx/bgueBm
Effective URL:
https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Submission: On December 02 via manual (December 2nd 2024, 4:20:34 pm UTC) from CO — Scanned from FR

Summary HTTP 78 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 25 domains to perform 78 HTTP transactions. The main IP is 2a02:26f0:1700:16::b856:fbcb, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1 Akamai International B.V., NL. The main domain is gestion.pe. The Cisco Umbrella rank of the primary domain is 428190.
TLS certificate: Issued by R10 on October 4th 2024. Valid for: 3 months.

This is the only time gestion.pe was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.38.222.23 13.38.222.23	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:170... 2a02:26f0:1700:16::b856:fbcb	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
7	2600:9000:225... 2600:9000:2251:b600:6:5e1:e9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.18.223.248 104.18.223.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	18.245.86.87 18.245.86.87	16509 (AMAZON-02) (AMAZON-02)
3	172.67.159.162 172.67.159.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:d8f::11a6	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	57.129.37.207 57.129.37.207	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	172.67.155.215 172.67.155.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.143.111 104.16.143.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:18d::11a6	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:2a9::268b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
3	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:275... 2600:9000:275d:2000:10:4bf2:7ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2.18.64.26 2.18.64.26	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.160.126 104.18.160.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:28e::268b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
4	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	167.235.124.59 167.235.124.59	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.90.125.120 3.90.125.120	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.239.248 104.18.239.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
78	34

1 13.38.222.23 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-38-222-23.eu-west-3.compute.amazonaws.com

lc.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:1700:16::b856:fbcb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

gestion.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2251:b600:6:5e1:e9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdna.gestion.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.223.248 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.86.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-87.fra60.r.cloudfront.net

signwall.e3.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:d8f::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 57.129.37.207 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3197977.ip-57-129-37.eu

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.155.215 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.143.111 (None, )

ASN13335 (CLOUDFLARENET, US)

experience.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:18d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:2a9::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:2000:10:4bf2:7ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.embluemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.160.126 (None, )

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:28e::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.124.59 (Bühl, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: nue0037.cxense.com

id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.90.125.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-125-120.compute-1.amazonaws.com

geoapi.eclabs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.239.248 (None, )

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	gestion.pe gestion.pe — Cisco Umbrella Rank: 428190 cdna.gestion.pe — Cisco Umbrella Rank: 763135	630 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	538 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	140 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	422 B
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625 x.clarity.ms — Cisco Umbrella Rank: 8880	29 KB
4	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 6353 id.cxense.com — Cisco Umbrella Rank: 13212	45 KB
4	piano.io experience.piano.io — Cisco Umbrella Rank: 37515 id.piano.io — Cisco Umbrella Rank: 72777 c2.piano.io — Cisco Umbrella Rank: 6909	17 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	87 KB
3	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7097	2 KB
3	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 9039	68 KB
3	tinypass.com cdn.tinypass.com — Cisco Umbrella Rank: 7749 buy.tinypass.com — Cisco Umbrella Rank: 7928	123 KB
2	google.fr www.google.fr — Cisco Umbrella Rank: 24137	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	589 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	12 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1652 c.go-mpulse.net — Cisco Umbrella Rank: 782	50 KB
2	e3.pe signwall.e3.pe	145 KB
1	eclabs.io geoapi.eclabs.io	364 B
1	embluemail.com cdn.embluemail.com — Cisco Umbrella Rank: 149315	6 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 9114	3 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4270	17 KB
1	lc.cx 1 redirects lc.cx — Cisco Umbrella Rank: 777302	398 B
0	cloudfront.net Failed d34fzxxwb5p53o.cloudfront.net Failed
78	25

	Domain	Requested by
7	cdna.gestion.pe	gestion.pe
6	www.googletagmanager.com	gestion.pe cdn.tinypass.com www.googletagmanager.com www.google-analytics.com
5	analytics.tiktok.com	gestion.pe analytics.tiktok.com
5	fonts.googleapis.com	gestion.pe
4	www.facebook.com	gestion.pe
4	region1.analytics.google.com	www.googletagmanager.com browser.sentry-cdn.com
4	gestion.pe	gestion.pe
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	gestion.pe connect.facebook.net
3	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
3	events.newsroom.bi	sdk.mrf.io browser.sentry-cdn.com
3	sdk.mrf.io	gestion.pe sdk.mrf.io
2	x.clarity.ms	www.clarity.ms browser.sentry-cdn.com
2	buy.tinypass.com	cdn.tinypass.com browser.sentry-cdn.com
2	www.google.fr	gestion.pe
2	stats.g.doubleclick.net	www.googletagmanager.com
2	www.clarity.ms	gestion.pe www.clarity.ms
2	id.piano.io	cdn.tinypass.com
2	www.youtube.com	sdk.mrf.io www.youtube.com
2	signwall.e3.pe	gestion.pe
1	geoapi.eclabs.io	browser.sentry-cdn.com
1	id.cxense.com	cdn.cxense.com
1	c2.piano.io	cdn.tinypass.com
1	cdn.embluemail.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	c.go-mpulse.net	s.go-mpulse.net
1	experience.piano.io	gestion.pe
1	www.npttech.com	gestion.pe
1	browser.sentry-cdn.com	signwall.e3.pe
1	s.go-mpulse.net	gestion.pe
1	cdn.tinypass.com	gestion.pe
1	lc.cx	1 redirects
0	d34fzxxwb5p53o.cloudfront.net Failed	gestion.pe
78	33

This site contains no links.

Subject Issuer	Validity	Valid
elcomercio.web.arc-cdn.net R10	`2024-10-04` - `2025-01-02`	3 months	crt.sh
cdna.elcomercio.pe Amazon RSA 2048 M02	`2023-12-07` - `2025-01-04`	a year	crt.sh
tinypass.com WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.e3.pe Amazon RSA 2048 M03	`2024-08-09` - `2025-09-06`	a year	crt.sh
sdk.mrf.io WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
ssl03.cert.cl15.k8s.mrf.io E6	`2024-11-21` - `2025-02-19`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
npttech.com WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
piano.io WE1	`2024-11-25` - `2025-02-23`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-10` - `2024-12-09`	3 months	crt.sh
cdn.embluemail.com Amazon RSA 2048 M03	`2024-03-06` - `2025-04-03`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.fr WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.eclabs.io Amazon RSA 2048 M03	`2024-03-14` - `2025-04-12`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Frame ID: 2E8D0EA8ABDDEBED3342BC9826A8D86C
Requests: 76 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fgestion.pe
Frame ID: 2CEE5A87850330C391E2E2E48220573A
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23container-plans-piano&templateId=OTDDBEEDSKGW&offerId=OF08LWFXA4EN&formNameByTermId=%7B%22TMXD9GFBWYEE%22%3A%22CheckoutFields%22%7D&hideCompletedFields=true&showCloseButton=false&experienceActionId=showOffer4S9AKOLAHTWC1X2&offerType=purchase&experienceId=EXN4AZ4B7FDQ&widget=offer&iframeId=offer-0-Y8gF3&url=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%252FWSP%252Fago24&parentDualScreenLeft=330&parentDualScreenTop=330&parentWidth=1600&parentHeight=1200&parentOuterHeight=1285&aid=UmAkgzZ4pu&zone=web&customVariables=%7B%7D&browserId=m478l7972189wv3o&userState=anon&pianoIdUrl=https%3A%2F%2Fid.piano.io%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_user_status%22%3A%22no%22%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=1435&logType=offerShow&width=974&_qh=a9747f55d7
Frame ID: B5693B1B384B43EA051CC010DEF75F38
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 82C761CDE746DE518CEF8C488B41453C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offboarding - Suscripciones Digitales

Page URL History Show full URLs

https://lc.cx/bgueBm HTTP 301
https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24 Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

78
Requests

99 %
HTTPS

44 %
IPv6

25
Domains

33
Subdomains

34
IPs

5
Countries

1938 kB
Transfer

5432 kB
Size

45
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lc.cx/bgueBm HTTP 301
https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gestion.pe/suscripciones/promofidedigital/
Redirect Chain

https://lc.cx/bgueBm
https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

392 KB
122 KB

536ms
438ms

Document
text/html

2a02:26f0:1700:16::b856:fbcb
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

openresty /

Resource Hash

f77e3aa11e7890eb42476f8e29481cd1bc8d1e00236810c58711fe244b5e8ee7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 02 Dec 2024 16:20:28 GMT
etag: W/"60d2d-BfB+oQUwMPQerCO97J4Gf4JzCEs"
expires: Mon, 02 Dec 2024 16:21:28 GMT
last-modified: Mon, 02 Dec 2024 16:19:29 GMT
link: <https://cdna.gestion.pe/resources/dist/gestion/fonts/IBMPlexSans-Bold.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://cdna.gestion.pe/resources/dist/gestion/fonts/Petrona-Bold.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://cdna.gestion.pe/resources/dist/gestion/fonts/Cinzel-Bold.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://cdna.gestion.pe/resources/dist/gestion/fonts/Cinzel-Regular.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://cdna.gestion.pe/resources/dist/gestion/fonts/Petrona-Regular.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://cdna.gestion.pe/resources/dist/gestion/fonts/IBMPlexSans-Regular.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://cdna.gestion.pe>;rel="preconnect",<https://sdk.mrf.io>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://analytics.tiktok.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://www.npttech.com>;rel="preconnect"
server: openresty
server-timing: cdn-cache; desc=HIT edge; dur=401 origin; dur=0 ak_p; desc="1733156427914_3092568283_1638032951_40161_11364_22_40_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 120602 0 pmb=mRUM,2
x-arc-pb-mx-id: 00000000
x-arc-pb-request-id: a3146976-1804-4819-bee5-b17916f94daf 9806aaaf-f5cf-454e-86f3-c38f34f330c2
x-arc-request-id: 0.dbd854b8.1733156427.61a26637
x-arc-ttl: -1

Redirect headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-length: 119
content-type: text/html; charset=utf-8
date: Mon, 02 Dec 2024 16:20:27 GMT
expires: 0
location: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
pragma: no-cache
server: nginx/1.26.2
surrogate-control: no-store
vary: Accept
x-powered-by: Express

GET
H2 200 IBMPlexSans-Bold.woff2
cdna.gestion.pe/resources/dist/gestion/fonts/ 54 KB
55 KB 146ms
33ms Font
binary/octet-stream 2600:9000:2251:b600:6:5e1:e9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdna.gestion.pe/resources/dist/gestion/fonts/IBMPlexSans-Bold.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b600:6:5e1:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fae27cb088352819cb4fbe07816270f1294939dff3064769d7116223a3c6724

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

access-control-max-age: 3000
etag: "e8cd98b4c4c6d6d577d0879828f387c9"
age: 3418315
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: neu9iN_NS9JJhEf4MUs02fDaOkXl99sBCVd8iRNwPmXk46UoUQPO-Q==
date: Thu, 24 Oct 2024 02:48:34 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Thu, 29 Feb 2024 21:29:20 GMT
cache-control: max-age=31536000
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 55396
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 Petrona-Bold.woff2
cdna.gestion.pe/resources/dist/gestion/fonts/ 48 KB
48 KB 142ms
30ms Font
binary/octet-stream 2600:9000:2251:b600:6:5e1:e9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdna.gestion.pe/resources/dist/gestion/fonts/Petrona-Bold.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b600:6:5e1:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e833a8bc6e68f33a53f5196ae14ba09c93283f24069d2735ad2391879dacc27b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

access-control-max-age: 3000
etag: "097dd74ae5551aed3982fc5bdc9bc077"
age: 4203095
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: nfxGIJrA3VD0dsbJZjaZxHvryo801BDABoRz6-LsG5ZcmZHSjkeR5g==
date: Tue, 15 Oct 2024 00:48:54 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Thu, 29 Feb 2024 21:29:26 GMT
cache-control: max-age=31536000
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48656
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 Cinzel-Bold.woff2
cdna.gestion.pe/resources/dist/gestion/fonts/ 28 KB
29 KB 147ms
35ms Font
binary/octet-stream 2600:9000:2251:b600:6:5e1:e9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdna.gestion.pe/resources/dist/gestion/fonts/Cinzel-Bold.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b600:6:5e1:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73d541e2ed020aefa6087e197df9d95c7428135e4a3fe73e5f52a38d3e5d81bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

access-control-max-age: 3000
etag: "0e884db010e3fea02616a0ce83e22b14"
age: 4203096
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 6de318ACbXeelV4oDrGUZjt-VHA0HDjgLRkqCQeXuOTRmd-LwXj7CA==
date: Tue, 15 Oct 2024 00:48:53 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Thu, 29 Feb 2024 21:29:18 GMT
cache-control: max-age=31536000
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28852
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 Cinzel-Regular.woff2
cdna.gestion.pe/resources/dist/gestion/fonts/ 27 KB
27 KB 143ms
31ms Font
binary/octet-stream 2600:9000:2251:b600:6:5e1:e9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdna.gestion.pe/resources/dist/gestion/fonts/Cinzel-Regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b600:6:5e1:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43a2b5bc4ed9c051fd8ab4a3577ed1b6050585b72e80e445add3b88120f919bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

access-control-max-age: 3000
etag: "7307084c4ebf73aa179717909cf67d48"
age: 3812002
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: vYJxLkRKFYDV94StHTOrvf7nGwVm1jNV_f8NrOeU8Q8FH7aa7RwTdA==
date: Sat, 19 Oct 2024 13:27:07 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Thu, 29 Feb 2024 21:29:20 GMT
cache-control: max-age=31536000
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27172
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 Petrona-Regular.woff2
cdna.gestion.pe/resources/dist/gestion/fonts/ 47 KB
47 KB 144ms
32ms Font
binary/octet-stream 2600:9000:2251:b600:6:5e1:e9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdna.gestion.pe/resources/dist/gestion/fonts/Petrona-Regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b600:6:5e1:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5cea375d9f0cccc69e6766bd4e78c4e153cf79a45bc72a24a7942fc77438e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

access-control-max-age: 3000
etag: "37fd7661e1f7c53e074de10e008bb1ca"
age: 3418315
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 8h_Hl8m8qzZvhsYi29Izd_7wujzmnkJgp7V9W1huqHFiVP22nbJgMA==
date: Thu, 24 Oct 2024 02:48:34 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Thu, 29 Feb 2024 21:29:27 GMT
cache-control: max-age=31536000
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48012
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 IBMPlexSans-Regular.woff2
cdna.gestion.pe/resources/dist/gestion/fonts/ 54 KB
55 KB 146ms
34ms Font
binary/octet-stream 2600:9000:2251:b600:6:5e1:e9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdna.gestion.pe/resources/dist/gestion/fonts/IBMPlexSans-Regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b600:6:5e1:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35c550c128a579f49aaea94a66829fcb601dea9e034df34c3d2cd08099026347

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

access-control-max-age: 3000
etag: "b7141865b36a86401e380e29c9cb0928"
age: 2037852
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: bc_mO0K-D5fRMPnYnz7_XK-VFxydg8iMQRlfNPjgx9Ld_s0f13dpgg==
date: Sat, 09 Nov 2024 02:16:17 GMT
content-type: binary/octet-stream
vary: Origin
last-modified: Thu, 29 Feb 2024 21:29:22 GMT
cache-control: max-age=31536000
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 55380
x-amz-cf-pop: FRA60-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 414 KB
122 KB 78ms
49ms Script
application/javascript 104.18.223.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0fcca3a5edf35a40436e5e2a5cab30b9f0fd52034b2657c44e7c4c16c20a6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2876b0a984bb759257482d217ff62d0a"
x-amz-version-id: fIuKTmQ.ufCrNfOf81WXk84FvTicqDxd
age: 5419
expires: Mon, 02 Dec 2024 20:20:28 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript
last-modified: Mon, 18 Nov 2024 08:07:28 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-amz-id-2: kkLWgX2NJqHmQKG9Ot7MfD+Ufry0lWIi196MrjKDJmNyoZapZSnQF2bGbt89/xWGEn2Fg3x40jjhEJVhd4sESMJVCx4fDbZ9NpPKH6YjORw=
strict-transport-security: max-age=86400; includeSubDomains
x-amz-replication-status: REPLICA
cache-control: public, max-age=14400
x-amz-request-id: HJ9MF3664XPE0Z03
cf-ray: 8ebca4fdb9f3bb57-CDG
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 react.js Show response
gestion.pe/pf/dist/engine/ 343 KB
102 KB 37ms
37ms Script
application/javascript 2a02:26f0:1700:16::b856:fbcb
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://gestion.pe/pf/dist/engine/react.js?d=3704

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

openresty /

Resource Hash

a00bbd813a4ac07bd86d8e911348a107160c457456b7fc9b6e1d81b81762cb4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
content-encoding: gzip
x-arc-ttl: 31536000
etag: W/"1dd5f4ad89c4bc8a77b1ea61728a405a"
expires: Tue, 02 Dec 2025 16:20:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1733156428609_3092568283_1638036208_120_8683_22_0_146";dur=1
content-length: 104308
date: Mon, 02 Dec 2024 16:20:28 GMT
x-arc-request-id: 0.dbd854b8.1733156428.61a272f0
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty
last-modified: Fri, 29 Nov 2024 17:21:53 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 piano.js Show response
gestion.pe/pf/dist/components/combinations/ 502 KB
141 KB 51ms
50ms Script
application/javascript 2a02:26f0:1700:16::b856:fbcb
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://gestion.pe/pf/dist/components/combinations/piano.js?d=3704

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

openresty /

Resource Hash

599def166c18fbd60daecfe436285bad8e877d363829e1667d3d07a079617249

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
content-encoding: gzip
x-arc-ttl: 31536000
etag: W/"a3ab50b652b4f6571281754efab0e214"
expires: Tue, 02 Dec 2025 16:20:28 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1733156428608_3092568283_1638036209_550_9615_22_0_146";dur=1
content-length: 143920
date: Mon, 02 Dec 2024 16:20:28 GMT
x-arc-request-id: 0.dbd854b8.1733156428.61a272f1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty
last-modified: Fri, 29 Nov 2024 17:21:52 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
989 B 162ms
57ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Josefin+Sans:ital,wght@0,100..700;1,100..700&display=swap

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

385e08703e574d2edd617c69e8f2617a9949795afaff9f35e3e1fa5663ab73e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 16:13:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
556 B 161ms
56ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,300&display=swap

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

268b815724a02d4065fe9ebaed7a0ec2c65a946cc5c50f234eb30aacce726fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 16:20:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
570 B 164ms
60ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;1,500&display=swap

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99fbce7123b35814800708f9f0ae37bc569b9aaffa450e58dde8892e8a7b8c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 16:20:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
643 B 170ms
66ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Overpass:wght@700&display=swap

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31d5c94c2df66feabc20792709ce93fb4d447c27bf2e5ab21f8b11f6451497bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 16:20:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
827 B 171ms
67ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Judson:wght@400;700&family=Noto+Serif:wght@100..900&display=swap

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf9bb2070156029d3b27a960d0ca8246d1582cffb91556e169591d040f2d2979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 16:20:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
118 KB 176ms
74ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFQK83S

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b23f6441b68fac7620cb973eacceacb1113911ffe0e055881ecedcc4ed68a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 120349
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 piano-sentry.min.js Show response
signwall.e3.pe/static/javascript/ 1 KB
1 KB 116ms
26ms Script
application/javascript 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signwall.e3.pe/static/javascript/piano-sentry.min.js
Requested by: Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-87.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f002ff9c0d681b3b3b4f145bada9948fa1e9410f567b4439231689805373863f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

x-amz-cf-pop: FRA60-P6
content-encoding: gzip
etag: W/"e989d49459050da9f5486c5d374fb112"
age: 24697
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: GsPZ8qDkcbz_2k5onD0IwxakJp8dkp_-uYK2uttR51KxUbgxGemAnA==
date: Mon, 02 Dec 2024 09:28:52 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Tue, 28 May 2024 22:03:59 GMT
x-amz-server-side-encryption: AES256

GET
H3 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 168 KB
46 KB 57ms
38ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2749
Requested by: Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499fd452d0c76530699a1d03b508734a38483b2bbe7a2f10de99fc13ff5d3bcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 73
x-response-time: 31ms
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 02 Dec 2024 16:15:25 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=1800
x-envoy-upstream-service-time: 44
cf-ray: 8ebca4feda2a6ff9-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46901
server: cloudflare

GET
H2 200 EQLA8-TGJ6W-4XJ2T-XS5UV-HQMHA Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 80ms
24ms Script
application/javascript 2a02:26f0:480:d8f::11a6
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/EQLA8-TGJ6W-4XJ2T-XS5UV-HQMHA
Requested by: Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d8f::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: max-age=604800
timing-allow-origin: *
content-encoding: br
customappheader: mpulse-ab-boomr__git__08ab8be__git__08ab8be__p19.alsi10-lite
content-length: 50393
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Oct 2024 07:12:58 GMT
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40a06743a2620b425cf15467ce1149105ea63dd6ed4823dde69080214a075011

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 logo.png
cdna.gestion.pe/resources/dist/gestion/images/ 3 KB
3 KB 77ms
27ms Image
binary/octet-stream 2600:9000:2251:b600:6:5e1:e9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdna.gestion.pe/resources/dist/gestion/images/logo.png
Requested by: Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b600:6:5e1:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8246375daa8f598303b2d037c5dd821d53ef40390fc8ed7c8f8b857365e370b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: max-age=31536000
etag: "85f7c929e004cac4b738b1c748a22b6c"
age: 30846483
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2628
x-amz-cf-id: QmXqgf8dMstr0IzzXaDWWwfc4INnIvLpaikW474Hh0vhlWCEardY0w==
date: Mon, 11 Dec 2023 15:52:26 GMT
content-type: binary/octet-stream
last-modified: Wed, 31 Mar 2021 00:21:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 165 B
901 B 117ms
27ms Fetch
application/json 57.129.37.207
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2749
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.37.207 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns3197977.ip-57-129-37.eu
Software: istio-envoy /
Resource Hash: 459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gestion.pe/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gestion.pe
content-length: 120
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 compass-multimedia-sdk.js Show response
sdk.mrf.io/statics/ 10 KB
4 KB 49ms
49ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=2020
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2749
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e49b875b3f6c994dd1566b98cf9e01ad1d1e61565e34ebeae5be6c81a0d563

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-cache-status: HIT
etag: W/"99fb56bd3abacdccb08d0442971d7530"
age: 3545
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 1z_SXmcCAMa60mfwfitLddXD9bqnVllgsPQLL15Rmg0Q9qkUgCBVTQ==
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Fri, 22 Nov 2024 14:10:10 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
cache-control: max-age=3600
timing-allow-origin: *
x-envoy-upstream-service-time: 16
via: 1.1 5e9eaa4dae17f466e627d76765f5de64.cloudfront.net (CloudFront)
cf-ray: 8ebca4ff6af86ff9-CDG
access-control-allow-origin: *
x-amz-cf-pop: CDG52-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.16.1/ 56 KB
17 KB 73ms
24ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.16.1/bundle.min.js

Requested by

Host: signwall.e3.pe
URL: https://signwall.e3.pe/static/javascript/piano-sentry.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6f76823029b88fb047e8543d42695099c62436416be76bff429278008e1def90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "717873239e20eaafe878036dc0bc3354"
age: 2518509
expires: Wed, 04 Sep 2024 06:15:22 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17433
date: Mon, 02 Dec 2024 16:20:28 GMT
last-modified: Wed, 03 Jun 2020 16:53:40 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: Fastly

GET
H3 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 98ms
64ms Script
application/javascript 172.67.155.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
age: 5034
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRwcDkzm5V%2Fu2UJl1FkcBA%2Br6D2VmGhh%2BsF5IbnEF4bGfx6A5dv7EkQjlnRviPHzbJIWqqRDVQb9dHNJm7bR5DqNFZU7RKFrJrL5vD%2BixLQQgPNofF55W%2BAWfcj5GbxidWY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14860&min_rtt=14685&rtt_var=3227&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4107&recv_bytes=4324&delivery_rate=39698&cwnd=12000&unsent_bytes=0&cid=3cf95ddecb493f3d&ts=71&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: q+VDBr6i/jh6GGr+efiQxgYD1SykS9aa8zGGwQja0f2Fwm9WMMoE3xJ8pUF2Qxsi6sbWJvy819M=
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 51RXAFYMDSHHXTZ6
cf-ray: 8ebca4ffbd360088-CDG
server: cloudflare

GET
H3 200 load Show response
experience.piano.io/xbuilder/experience/ 16 KB
6 KB 64ms
35ms Script
application/javascript 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.piano.io/xbuilder/experience/load?aid=UmAkgzZ4pu

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a6cefbc8db81308aa21a4b12f986e0d05263c8d1fb57580be526039630f3be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

x-request-id: ekearsz4hz
content-encoding: gzip
cf-cache-status: HIT
age: 1576
expires: Mon, 02 Dec 2024 16:24:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Mon, 02 Dec 2024 15:54:12 GMT
priority: u=1,i=?0
strict-transport-security: max-age=86400; includeSubDomains
cache-control: public, max-age=1800, s-maxage=1800
pragma
cf-ray: 8ebca4ffbebf6f45-CDG
server: cloudflare

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 51 B
214 B 278ms
220ms XHR
application/json 2a02:26f0:480:18d::11a6
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=EQLA8-TGJ6W-4XJ2T-XS5UV-HQMHA&d=gestion.pe&t=5777188&v=1.720.0&sl=0&si=b6991ce0-f6eb-4031-bfd7-0f3b013bb4df-snvk24&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=540870
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/EQLA8-TGJ6W-4XJ2T-XS5UV-HQMHA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:18d::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 695ded92055a5eec51947f70df937051ffd4230b0751a7c4c4aee0635dc22764

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

access-control-allow-origin: *
cache-control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
content-length: 51
alt-svc: h3=":443"; ma=93600
timing-allow-origin: *
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/json

GET
H3 200 fa5427063feb772d9fe8.js Show response
sdk.mrf.io/statics/ 72 KB
18 KB 28ms
28ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/fa5427063feb772d9fe8.js
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=2020
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c391cdda65f98d6b87382171e5b07e6159745694afd219baaf75299b8196da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gestion.pe
Referer: https://gestion.pe/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-cache-status: HIT
etag: W/"bd02dee70ec3fb9bf97a26f16d89354c"
age: 3340
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: ehQIJKZ3jsvIVT0w_lKN5zzpNBsq4k7Csi4xIlU0NPOfkFpnBEroSg==
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Tue, 29 Oct 2024 13:16:10 GMT
vary: accept-encoding
priority: u=1,i=?0
server-timing: cfExtPri
cache-control: max-age=3600
timing-allow-origin: *
x-envoy-upstream-service-time: 40
via: 1.1 174c08439d0479ee62deefc2d025760e.cloudfront.net (CloudFront)
cf-ray: 8ebca4ffbb7d6ff9-CDG
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 165ms
65ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/fa5427063feb772d9fe8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95202acb1dba479b44d42a18e4cc5cea755d755d6bfba29a6ebb9a46c63b7804

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
104 KB 96ms
96ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SKEHLZ6YPR

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc574843e89f4071ca09328194201370df7f866e5e2168e69927b3d523a443bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106343
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 25 KB
7 KB 119ms
31ms Script
application/x-javascript 2a02:26f0:3500:2a9::268b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:2a9::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

Cache-Control: max-age=3600
Content-Encoding: gzip
Connection: keep-alive
Expires: Mon, 02 Dec 2024 17:20:28 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 6352
Date: Mon, 02 Dec 2024 16:20:28 GMT
Last-Modified: Mon, 08 Apr 2024 13:13:58 GMT
Content-Type: application/x-javascript
Server: AkamaiNetStorage
Vary: Accept-Encoding

POST
H2 200 rfv.php Show response
events.newsroom.bi/data/ 27 B
465 B 27ms
26ms Fetch
application/json 57.129.37.207
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/data/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2749
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.37.207 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns3197977.ip-57-129-37.eu
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gestion.pe/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gestion.pe
content-length: 42
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 verify Show response
id.piano.io/id/api/v1/identity/token/ 195 B
933 B 185ms
171ms Script
application/javascript 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.piano.io/id/api/v1/identity/token/verify?browser_id=m478l7972189wv3o&page_view_id=m478l797vmp2a8r5&content_type=website&page_title=Offboarding+-+Suscripciones+Digitales&callback=jsonp4242&client_id=UmAkgzZ4pu&site=https%3A%2F%2Fgestion.pe&user_state=anon

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ddf867355fc446dda0091dd9ec80dd0c91537dd1c753830e2da121ab25701a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

x-request-id: M42kvnsLO5Y
wn: prod-id-10-0-143-164
x-forwarded-https: on
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/javascript
server-time: 0.000
priority: u=3,i=?0
access-control-allow-headers: origin, content-type, accept, authorization, pn-consents, user-state
strict-transport-security: max-age=86400; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8ebca5006fd06f45-CDG
access-control-allow-origin: *
server: cloudflare

GET
H3 200 verify Show response
id.piano.io/id/api/v1/identity/token/ 195 B
930 B 148ms
134ms Script
application/javascript 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.piano.io/id/api/v1/identity/token/verify?browser_id=m478l7972189wv3o&page_view_id=m478l797vmp2a8r5&content_type=website&page_title=Offboarding+-+Suscripciones+Digitales&callback=jsonp4243&client_id=UmAkgzZ4pu&site=https%3A%2F%2Fgestion.pe&user_state=anon

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b577c5cc5ece13c5ee7ac048fd6f14c4d61ab160f9f688912ff6624249126ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

x-request-id: M42kvnsZM8i
wn: prod-id-10-0-114-210
x-forwarded-https: on
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript
server-time: 0.000
priority: u=3,i=?0
access-control-allow-headers: origin, content-type, accept, authorization, pn-consents, user-state
strict-transport-security: max-age=86400; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8ebca5006fcf6f45-CDG
access-control-allow-origin: *
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 149ms
55ms Ping
text/plain 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1184852811.1733156429&auid=569891967.1733156429&npa=1&gtm=45He4bk0v812441660za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733156428910&tfd=1156&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFQK83S
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
104 KB 67ms
67ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SKEHLZ6YPR&l=dataLayer&cx=c&gtm=45He4bk0v812441660za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFQK83S

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b3d3f05463b91dcb78f8c49bdef0f29ce2f53b398438700fc22f332539e5701f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106318
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
87 KB 68ms
68ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRNLFHN&l=dataLayer&gtm=45He4bk0v812441660za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFQK83S

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a5d3c6335bd8b93aef690c403afe2f120040a736d7d992924f00ad4091c10e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 02 Dec 2024 16:20:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89081
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 52ms
25ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-VhSzcH1h' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 16:20:28 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-VhSzcH1h' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4415, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: sEyJeG63TqlFFdMZqTg7AKxIIaN+k7ELLE00H4jeHgWBbs4a8ykNJ66B0wiDdrNS04eH9a3DB5YbEP7hldWqfQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 pixeltracking.js Show response
cdn.embluemail.com/pixeltracking/ 26 KB
6 KB 117ms
25ms Script
application/javascript 2600:9000:275d:2000:10:4bf2:7ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embluemail.com/pixeltracking/pixeltracking.js?code=ddc9f70a72959e3037f40dd5359a99d6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFQK83S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:2000:10:4bf2:7ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ac3b4d3f8eb5f0819c30e1857293688f5793481372e2cfcff93e8789789610c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

x-amz-cf-pop: FRA56-P11
content-encoding: gzip
etag: W/"fe701dddf7508a8807bc1ec1febeac9c"
age: 52110
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 9hNJwneQ4y1D4pTLJqMiAKL6VGsLT4_W0n-F2BNL1Yws231lGMDg8w==
date: Mon, 02 Dec 2024 01:52:00 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Thu, 12 Sep 2024 21:14:31 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 ja9a882ibe Show response
www.clarity.ms/tag/ 553 B
808 B 475ms
359ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ja9a882ibe
Requested by: Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 34b8f11afa0cf664b8a9ad48b1d634ce60df45e46e2157fae23a9ac9fb1876ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 553
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/x-javascript
x-azure-ref: 20241202T162029Z-156d95cb7ccx8gnshC1PARem940000000n600000000088f6

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 172ms
123ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CSTMTQRC77U9A53N0MQ0&lib=ttq
Requested by: Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a666b6ca4135c5ca3d6a5906c2c81e67afc6bfe0da68052e560df325bc1ce126

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
expires: Mon, 02 Dec 2024 16:20:29 GMT
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=97
x-cache: TCP_MISS from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 14511857
x-tt-trace-host: 0181511fb3568f58a108d60866ca68f1a2365d0c65a428e2808f4e61dde8807f032321976fc1ca40707869d5c8b08cbfab0adec53530e670432f3093c18f9b1841c49d54f4300bbe150bb383cec60d2e7e2ba9c71de3e8514dddd6e4138aed3b48
x-origin-response-time: 98,2.20.179.75
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241202162029FF4F775AF2A2BA60962C-02DE1C0538CBCEE4-00
content-length: 2223
x-tt-logid: 20241202162029FF4F775AF2A2BA60962C
server: nginx

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 2CEE 0
0 143ms
46ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fgestion.pe

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFQK83S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 501867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 20:56:02 GMT
expires: Wed, 26 Nov 2025 20:56:02 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 114 KB
37 KB 38ms
38ms Script
application/x-javascript 2a02:26f0:3500:2a9::268b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:2a9::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 459145908fcd4374a85bed15907b1f471c25107c604eca7f946ce5d3c7aa8aef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

Cache-Control: max-age=3600
Content-Encoding: gzip
Connection: keep-alive
Expires: Mon, 02 Dec 2024 17:20:28 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 37915
Date: Mon, 02 Dec 2024 16:20:28 GMT
Last-Modified: Mon, 02 Dec 2024 12:20:09 GMT
Content-Type: application/x-javascript
Server: AkamaiNetStorage
Vary: Accept-Encoding

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 75ms
26ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SKEHLZ6YPR&gtm=45je4bk0v889617884z8812441660za200zb812441660&_p=1733156428405&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1410309075.1733156429&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733156428&sct=1&seg=0&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%2FWSP%2Fago24&dt=Offboarding%20-%20Suscripciones%20Digitales&en=page_view&_fv=1&_nsi=1&_ss=1&up.subscription=&tfd=1201
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SKEHLZ6YPR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gestion.pe
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
541 B 81ms
27ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SKEHLZ6YPR&cid=1410309075.1733156429&gtm=45je4bk0v889617884z8812441660za200zb812441660&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SKEHLZ6YPR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gestion.pe
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.fr/ads/ 42 B
63 B 137ms
81ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SKEHLZ6YPR&cid=1410309075.1733156429&gtm=45je4bk0v889617884z8812441660za200zb812441660&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1416727623

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 16:20:29 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/b46bb280/www-widgetapi.vflset/ 30 KB
10 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b46bb280/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: br
age: 157
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 16:17:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:17:51 GMT
last-modified: Mon, 25 Nov 2024 05:12:10 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

GET
H3 200 112830029346809 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 182ms
182ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/112830029346809?v=2.9.176&r=stable&domain=gestion.pe&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

e1e72aba0df357e6d5e6b8c3c33f867e45eb0512ecf8a98baf812768c9beb154

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-BYUbKd9G' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-BYUbKd9G' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=76, mss=1232, tbw=70271, tp=65, tpl=0, uplat=157, ullat=0
pragma: public
x-fb-debug: rS+nmTp/G3jyu/Qil2HUyKjqGxU91yOce3cO3nIDavkAiamlUVJLenGYroOQZ5kSKeIYuARayuWJLTsfznU4Mw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 execute Show response
c2.piano.io/xbuilder/experience/ 36 KB
9 KB 131ms
121ms XHR
application/json 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=UmAkgzZ4pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b2e8788da6290de2792a7a7d56c350b2ef0199a9118f6d4b4d12341d533738

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://gestion.pe/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-request-id: gqj6asm7eq
access-control-expose-headers: Composer-Request-Control-Policy
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/json
vary: Accept-Encoding, Origin
priority: u=1,i
strict-transport-security: max-age=86400; includeSubDomains
cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8ebca50199676f45-CDG
access-control-allow-origin: https://gestion.pe
server: cloudflare

GET
H2 200 main.MTBlZWM4ZGM2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 350 KB
96 KB 25ms
25ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CSTMTQRC77U9A53N0MQ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3606c679d28f0b91ff876c8648271304ae6d140b645f4e89fff5b7678b62d01d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

x-cache: TCP_MEM_HIT from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-241126121515800CF521D460A0287DBF-1540C06F5A9134ED-00
content-length: 98164
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241126121515800CF521D460A0287DBF
server: nginx
x-akamai-request-id: 145119fb
x-tt-trace-host: 01341d0579fa26bd338f76320aea2c182119084b65d88e90857b639941d087c3cd8dbbcd71891e89964adb917fda97f35844e29eb3221780855911dcfa0a5bfc38d1b12eede47cba50b37bf5b5a65f2a54d9fe800cd89d1c13bb16eed581df45e3

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 153ms
46ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRNLFHN&l=dataLayer&gtm=45He4bk0v812441660za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
age: 5944
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 16:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 14:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 27ms
27ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SKEHLZ6YPR&gtm=45je4bk0v889617884za200zb812441660&_p=1733156428405&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1410309075.1733156429&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733156428&sct=1&seg=0&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%2FWSP%2Fago24&dt=Offboarding%20-%20Suscripciones%20Digitales&en=scroll&epn.percent_scrolled=90&_et=4&tfd=1356
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SKEHLZ6YPR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gestion.pe
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 27ms
27ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

x-cache: TCP_MEM_HIT from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id: 00-2411150502336335CB71727E1B0F9A9E-3A4C2EB625C2735C-00
content-length: 39512
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411150502336335CB71727E1B0F9A9E
server: nginx
x-akamai-request-id: 14511b21
x-tt-trace-host: 018da2afa453821b4298e998225089b0daa6890aec0793a9687d106e311ed3cfd2e8cad26c7a78d97db85dc248aeb49157eed1a2359186d4810439cc577c4561296e6a18e06372eaf46885cf3f3eeb7c3ce6a88ac3a91f21a709bfb6420463c7bd

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
872 B 211ms
210ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gestion.pe/

Response headers

x-cache-remote: TCP_MISS from a104-78-78-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Mon, 02 Dec 2024 16:20:29 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=112, origin; dur=70, inner; dur=48
x-cache: TCP_MISS from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Mon, 02 Dec 2024 16:20:29 GMT
x-akamai-request-id: c5620568.14511b2b
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0181511fb3568f58a108d60866ca68f1a2f26e83792e59c78133f785d6911ad5dc04c4b82dfce309fa8bd99087c9a4bae9e43521fe30e35da65c8de5b7002572e5eae4889daf2c9aa0229a445bfec355e27bbb6f85c3574f97b92cd569f56186a44f5cb8300695af9f0c7d668a5c288518
x-origin-response-time: 70,104.78.78.13
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241202162029D9FE817CF41763675F6C-6C61F9766FFE4256-00
content-length: 0
x-parent-response-time: 178,2.20.179.75
x-tt-logid: 20241202162029D9FE817CF41763675F6C
server: nginx

GET
H3 200 show
buy.tinypass.com/checkout/offer/ Frame B569 0
0 494ms
469ms Document
text/html 104.18.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23container-plans-piano&templateId=OTDDBEEDSKGW&offerId=OF08LWFXA4EN&formNameByTermId=%7B%22TMXD9GFBWYEE%22%3A%22CheckoutFields%22%7D&hideCompletedFields=true&showCloseButton=false&experienceActionId=showOffer4S9AKOLAHTWC1X2&offerType=purchase&experienceId=EXN4AZ4B7FDQ&widget=offer&iframeId=offer-0-Y8gF3&url=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%252FWSP%252Fago24&parentDualScreenLeft=330&parentDualScreenTop=330&parentWidth=1600&parentHeight=1200&parentOuterHeight=1285&aid=UmAkgzZ4pu&zone=web&customVariables=%7B%7D&browserId=m478l7972189wv3o&userState=anon&pianoIdUrl=https%3A%2F%2Fid.piano.io%2Fid%2F&pianoIdStage=&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_user_status%22%3A%22no%22%7D&hasLoginRequiredCallback=true&initMode=context&requestUserAuthForLinkedTerm=true&initTime=1435&logType=offerShow&width=974&_qh=a9747f55d7

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.160.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gestion.pe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ebca502ad46d0ba-CDG
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 02 Dec 2024 16:20:29 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
priority: u=0,i
server: cloudflare
server-time: 0.040
server-timing: cfExtPri
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-81-73
x-forwarded-https: on
x-request-id: M52kvnsxZt3
x-xss-protection: 0

GET
H/1.1 200
OK sp1.html
cdn.cxense.com/ Frame 82C7 0
0 80ms
30ms Document
text/html 2a02:26f0:3500:28e::268b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:28e::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://gestion.pe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Mon, 02 Dec 2024 16:20:29 GMT
Expires: Thu, 12 Dec 2024 16:20:29 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H3 200 436256475072690 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 151ms
150ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/436256475072690?v=2.9.176&r=stable&domain=gestion.pe&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

482433807103f15dad8318143af6ba55c622f1ddf55f96c48ee94eec290bd542

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-DYPBNGYw' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DYPBNGYw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=88, mss=1232, tbw=84799, tp=79, tpl=0, uplat=125, ullat=0
pragma: public
x-fb-debug: JjzzpuHJ9r04qrgQmCUm+sW1hslHd/tcJctHsrwDEzTBa5Dbyw8djrzB565GQVB70TpvnlA7cwRdT9ku2bQ/SA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 51ms
25ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=112830029346809&ev=PageView&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%2FWSP%2Fago24&rl=&if=false&ts=1733156429203&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733156429203.881135310427044962&ler=empty&cdl=API_unavailable&it=1733156429005&coo=false&rqm=GET

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4466, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 251ms
225ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=112830029346809&ev=PageView&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%2FWSP%2Fago24&rl=&if=false&ts=1733156429203&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733156429203.881135310427044962&ler=empty&cdl=API_unavailable&it=1733156429005&coo=false&rqm=FGET

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443850183191921121"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: nuiFyYo0yrRHr3bWmLNN96xbJs7oLC6t+YE9wz4//slbCMMqoqWSMrth2j6RwdDP9q1WMV3ITYNfoF09/t9mVw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443850183191921121", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=24, mss=1232, tbw=8354, tp=21, tpl=0, uplat=200, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
430 B 54ms
54ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=399954473&t=pageview&_s=1&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%2FWSP%2Fago24&ul=fr-fr&de=UTF-8&dt=Offboarding%20-%20Suscripciones%20Digitales&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=72353100&gjid=2113792732&cid=1410309075.1733156429&tid=UA-27132032-9&_gid=967491914.1733156429&_r=1&_slc=1&gtm=45He4bk0n81NRNLFHNv79062145za200zb812441660&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=1349095833

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fbe372ac86badc01e0bba98cb1784e3c8814569cdf11ca0ec98ce8158441639

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://gestion.pe/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:29 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://gestion.pe
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
73 B 54ms
54ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=399954473&t=pageview&_s=1&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%2FWSP%2Fago24&ul=fr-fr&de=UTF-8&dt=Offboarding%20-%20Suscripciones%20Digitales&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=514046965&gjid=2032279417&cid=1410309075.1733156429&tid=UA-3055636-3&_gid=967491914.1733156429&_r=1&_slc=1&gtm=45He4bk0n81NRNLFHNv79062145za200zb812441660&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=88194146

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://gestion.pe/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:29 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://gestion.pe
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 381 KB
125 KB 69ms
69ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2E3LFYB6HD&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

255d75f33fbff70f753e43f291c35ef6ef91c2908a66a95b262eca50a5e2b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 16:20:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 127651
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 24ms
24ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=436256475072690&ev=PageView&dl=https%3A%2F%2Fgestion.pe&rl=&if=false&ts=1733156429363&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733156429203.881135310427044962&ler=empty&cdl=API_unavailable&cs_est=true&pm=1&hrl=569856&it=1733156429005&coo=false&cs_cc=1&cas=8469427413175099%2C7890334870979387%2C7821252171236757%2C5558766897580309%2C6949612701804652&rqm=GET

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4930, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 80ms
80ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=436256475072690&ev=PageView&dl=https%3A%2F%2Fgestion.pe&rl=&if=false&ts=1733156429363&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733156429203.881135310427044962&ler=empty&cdl=API_unavailable&cs_est=true&pm=1&hrl=569856&it=1733156429005&coo=false&cs_cc=1&cas=8469427413175099%2C7890334870979387%2C7821252171236757%2C5558766897580309%2C6949612701804652&rqm=FGET

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443850183107132563"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: VU+LrVaLE0I0tLSUwIf4qMtiETod8bncrzgjFlElAOAv/Nu2iJZcyA9iwnRDQ6SFi3DXE4e/II4t0QJQjT/vTQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443850183107132563", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=24, mss=1232, tbw=5170, tp=18, tpl=0, uplat=55, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 32ms
31ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ja9a882ibe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

x-azure-ref: 20241202T162029Z-156d95cb7ccx8gnshC1PARem940000000n600000000088ft
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 05be2b26-301e-0000-4d38-412edb000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 27 Nov 2024 12:08:58 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
871 B 181ms
179ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gestion.pe/

Response headers

x-cache-remote: TCP_MISS from a104-78-78-4.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Mon, 02 Dec 2024 16:20:29 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=114, origin; dur=41, inner; dur=34
x-cache: TCP_MISS from a2-20-179-75.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Mon, 02 Dec 2024 16:20:29 GMT
x-akamai-request-id: 3077edbc.14511e51
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0181511fb3568f58a108d60866ca68f1a2f26e83792e59c78133f785d6911ad5dc2b2e4807aca277b7c9603bcf93b550ff12db677af00fc5ba96fa0c94ac546e2308bd66d3a45ce45cb4bb53d804e6089d1d74d0bd44e0c4380c9a301a9536696eddcfa993c5bef33263b439a92842b522
x-origin-response-time: 41,104.78.78.4
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241202162029B20A1F8504BBFD739155-1F4C24C28E25F519-00
content-length: 0
x-parent-response-time: 150,2.20.179.75
x-tt-logid: 20241202162029B20A1F8504BBFD739155
server: nginx

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 27ms
26ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2E3LFYB6HD&gtm=45je4bk0v9164394163za200&_p=1733156428405&_gaz=1&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=fr-fr&sr=1600x1200&cid=1410309075.1733156429&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%2FWSP%2Fago24&dt=Offboarding%20-%20Suscripciones%20Digitales&sid=1733156429&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1700
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2E3LFYB6HD&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gestion.pe
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 29ms
27ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-2E3LFYB6HD&cid=1410309075.1733156429&gtm=45je4bk0v9164394163za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2E3LFYB6HD&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gestion.pe
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.fr/ads/ 42 B
63 B 94ms
93ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-2E3LFYB6HD&cid=1410309075.1733156429&gtm=45je4bk0v9164394163za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=2026992500

Requested by

Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 16:20:29 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 id Show response
id.cxense.com/public/user/ 103 B
593 B 89ms
29ms Script
text/javascript 167.235.124.59
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22m478l7972189wv3o%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223k8z31d6ud6wh3fk43h0ap32am%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223k8z31d6ud6wh3fk43h0ap32am%22%7D%5D%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.59 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

nue0037.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

160bf58a5e212b7b651d40503e112c7e66503e67d68e332d6c6b6ad4a89b256f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 103
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: text/javascript;charset=utf-8
server: Jetty(9.4.28.v20200408)

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
274 B 628ms
313ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://gestion.pe/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://gestion.pe
Date: Mon, 02 Dec 2024 16:20:30 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 body_cc_precio_desktop.jpg
signwall.e3.pe/images/gestion/offboarding/ 144 KB
144 KB 502ms
502ms Image
image/jpeg 18.245.86.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signwall.e3.pe/images/gestion/offboarding/body_cc_precio_desktop.jpg
Requested by: Host: gestion.pe
URL: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-87.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84b5ad837c4f2a1263415dc232c4778af102a8b39a0e35a69c4d9212550667

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

etag: "8f0a97f68780a0ff302999d088aa28c7"
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 147107
x-amz-cf-id: Xa5iSnLnusLEXGG_Z_m9XcJ4ZghUKLch6tvoCpQlUULGbwaSd30CGA==
date: Mon, 02 Dec 2024 16:20:30 GMT
content-type: image/jpeg
last-modified: Tue, 28 May 2024 22:03:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256

GET
H2 200 location Show response
geoapi.eclabs.io/ 220 B
364 B 312ms
92ms XHR
application/json 3.90.125.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoapi.eclabs.io/location
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.16.1/bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.125.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-125-120.compute-1.amazonaws.com
Software: openresty/1.13.6.2 /
Resource Hash: 3831f33ae04fee0428475faa036ee44799fd8651e24d2b2d686885c02b636803

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache
access-control-allow-origin: *
content-length: 220
date: Mon, 02 Dec 2024 16:20:29 GMT
content-type: application/json; charset=utf-8
server: openresty/1.13.6.2

GET cmp.bundle.js
d34fzxxwb5p53o.cloudfront.net/prod/output/assets/componentes/gdpr/build/ 0
0

GET
H3 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 266 B
488 B 64ms
43ms XHR
application/json 104.18.239.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=UmAkgzZ4pu

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.16.1/bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.239.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

439e82ac08b9c90a9665b4d56887f09a17ec1731d007d32c6039110c30e5443e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Referer: https://gestion.pe/

Response headers

x-request-id: MnzfvnsXPbd
content-encoding: gzip
cf-cache-status: HIT
age: 5275
expires: Mon, 02 Dec 2024 20:20:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 16:20:30 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 14:52:35 GMT
priority: u=1,i
strict-transport-security: max-age=86400; includeSubDomains
cache-control: public, max-age=14400
cf-ray: 8ebca508df382a68-CDG
access-control-allow-origin: *
server: cloudflare

GET
H2 200 favicon.png
gestion.pe/pf/resources/dist/gestion/images/ 1 KB
2 KB 45ms
45ms Other
image/webp 2a02:26f0:1700:16::b856:fbcb
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://gestion.pe/pf/resources/dist/gestion/images/favicon.png?d=1038

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:16::b856:fbcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

1b3b431a928c1bdf5387f319bd7f8965251aeb8545ed5a0265e089fe9dce69e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/suscripciones/promofidedigital/?utm_content=retbp/WSP/ago24

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
cache-control: private, no-transform, max-age=31532592
x-arc-ttl: 31536000
etag: W/"6606853bcf49fcbbc330c1d04b5ba7eb"
x-edgeconnect-cache-status: 1
expires: Tue, 02 Dec 2025 15:23:42 GMT
akamai-true-ttl: 31536000, 31536000, 31536000
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1733156430426_3092568283_1638045609_371_16588_22_0_219";dur=1
content-length: 1094
date: Mon, 02 Dec 2024 16:20:30 GMT
x-arc-request-id: 0.dbd854b8.1733156430.61a297a9
last-modified: Wed, 08 Nov 2023 01:22:11 GMT
content-type: image/webp
server: Akamai Image Manager

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
274 B 105ms
104ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.16.1/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://gestion.pe/

Response headers

Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin: https://gestion.pe
Date: Mon, 02 Dec 2024 16:20:30 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 2 B
774 B 27ms
26ms Fetch
application/json 57.129.37.207
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.16.1/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.37.207 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns3197977.ip-57-129-37.eu
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gestion.pe/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gestion.pe
content-length: 2
date: Mon, 02 Dec 2024 16:20:30 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 27ms
27ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SKEHLZ6YPR&gtm=45je4bk0v889617884z879062145za200zb812441660&_p=1733156428405&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1410309075.1733156429&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=3&sid=1733156428&sct=1&seg=1&dl=https%3A%2F%2Fgestion.pe%2Fsuscripciones%2Fpromofidedigital%2F%3Futm_content%3Dretbp%2FWSP%2Fago24&dt=Offboarding%20-%20Suscripciones%20Digitales&en=page_view&_et=149&tfd=6357
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.16.1/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gestion.pe/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gestion.pe
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 16:20:34 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d34fzxxwb5p53o.cloudfront.net
URL: https://d34fzxxwb5p53o.cloudfront.net/prod/output/assets/componentes/gdpr/build/cmp.bundle.js

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gestion.pe/	1970-01-21 05:47:57	Name: ___nrbic Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1733156428%2C%22currentVisitStarted%22%3A1733156428%2C%22sessionId%22%3A%2243ebeb17-a6d7-49d5-b001-1fc19ab62d1a%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//gestion.pe/suscripciones/promofidedigital/%3Futm_content%3Dretbp/WSP/ago24%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3Anull%7D
.gestion.pe/	1970-01-21 05:47:57	Name: compass_uid Value: 6b11c89f-9f7c-4977-9e65-31979eec8d8c
.piano.io/	1970-01-21 01:25:58	Name: __cf_bm Value: 7CErE6M09SRvIVkC3x7Vry3gu.GyzTrIKmKvU7fYOpo-1733156428-1.0.1.1-bVJwOAO0hoOysSPtz2JeixV7.7GiT3jpmoswMJhv8k24FOa.rUBwx4OBROdNkGg581LKFMFybrGJBa5FEHQ.Zg
.gestion.pe/	1970-01-21 10:54:44	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBWAJg4DMAdgBsI0fwEBOKQAYALLxABfIA
.gestion.pe/	1970-01-21 10:54:44	Name: _pcid Value: %7B%22browserId%22%3A%22m478l7972189wv3o%22%7D
events.newsroom.bi/	1970-01-21 05:45:08	Name: 2749_u Value: 6b11c89f-9f7c-4977-9e65-31979eec8d8c
events.newsroom.bi/	1969-12-31 23:59:59	Name: 2749_s Value: 43ebeb17-a6d7-49d5-b001-1fc19ab62d1a
events.newsroom.bi/	1970-01-21 02:09:08	Name: 2749_lv Value: null
events.newsroom.bi/	1970-01-21 02:09:08	Name: 2749_ut Value: 0
.gestion.pe/	1970-01-21 03:35:32	Name: _gcl_au Value: 1.1.569891967.1733156429
gestion.pe/	1969-12-31 23:59:59	Name: gecdigarc Value: 1f44d40062df1125869a925f081f5081
.gestion.pe/	1970-01-21 05:47:57	Name: ___nrbi Value: %7B%22firstVisit%22%3A1733156428%2C%22userId%22%3A%226b11c89f-9f7c-4977-9e65-31979eec8d8c%22%2C%22userVars%22%3A%5B%5B%22mrfExperiment_experimentoInline%22%2C%221%22%5D%5D%2C%22futurePreviousVisit%22%3A1733156428%2C%22timesVisited%22%3A1%2C%22userType%22%3A0%7D
gestion.pe/	1969-12-31 23:59:59	Name: _pc_user_status Value: no
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: jutZSjiL62w
.youtube.com/	1970-01-21 05:45:08	Name: VISITOR_INFO1_LIVE Value: C0JHqdDZu3M
.youtube.com/	1970-01-21 05:45:08	Name: VISITOR_PRIVACY_METADATA Value: CgJGUhIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgKQ%3D%3D
.gestion.pe/	1970-01-21 02:09:08	Name: __pid Value: .gestion.pe
gestion.pe/	1970-01-21 01:25:56	Name: __adblocker Value: false
id.piano.io/	1970-01-21 01:25:57	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB7762878622FE3FB50BB8FE52E1D4CB8E7806775D07DC957BDC95DCEDE43DAD6ED3970ED91D681D48B38C4E468376E30AEEE408E01
gestion.pe/	1970-01-21 03:35:32	Name: __pnahc Value: 0
.tiktok.com/	1970-01-21 03:35:32	Name: _ttp Value: 2pfU4ErmrebDztD4piSccPgNlb4
.gestion.pe/	1970-01-21 11:01:56	Name: _ga_SKEHLZ6YPR Value: GS1.1.1733156428.1.1.1733156429.59.0.0
.gestion.pe/	1970-01-21 03:35:32	Name: _tt_enable_cookie Value: 1
.gestion.pe/	1970-01-21 03:35:32	Name: _ttp Value: -EDDJ3nrF9inzHsP0k70H1L15-j.tt.1
.gestion.pe/	1970-01-21 11:01:56	Name: __tbc Value: %7Bkpex%7DmIjWLYc54s8ZQwjwBqqxogofPC1fF5u6kK0AzaKQg_8521mbpGep0mfxN94-Vf3S
.gestion.pe/	1970-01-21 02:09:08	Name: __pat Value: -18000000
.gestion.pe/	1970-01-21 01:27:22	Name: __pvi Value: eyJpZCI6InYtbTQ3OGw3OTllZnFpc213NiIsImRvbWFpbiI6Ii5nZXN0aW9uLnBlIiwidGltZSI6MTczMzE1NjQyOTE4Nn0%3D
.gestion.pe/	1970-01-21 11:01:56	Name: xbc Value: %7Bkpex%7DS_q1r9eX53lNhZz0lAK5ta-hVr9xLPeA4Y5yryNSz7c
.gestion.pe/	1970-01-21 10:54:44	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOnsiQ09NUE9TRVIxWCI6eyJzZWdtZW50cyI6WyJMVHM6ODE4MjRhYmZhOWFkNDgzYmZjM2ZmYWM0M2NkNzIxN2IzMTdjMGNjMTpub19zY29yZSJdfX19
.gestion.pe/	1970-01-21 10:54:44	Name: cX_P Value: m478l7972189wv3o
.gestion.pe/	1970-01-21 03:35:32	Name: _fbp Value: fb.1.1733156429203.881135310427044962
.gestion.pe/	1970-01-21 11:01:56	Name: _ga Value: GA1.2.1410309075.1733156429
.gestion.pe/	1970-01-21 01:27:22	Name: _gid Value: GA1.2.967491914.1733156429
.gestion.pe/	1970-01-21 01:25:56	Name: _gat_UA-27132032-9 Value: 1
.gestion.pe/	1970-01-21 01:25:56	Name: _gat_UA-3055636-3 Value: 1
.gestion.pe/	1970-01-21 11:01:56	Name: _ga_2E3LFYB6HD Value: GS1.2.1733156429.1.0.1733156429.60.0.0
.gestion.pe/	1970-01-21 10:54:44	Name: cX_G Value: cx%3A1dt8uwbqi87p42xag61sz0m1jd%3A10l4kvl01g0cz
.cxense.com/	1970-01-21 10:11:32	Name: gckp Value: cx:1dt8uwbqi87p42xag61sz0m1jd:10l4kvl01g0cz
.tinypass.com/	1970-01-21 01:26:00	Name: ch_sid Value: tq4l8cC6rJVczqW
.tinypass.com/	1970-01-21 11:01:56	Name: LANG Value: es_PE
gestion.pe/	1970-01-21 01:27:22	Name: isEU Value: true
.tinypass.com/	1970-01-21 01:27:22	Name: LANG_CHANGED Value: es_PE
.gestion.pe/	1970-01-21 02:09:08	Name: __pil Value: es_PE
.tinypass.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4212A8AB1855332FE11E0784C24246B9
.gestion.pe/	1970-01-21 01:36:01	Name: RT Value: "z=1&dm=gestion.pe&si=b6991ce0-f6eb-4031-bfd7-0f3b013bb4df&ss=m478l6ga&sl=1&tt=21p&rl=1&ld=21q"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
browser.sentry-cdn.com
buy.tinypass.com
c.go-mpulse.net
c2.piano.io
cdn.cxense.com
cdn.embluemail.com
cdn.tinypass.com
cdna.gestion.pe
connect.facebook.net
d34fzxxwb5p53o.cloudfront.net
events.newsroom.bi
experience.piano.io
fonts.googleapis.com
geoapi.eclabs.io
gestion.pe
id.cxense.com
id.piano.io
lc.cx
region1.analytics.google.com
s.go-mpulse.net
sdk.mrf.io
signwall.e3.pe
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.npttech.com
www.youtube.com
x.clarity.ms
d34fzxxwb5p53o.cloudfront.net
104.16.143.111
104.18.160.126
104.18.223.248
104.18.239.248
13.38.222.23
142.250.185.136
142.250.185.228
157.240.0.35
157.240.253.1
167.235.124.59
172.67.155.215
172.67.159.162
18.245.86.87
2.18.64.26
20.114.190.119
2001:4860:4802:32::36
216.239.34.36
216.58.206.35
2600:9000:2251:b600:6:5e1:e9c0:93a1
2600:9000:275d:2000:10:4bf2:7ac0:93a1
2620:1ec:29:1::45
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:829::200e
2a00:1450:400c:c0b::9c
2a02:26f0:1700:16::b856:fbcb
2a02:26f0:3500:28e::268b
2a02:26f0:3500:2a9::268b
2a02:26f0:480:18d::11a6
2a02:26f0:480:d8f::11a6
2a04:4e42:400::729
3.90.125.120
57.129.37.207
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
160bf58a5e212b7b651d40503e112c7e66503e67d68e332d6c6b6ad4a89b256f
1b3b431a928c1bdf5387f319bd7f8965251aeb8545ed5a0265e089fe9dce69e1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20b2e8788da6290de2792a7a7d56c350b2ef0199a9118f6d4b4d12341d533738
255d75f33fbff70f753e43f291c35ef6ef91c2908a66a95b262eca50a5e2b875
268b815724a02d4065fe9ebaed7a0ec2c65a946cc5c50f234eb30aacce726fe7
2ac3b4d3f8eb5f0819c30e1857293688f5793481372e2cfcff93e8789789610c
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
31d5c94c2df66feabc20792709ce93fb4d447c27bf2e5ab21f8b11f6451497bf
34b8f11afa0cf664b8a9ad48b1d634ce60df45e46e2157fae23a9ac9fb1876ba
35c550c128a579f49aaea94a66829fcb601dea9e034df34c3d2cd08099026347
3606c679d28f0b91ff876c8648271304ae6d140b645f4e89fff5b7678b62d01d
3831f33ae04fee0428475faa036ee44799fd8651e24d2b2d686885c02b636803
385e08703e574d2edd617c69e8f2617a9949795afaff9f35e3e1fa5663ab73e2
3a6cefbc8db81308aa21a4b12f986e0d05263c8d1fb57580be526039630f3be9
3fbe372ac86badc01e0bba98cb1784e3c8814569cdf11ca0ec98ce8158441639
40a06743a2620b425cf15467ce1149105ea63dd6ed4823dde69080214a075011
439e82ac08b9c90a9665b4d56887f09a17ec1731d007d32c6039110c30e5443e
43a2b5bc4ed9c051fd8ab4a3577ed1b6050585b72e80e445add3b88120f919bd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459145908fcd4374a85bed15907b1f471c25107c604eca7f946ce5d3c7aa8aef
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79
482433807103f15dad8318143af6ba55c622f1ddf55f96c48ee94eec290bd542
499fd452d0c76530699a1d03b508734a38483b2bbe7a2f10de99fc13ff5d3bcd
51ddf867355fc446dda0091dd9ec80dd0c91537dd1c753830e2da121ab25701a
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
599def166c18fbd60daecfe436285bad8e877d363829e1667d3d07a079617249
5b23f6441b68fac7620cb973eacceacb1113911ffe0e055881ecedcc4ed68a8e
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5e84b5ad837c4f2a1263415dc232c4778af102a8b39a0e35a69c4d9212550667
695ded92055a5eec51947f70df937051ffd4230b0751a7c4c4aee0635dc22764
6f76823029b88fb047e8543d42695099c62436416be76bff429278008e1def90
73d541e2ed020aefa6087e197df9d95c7428135e4a3fe73e5f52a38d3e5d81bb
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7fae27cb088352819cb4fbe07816270f1294939dff3064769d7116223a3c6724
8246375daa8f598303b2d037c5dd821d53ef40390fc8ed7c8f8b857365e370b4
8b577c5cc5ece13c5ee7ac048fd6f14c4d61ab160f9f688912ff6624249126ae
95202acb1dba479b44d42a18e4cc5cea755d755d6bfba29a6ebb9a46c63b7804
95c391cdda65f98d6b87382171e5b07e6159745694afd219baaf75299b8196da
99fbce7123b35814800708f9f0ae37bc569b9aaffa450e58dde8892e8a7b8c2b
a00bbd813a4ac07bd86d8e911348a107160c457456b7fc9b6e1d81b81762cb4c
a5d3c6335bd8b93aef690c403afe2f120040a736d7d992924f00ad4091c10e0e
a666b6ca4135c5ca3d6a5906c2c81e67afc6bfe0da68052e560df325bc1ce126
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3d3f05463b91dcb78f8c49bdef0f29ce2f53b398438700fc22f332539e5701f
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2
bf9bb2070156029d3b27a960d0ca8246d1582cffb91556e169591d040f2d2979
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
dc574843e89f4071ca09328194201370df7f866e5e2168e69927b3d523a443bf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0fcca3a5edf35a40436e5e2a5cab30b9f0fd52034b2657c44e7c4c16c20a6ca
e1e72aba0df357e6d5e6b8c3c33f867e45eb0512ecf8a98baf812768c9beb154
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cea375d9f0cccc69e6766bd4e78c4e153cf79a45bc72a24a7942fc77438e75
e6e49b875b3f6c994dd1566b98cf9e01ad1d1e61565e34ebeae5be6c81a0d563
e833a8bc6e68f33a53f5196ae14ba09c93283f24069d2735ad2391879dacc27b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f002ff9c0d681b3b3b4f145bada9948fa1e9410f567b4439231689805373863f
f77e3aa11e7890eb42476f8e29481cd1bc8d1e00236810c58711fe244b5e8ee7

gestion.pe Open in urlscan Pro 2a02:26f0:1700:16::b856:fbcb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

99 %HTTPS

44 %IPv6

25 Domains

33 Subdomains

34 IPs

5 Countries

1938 kBTransfer

5432 kBSize

45 Cookies

0 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gestion.pe Open in urlscan Pro
2a02:26f0:1700:16::b856:fbcb Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

99 %
HTTPS

44 %
IPv6

25
Domains

33
Subdomains

34
IPs

5
Countries

1938 kB
Transfer

5432 kB
Size

45
Cookies

78 HTTP transactions
1 data transactions