b2ln8d9cr.webcindario.com Open in urlscan Pro
5.57.226.202  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response b2ln8d9cr.webcindario.com/	55 KB 13 KB	234ms 81ms	Document text/html	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Full URL https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash a9930da88aaa2aabfd01d687f0d7cd0d725aa644f0a025084b326b541a8fa4b8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers content-encoding gzip content-type text/html date Mon, 11 Mar 2024 20:33:04 GMT server nginx vary Accept-Encoding x-powered-by Webcindario Hosting Service
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	146 KB 50 KB	260ms 113ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689 Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 19b2a61276ad2fa433bd17b5cfd8d8bc291af55cf55b62e48ffc54a05c35c1d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b2ln8d9cr.webcindario.com/ Origin https://b2ln8d9cr.webcindario.com accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51015 x-xss-protection 0 server cafe etag 13908620933766058717 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Mon, 11 Mar 2024 20:33:05 GMT
GET H2	200	style8f57.css b2ln8d9cr.webcindario.com/index_files/	26 KB 6 KB	148ms 148ms	Stylesheet text/css	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Full URL https://b2ln8d9cr.webcindario.com/index_files/style8f57.css Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash be73cab6c4c09afb515cd2c2b637cbfbd5d3ed3af0a8f6e153c6288684d5cdd3 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip last-modified Sat, 09 Mar 2024 22:04:21 GMT server nginx etag W/"65ecdce5-667d" x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/css
GET H2	200	css b2ln8d9cr.webcindario.com/index_files/	2 KB 831 B	149ms 148ms	Stylesheet text/html	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Full URL https://b2ln8d9cr.webcindario.com/index_files/css Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 746f782c9447db5963e3500ef52e75f3902bffca5738d90ed57d26e43ff23842 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/html
GET H2	200	css(1) b2ln8d9cr.webcindario.com/index_files/	664 B 440 B	149ms 148ms	Stylesheet text/html	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Full URL https://b2ln8d9cr.webcindario.com/index_files/css(1) Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/html
GET H2	200	css(2) b2ln8d9cr.webcindario.com/index_files/	5 KB 743 B	149ms 149ms	Stylesheet text/html	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Full URL https://b2ln8d9cr.webcindario.com/index_files/css(2) Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash ab7baab728cf4fa117cbdd177d0d2f148a69f6ae40859bd3ee5624b5387ca70b Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/html
GET H2	200	logo.png b2ln8d9cr.webcindario.com/index_files/	2 KB 2 KB	149ms 149ms	Image image/png	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Show image Full URL https://b2ln8d9cr.webcindario.com/index_files/logo.png Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash a11306b40a20c1d8d40e2746d1ee259b7556c00bcbc719e5e1065f02b7cc427c Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT last-modified Sat, 09 Mar 2024 22:04:20 GMT server nginx etag "65ecdce4-8ea" x-powered-by Webcindario Hosting Service content-type image/png accept-ranges bytes content-length 2282
GET H2	200	BNChat.png b2ln8d9cr.webcindario.com/index_files/	5 KB 6 KB	149ms 149ms	Image image/png	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Show image Full URL https://b2ln8d9cr.webcindario.com/index_files/BNChat.png Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 2e4ecfa7866203cf7f8f705c2c9fffa8cdeb3b11bea0cae4399f6bc974b07b6f Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT last-modified Sat, 09 Mar 2024 22:04:17 GMT server nginx etag "65ecdce1-15c3" x-powered-by Webcindario Hosting Service content-type image/png accept-ranges bytes content-length 5571
GET H2	200	/ Show response hosting.miarroba.info/	1 KB 1 KB	2157ms 2037ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hosting.miarroba.info/?__muid=&h=2161420&t=1710189184&k=5d5b6bd5db3ceadac012576990804be7 Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a462b60cedfa35226942fe7ffcade228be34f66a1565c633f8cfb7446339addc Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Mon, 11 Mar 2024 20:33:07 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 11 Mar 2024 20:33:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLPLwNeWDvoePVun4khCOoWrqtBHS4YkcTNcCtJXkLqG6QMMzERrTIrA9jz8xnzIeLJMHxhIhjZtdc%2Fg88upnnnXv2KWqbnC9UYJJ2eb%2Ff8%2FrG%2Fq%2FuejR6hCuv8wtfYDWvymERmb2TLvqiA21MQlMXH%2BlJI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=iso-8859-1 p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" cache-control no-cache cf-ray 862e51472e5e2156-MAD alt-svc h3=":443"; ma=86400 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	189 KB 69 KB	218ms 84ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8fb56d0cd3ba7baba91ab582935b0b54cdf3e5baec1db5c5d6babb20a40418c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70659 x-xss-protection 0 last-modified Mon, 11 Mar 2024 19:50:03 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 11 Mar 2024 20:33:05 GMT
GET H2	404	illustrationba1b.png b2ln8d9cr.webcindario.com/portal/illustration/	4 KB 4 KB	53ms 53ms	Image text/html	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Show image Full URL https://b2ln8d9cr.webcindario.com/portal/illustration/illustrationba1b.png?id=183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD&amp;rp=37d0e840-bdc3-e911-90f3-005056b6cfbb Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash e1bffffe3b0e2e3fb991222c4a420b7479e3a6336de204044463b6d8a73b342a Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip server nginx x-powered-by Webcindario Hosting Service vary Accept-Encoding content-type text/html
GET H2	200	fondo.jpg b2ln8d9cr.webcindario.com/images/bncr/	83 KB 84 KB	53ms 53ms	Image image/jpeg	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Show image Full URL https://b2ln8d9cr.webcindario.com/images/bncr/fondo.jpg Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/index_files/style8f57.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash a25ba1b157ec936592d10b603b83173744a279f8be236e4dc3f25aab9fbbd452 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/index_files/style8f57.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT last-modified Sat, 09 Mar 2024 22:04:14 GMT server nginx etag "65ecdcde-14d8f" x-powered-by Webcindario Hosting Service content-type image/jpeg accept-ranges bytes content-length 85391
GET H2	200	firma.png b2ln8d9cr.webcindario.com/images/bncr/	3 KB 3 KB	53ms 53ms	Image image/png	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Show image Full URL https://b2ln8d9cr.webcindario.com/images/bncr/firma.png Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/index_files/style8f57.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 52691c4f90034c90a93cb95cf2c62e8bfee3f2da454e5ad4195b89db97dfe446 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/index_files/style8f57.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT last-modified Sat, 09 Mar 2024 22:04:13 GMT server nginx etag "65ecdcdd-a10" x-powered-by Webcindario Hosting Service content-type image/png accept-ranges bytes content-length 2576
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v12/	18 KB 19 KB	196ms 63ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/index_files/style8f57.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b2ln8d9cr.webcindario.com/ Origin https://b2ln8d9cr.webcindario.com accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 23:40:59 GMT x-content-type-options nosniff age 593526 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18684 x-xss-protection 0 last-modified Tue, 07 Nov 2017 15:24:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Mar 2025 23:40:59 GMT
GET H2	200	css fonts.googleapis.com/	6 KB 2 KB	204ms 71ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Mar 2024 19:08:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Mar 2024 20:33:05 GMT
GET H2	200	css fonts.googleapis.com/	717 B 443 B	208ms 75ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Mar 2024 20:04:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Mar 2024 20:33:05 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 791 B	205ms 72ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400&display=swap Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b9b50ec9ef83d1f48b979dff1d18403586c56f14ea2c5ae02c29ac83bb0b1144 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Mar 2024 20:33:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Mar 2024 20:33:05 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	235ms 76ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 11 Mar 2024 19:38:42 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3263 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 11 Mar 2024 21:38:42 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	23 KB 9 KB	235ms 67ms	Script application/javascript	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding gzip etag "bvEECQq4Zy6gU9J/qv1O6Q==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Mon, 18 Mar 2024 20:33:05 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/	405 KB 137 KB	253ms 126ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7294310421616689&plah=b2ln8d9cr.webcindario.com&aplac=true Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e30e45d75c77b2350f57acba5b6982ea582707ac6d24d4ef4145d726eab93806 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140465 x-xss-protection 0 server cafe etag 17054337773368624956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 11 Mar 2024 20:33:05 GMT
GET H2	200	zrt_lookup_nohtml_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame EAF7	9 KB 4 KB	195ms 62ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b2ln8d9cr.webcindario.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers age 47877 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4155 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Mar 2024 07:15:08 GMT etag 5035419970550746386 expires Mon, 25 Mar 2024 07:15:08 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	rules-p-d5x2uDVHd7ALE.js Show response rules.quantcount.com/	160 B 642 B	242ms 81ms	Script application/javascript	2600:9000:20c3:3000:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:10:29 GMT via 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-C1 age 1357 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Thu, 13 Oct 2022 22:55:53 GMT server AmazonS3 etag "ceee564f54e512a948f918e2710eab6e" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id c-aeT9ku-Wu6CJbPkhXejsu4vAqv4xLotFShFZ0N0xdB-QRHFf0Xwg==
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 216 B	84ms 84ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=301972527&t=pageview&_s=1&dl=https%3A%2F%2Fb2ln8d9cr.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Banco%20Nacional%20de%20Costa%20Rica.%20Inicio%20de%20Sesion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=1209411221&gjid=1729849213&cid=463574044.1710189186&tid=UA-597118-7&_gid=499933698.1710189186&_r=1&_slc=1&gtm=45He4360n71T2VG59v72719937za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=245980386 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://b2ln8d9cr.webcindario.com/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 Mar 2024 20:33:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://b2ln8d9cr.webcindario.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 356 B	188ms 63ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-597118-7&cid=463574044.1710189186&jid=1209411221&gjid=1729849213&_gid=499933698.1710189186&npa=1&_u=YEBAAAAACAAAAC~&z=1703001492 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://b2ln8d9cr.webcindario.com/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 11 Mar 2024 20:33:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://b2ln8d9cr.webcindario.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ca-pub-7294310421616689 Show response fundingchoicesmessages.google.com/i/	183 KB 61 KB	246ms 96ms	Script application/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-7294310421616689?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7294310421616689&plah=b2ln8d9cr.webcindario.com&aplac=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eb3886e59eeca91b4795473471d51f3a47c7d6bfe19ab2adfab73ddef655afe8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-z6__mE8SHSS57QLZGNncpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:06 GMT content-security-policy script-src 'report-sample' 'nonce-z6__mE8SHSS57QLZGNncpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytHikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiHf4eLDwrZvOqgLEmuunswYCcczz6awpQOyUPoM1AIh96mewRgFx681zrJOB-NSC86yXgFiIm6Pp6t71bAIbDlwWBgBTUzHw" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel;r=629027373;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Fb2ln8d9cr.webcindario.com%2F;uht=2;fpan=1;fpa=P0-468251900-1710189185611;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gd... pixel.quantserve.com/	35 B 455 B	78ms 71ms	Image image/gif	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=629027373;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Fb2ln8d9cr.webcindario.com%2F;uht=2;fpan=1;fpa=P0-468251900-1710189185611;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=webcindario.com;dst=1;et=1710189185855;tzo=0;ogl=;ses=bc714548-dbc3-40f8-ba8e-48b4764c74f3;mdl= Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Mon, 11 Mar 2024 20:33:05 GMT attribution-reporting-register-trigger {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]} strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	233ms 93ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=463574044.1710189186&jid=1209411221&npa=1&_u=YEBAAAAACAAAAC~&z=2051815921 Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Mon, 11 Mar 2024 20:33:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.es/ads/	42 B 408 B	232ms 91ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.es/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=463574044.1710189186&jid=1209411221&npa=1&_u=YEBAAAAACAAAAC~&z=2051815921 Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Mon, 11 Mar 2024 20:33:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	AGSKWxWvcC0v272VzdeTwUP_AHicyzFNm1o5S38cs207U7XwKlU8MzcHIst0LkhUUWW9zLnNOY9U-mazLaC05r-5O9ZDkTtKeHv2dipHi9Q83EloixlTDbIctxZsskCg_O8xTQEPEgSW0A== Show response fundingchoicesmessages.google.com/f/	411 KB 60 KB	177ms 177ms	Script application/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWvcC0v272VzdeTwUP_AHicyzFNm1o5S38cs207U7XwKlU8MzcHIst0LkhUUWW9zLnNOY9U-mazLaC05r-5O9ZDkTtKeHv2dipHi9Q83EloixlTDbIctxZsskCg_O8xTQEPEgSW0A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMTg5MTg2LDIwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iMmxuOGQ5Y3Iud2ViY2luZGFyaW8uY29tLyIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksImVzIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.es.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMxDdpvM7cw7JBGhZxOU-xw1DC9HlQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ee07149634e33fb0d35a4c4e90e909433c03e417e8d5a1eb754b5f75cc9ea491 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IReZOJdyU-_jrAgVszb9kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:06 GMT content-security-policy script-src 'report-sample' 'nonce-IReZOJdyU-_jrAgVszb9kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiHf4eLDwrZvOqgLEmuunswYCcczz6awpQOyUPoM1AIh96mewRgFx681zrJOB-OSC86wXgViIh6Pp6t71bAIb9u9byggAh-IycA" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/	107 KB 6 KB	77ms 76ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.es.bwrMcs6ZcYg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzGhS_U8JtqQcCn5YlqbIVsFU6VZw/m=web_iab_tcf_v2_wall_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Mar 2024 20:33:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Mar 2024 20:33:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Mar 2024 20:33:06 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	64ms 63ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b2ln8d9cr.webcindario.com/ Origin https://b2ln8d9cr.webcindario.com accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 05 Mar 2024 00:50:53 GMT x-content-type-options nosniff age 589333 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 05 Mar 2025 00:50:53 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v140/	125 KB 126 KB	103ms 103ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b2ln8d9cr.webcindario.com/ Origin https://b2ln8d9cr.webcindario.com accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Mar 2024 05:34:50 GMT x-content-type-options nosniff age 485896 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Tue, 07 Mar 2023 19:51:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Mar 2025 05:34:50 GMT
POST H3	204	AGSKWxVgQsS5jir-HoYOfaWjO6-y21Numw6qjR5pmnNy3OcfdW6CpgzEsDI-2plmmnIywNXrm_Qudd6Jcew9-tJzF5CKJuW7T8mOAQ6oSM86uJ2Qg_ZIfYRZIoFagEzVKTaLw6pJWhODMA== Show response fundingchoicesmessages.google.com/el/	0 29 B	212ms 80ms	XHR text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVgQsS5jir-HoYOfaWjO6-y21Numw6qjR5pmnNy3OcfdW6CpgzEsDI-2plmmnIywNXrm_Qudd6Jcew9-tJzF5CKJuW7T8mOAQ6oSM86uJ2Qg_ZIfYRZIoFagEzVKTaLw6pJWhODMA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.es.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMxDdpvM7cw7JBGhZxOU-xw1DC9HlQ/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JVGNZ_UlWVgdSXKOqbqeGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://b2ln8d9cr.webcindario.com/ accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers date Mon, 11 Mar 2024 20:33:06 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JVGNZ_UlWVgdSXKOqbqeGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw1ZBiqGV4xtQKxDt8PFic0mewBgCxEA9H09W969kEJsy-uIMJAPTgDW0" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://b2ln8d9cr.webcindario.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	607f6b0b381bbc1f64fa027d62891072_cookie.php Show response hosting.miarroba.info/ Frame 4D5D	46 B 445 B	178ms 178ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php Requested by Host: b2ln8d9cr.webcindario.com URL: https://b2ln8d9cr.webcindario.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88 Request headers Content-Type application/x-www-form-urlencoded Origin https://b2ln8d9cr.webcindario.com Referer https://b2ln8d9cr.webcindario.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 862e5153ec222156-MAD content-encoding br content-type text/html; charset=iso-8859-1 date Mon, 11 Mar 2024 20:33:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2Bh71rKIM%2FdzUhgWq8UJxx7U0Dl9KZW2sBDycLRfYkSVXyyBsFqLUHtfp%2B9gWJuR%2FMQgZ2MkBZ8gV1TOenpyR5R%2FVCtZoxn9bfp5Du4mctCXw%2BgssHVezVryt8P7eE3keZOrLgXWQJhns2Ot9ELflYEmet4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 32 KB	77ms 77ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://b2ln8d9cr.webcindario.com accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 05 Mar 2024 06:41:12 GMT x-content-type-options nosniff age 568315 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 05 Mar 2025 06:41:12 GMT
GET H2	200	logo.png b2ln8d9cr.webcindario.com/images/bncr/	2 KB 2 KB	49ms 49ms	Image image/png	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Show image Full URL https://b2ln8d9cr.webcindario.com/images/bncr/logo.png Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash a11306b40a20c1d8d40e2746d1ee259b7556c00bcbc719e5e1065f02b7cc427c Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:07 GMT last-modified Sat, 09 Mar 2024 22:04:14 GMT server nginx etag "65ecdcde-8ea" x-powered-by Webcindario Hosting Service content-type image/png accept-ranges bytes content-length 2282
GET H2	200	BNChat.png b2ln8d9cr.webcindario.com/images/bncr/	5 KB 6 KB	49ms 49ms	Image image/png	5.57.226.202 SERVIHOSTING-AS A...
General Check archive.org Show headers Download Go to Show image Full URL https://b2ln8d9cr.webcindario.com/images/bncr/BNChat.png Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES), Reverse DNS Software nginx / Webcindario Hosting Service Resource Hash 2e4ecfa7866203cf7f8f705c2c9fffa8cdeb3b11bea0cae4399f6bc974b07b6f Request headers accept-language es-ES,es;q=0.9 Referer https://b2ln8d9cr.webcindario.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 11 Mar 2024 20:33:07 GMT last-modified Sat, 09 Mar 2024 22:04:13 GMT server nginx etag "65ecdcdd-15c3" x-powered-by Webcindario Hosting Service content-type image/png accept-ranges bytes content-length 5571

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Nacional (Banking)

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| dataLayer function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login string| Title string| LoginTitle string| urlBnMovilDefault string| urlIBDefault string| urlBNSDefault string| urlLostPassword string| urlLostPasswordBnMovil string| urlAffiliate string| urlAffiliateBnMovil string| urlApiToken string| urlCambioClave string| urlCambioClaveBNM string| indiceAuth string| indiceBNM string| indiceIB string| indiceBNS string| urlIBCDescarga string| rutabase string| urlLogo string| urlChatImg string| urlChat string| FooterSeccionLeftLogin string| FooterSeccionCenterLogin string| FooterSeccionRightLogin string| FooterSeccionLeftKeyBoard string| FooterSeccionCenterKeyBoard string| FooterSeccionRightKeyBoard string| FooterSeccionLeftOTP string| FooterSeccionCenterOTP string| FooterSeccionRightOTP string| Terms string| TermsUrl string| Privacy string| PrivacyUrl string| chatLink string| helpModal object| contentHtml undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| LoadTheme function| IsIB function| IsIBMovil function| IsBNS function| Signout function| ClearDomain function| CambioContrasena function| HideShowControl function| ElementExist function| WindowsRedirect function| ExistMFA function| DrawMFA function| ApplyCSSInput function| SetValueInput function| ControlFooter function| GetReturnUri function| GetParamts function| GetUsrName function| AppendLostPassword function| AppendCertificate function| AppendUserName function| InitControls function| LettersAndNumbers function| CertificateClick function| HelpClick function| ValidarErrorCert function| RestringirMoviles function| Close object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| mia_ga object| _qevents object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| quantserve function| __qc object| ezt object| _qoptions object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Njc2YmEyNzM3MGQ0MmI4OWxvYWRlcl9qcw== string| Njc2YmEyNzM3MGQ0MmI4OWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.b2ln8d9cr.webcindario.com/	1970-01-21 04:39:09	Name: _ga Value: GA1.3.463574044.1710189186
			.b2ln8d9cr.webcindario.com/	1970-01-20 19:04:35	Name: _gid Value: GA1.3.499933698.1710189186
			.b2ln8d9cr.webcindario.com/	1970-01-20 19:03:09	Name: _gat_UA-597118-7 Value: 1
			.quantserve.com/	1970-01-21 04:33:23	Name: mc Value: 65ef6a81-dc05c-c47e1-de1e4
			.webcindario.com/	1970-01-21 04:27:37	Name: __qca Value: P0-468251900-1710189185611

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://b2ln8d9cr.webcindario.com/portal/illustration/illustrationba1b.png?id=183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://b2ln8d9cr.webcindario.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.