apoyosgov.finanzaspersonales.info Open in urlscan Pro
149.28.13.247 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apoyosgov.finanzaspersonales.info/
Submission: On January 19 via api (January 19th 2024, 12:29:57 am UTC) from US — Scanned from US

Summary HTTP 102 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 12 domains to perform 102 HTTP transactions. The main IP is 149.28.13.247, located in Kent, United States and belongs to AS-CHOOPA, US. The main domain is apoyosgov.finanzaspersonales.info.
TLS certificate: Issued by R3 on January 16th 2024. Valid for: 3 months.

This is the only time apoyosgov.finanzaspersonales.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	149.28.13.247 149.28.13.247	20473 (AS-CHOOPA) (AS-CHOOPA)
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4008:c1b::78	15169 (GOOGLE) (GOOGLE)
1	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1	172.64.151.202 172.64.151.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1	23.56.213.52 23.56.213.52	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	2600:1f18:445... 2600:1f18:445b:903:18f4:4b22:4678:cd8a	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:1f18:445... 2600:1f18:445b:902:2f7a:d312:2bf4:737f	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.251.40.198 142.251.40.198	15169 (GOOGLE) (GOOGLE)
3	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:445... 2600:1f18:445b:900:f333:8b0:1a1e:136f	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::ac40:9111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
2 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
102	26

23 149.28.13.247 (Kent, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.13.247.vultrusercontent.com

apoyosgov.finanzaspersonales.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80e::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:823::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80e::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4008:c1b::78 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.202 (United States)

ASN13335 (CLOUDFLARENET, US)

dvrtr.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:817::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.213.52 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-213-52.deploy.static.akamaitechnologies.com

s-static.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:445b:903:18f4:4b22:4678:cd8a (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)

s.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:445b:902:2f7a:d312:2bf4:737f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

tpsc-video-ue.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2002 (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:900:f333:8b0:1a1e:136f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtr.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9111 (United States)

ASN13335 (CLOUDFLARENET, US)

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	139 KB
23	finanzaspersonales.info apoyosgov.finanzaspersonales.info	326 KB
19	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	242 KB
12	gstatic.com fonts.gstatic.com csi.gstatic.com	95 KB
9	innovid.com 3 redirects dvrtr.innovid.com — Cisco Umbrella Rank: 8266 s-static.innovid.com — Cisco Umbrella Rank: 2535 s.innovid.com — Cisco Umbrella Rank: 2300 ag.innovid.com — Cisco Umbrella Rank: 2226 rtr.innovid.com — Cisco Umbrella Rank: 2102	36 MB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	104 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	137 KB
4	doubleverify.com tpsc-video-ue.doubleverify.com — Cisco Umbrella Rank: 2713 vtrk.doubleverify.com — Cisco Umbrella Rank: 1761	670 B
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	266 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
102	12

	Domain	Requested by
23	apoyosgov.finanzaspersonales.info	apoyosgov.finanzaspersonales.info
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com apoyosgov.finanzaspersonales.info imasdk.googleapis.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
10	securepubads.g.doubleclick.net	apoyosgov.finanzaspersonales.info securepubads.g.doubleclick.net 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
7	csi.gstatic.com	imasdk.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	googleads.g.doubleclick.net	1 redirects
3	dsum-sec.casalemedia.com	2 redirects
3	tpsc-video-ue.doubleverify.com
3	ag.innovid.com
3	s.innovid.com	3 redirects
3	fonts.googleapis.com	apoyosgov.finanzaspersonales.info 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2	ade.googlesyndication.com
2	ad.doubleclick.net	1 redirects
2	imasdk.googleapis.com	893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
2	893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	vtrk.doubleverify.com
1	rtr.innovid.com
1	s-static.innovid.com
1	dvrtr.innovid.com	imasdk.googleapis.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	apoyosgov.finanzaspersonales.info
102	27

This site contains no links.

Subject Issuer	Validity	Valid
apoyosgov.finanzaspersonales.info R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
dvrtr.innovid.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.innovid.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-17` - `2024-02-19`	a year	crt.sh
*.doubleverify.com Starfield Secure Certificate Authority - G2	`2023-08-25` - `2024-09-25`	a year	crt.sh
vtrk.doubleverify.com E1	`2024-01-07` - `2024-04-06`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://apoyosgov.finanzaspersonales.info/
Frame ID: 269DB2D56515AB0875A27E8260546C6F
Requests: 40 HTTP requests in this frame

Frame: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 14285DC393AFCDBBE11AB37575C94632
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FE7CD3030F49DD054142A1A80069B50
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D92AD6EC029C8803C939F7AD2B2D25B
Requests: 2 HTTP requests in this frame

Frame: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3664A8604E61AA647C7CCE6CD538A039
Requests: 41 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 5461E0BA60E1F2D48AFDC9BA0789EFE0
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 16CF0995568D8A373CB2BC18CED8804D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Apoyos y Ayudas en Estados Unidos -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

102
Requests

94 %
HTTPS

63 %
IPv6

12
Domains

27
Subdomains

26
IPs

3
Countries

38157 kB
Transfer

40258 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=play&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=play&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0

Request Chain 85

https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7=$%7BBUNDLE_ID%7D;dvs8=$%7BCREATIVE_ID%7D;dvs9=$%7BINSERTION_ORDER_ID%7D;dvs10=$%7BPUBLISHER_ID%7D;dvs11=$%7BUNIVERSAL_SITE_ID%7D;dvs12=$%7BEXCHANGE_ID%7D;dvs13=1120300705;dvs14=1120300705;ord=1705624192222;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_pre=CKjEh6GZ6IMDFWUKaAgdKDAGkQ;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7=$%7BBUNDLE_ID%7D;dvs8=$%7BCREATIVE_ID%7D;dvs9=$%7BINSERTION_ORDER_ID%7D;dvs10=$%7BPUBLISHER_ID%7D;dvs11=$%7BUNIVERSAL_SITE_ID%7D;dvs12=$%7BEXCHANGE_ID%7D;dvs13=1120300705;dvs14=1120300705;ord=1705624192222;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;;ltd=;dc_tdv=1

Request Chain 89

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=init&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=init&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0

Request Chain 94

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKHdmZYEEKOs9pkEGNK5_4ECIAEwAQ&v=APEucNV6zWitjkwh0t3dVZl1TNAFIFatwdsmMvtUNn6qas2QV9L1lpiC26seEBwLs6XQcPsrcdutYNXDgp94qbNdhUK1UGRQXo_zFJrpTeFs_1EeelA9Go4 HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZanCgDzcP8XqxUhu7lOIHgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6DjrI8fmIbxhQcbDdvNdU&google_cver=1

Request Chain 101

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0

102 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
apoyosgov.finanzaspersonales.info/ 335 KB
61 KB 347ms
139ms Document
text/html 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 7d94b224ce185d1e83c260cdf3a78cd6dbb8d659f6f86e7c810ef17da5a500da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 8199
cache-control: max-age=0, s-maxage=2592000
cache-provider: CLOUDWAYS-CACHE-DE
content-encoding: gzip
content-length: 61987
content-type: text/html; charset=utf-8
date: Fri, 19 Jan 2024 00:29:50 GMT
expires: Thu, 18 Jan 2024 22:13:11 GMT
last-modified: Wed, 17 Jan 2024 20:01:40 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 cv.css
apoyosgov.finanzaspersonales.info/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 84 KB
13 KB 80ms
78ms Stylesheet
text/css 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=3.6.2
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 73a00c376a59d1087afa04e96e25f7ba9c3901aab74447353753a3eef42395ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-15198"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 main.min.css
apoyosgov.finanzaspersonales.info/wp-content/themes/astra/assets/css/minified/ 41 KB
8 KB 91ms
90ms Stylesheet
text/css 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.5.0
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 4c0561c2c4810cbb09911bc45252c68724f181aa5bd16455493e31d2bfeba8b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-a235"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 38ms
21ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%7CMontserrat%3A600%2C700&display=fallback&ver=4.5.0

Requested by

Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbb4d05ac474f1b451ce2b307eee201d3ea6bc55b28829ec29bdf1613b2120d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 00:29:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 00:29:50 GMT

GET
H2 200 style.min.css
apoyosgov.finanzaspersonales.info/wp-includes/css/dist/block-library/ 107 KB
14 KB 106ms
105ms Stylesheet
text/css 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:20 GMT
server: nginx
etag: W/"65a2a944-1add3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 styles.css
apoyosgov.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 107ms
106ms Stylesheet
text/css 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-b4e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 contact-form-7-main.min.css
apoyosgov.finanzaspersonales.info/wp-content/themes/astra/assets/css/minified/compatibility/ 882 B
584 B 111ms
110ms Stylesheet
text/css 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=4.5.0
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-372"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 astra-addon-65a7d109ebc031-46518339.css
apoyosgov.finanzaspersonales.info/wp-content/uploads/astra-addon/ 49 KB
7 KB 115ms
114ms Stylesheet
text/css 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/uploads/astra-addon/astra-addon-65a7d109ebc031-46518339.css?ver=4.6.1
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 1e0fe529f9085f147cabaa9078c5c16035a817810fc3a84813b66de0e06fe8c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 13:07:21 GMT
server: nginx
etag: W/"65a7d109-c2b4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
BLOB 200
OK c9fa6143-8073-4f63-8f4e-bfaf7beae2b0
https://apoyosgov.finanzaspersonales.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://apoyosgov.finanzaspersonales.info/c9fa6143-8073-4f63-8f4e-bfaf7beae2b0
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 breeze-prefetch-links.min.js Show response
apoyosgov.finanzaspersonales.info/wp-content/plugins/breeze/assets/js/js-front-end/ 1 KB
791 B 89ms
87ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.1.3
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: e5d4061f5fe454acda1a4e4152afe3bc06966a941eb3c1eaf1f0d4b1c51b401f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-476"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
apoyosgov.finanzaspersonales.info/wp-includes/js/jquery/ 86 KB
30 KB 104ms
103ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:20 GMT
server: nginx
etag: W/"65a2a944-15601"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
apoyosgov.finanzaspersonales.info/wp-includes/js/jquery/ 13 KB
5 KB 116ms
115ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:20 GMT
server: nginx
etag: W/"65a2a944-3509"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 59ms
41ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VQXP1YQYSW

Requested by

Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f3cea92a9df11a15e1e7776c16438cc8f84638040a71784452121af017fd00c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93535
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jan 2024 00:29:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 109ms
63ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d52a65ab7f3300e13e5fc813240c7ef63ac3f12edc861fba439815de15871a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29422
x-xss-protection: 0
server: cafe
etag: 587 / 19741 / 31080521 / config-hash: 4827389799172652304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 00:29:51 GMT

GET
H2 200 cropped-SUBSIDIOS-USA@4x-262x49.png
apoyosgov.finanzaspersonales.info/wp-content/uploads/2024/01/ 8 KB
8 KB 119ms
118ms Image
image/png 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/uploads/2024/01/cropped-SUBSIDIOS-USA@4x-262x49.png
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 0f5b8f66d9e8b3c0bb39bba1d77e328a9c0e46564271c373a624590a6437f18c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
last-modified: Wed, 17 Jan 2024 13:07:21 GMT
server: nginx
etag: "65a7d109-1e3a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7738

GET
H2 200 Agregar-un-titulo-43.webp
apoyosgov.finanzaspersonales.info/wp-content/uploads/2024/01/ 44 KB
44 KB 133ms
132ms Image
image/webp 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/uploads/2024/01/Agregar-un-titulo-43.webp
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 3b911ac824a9e7ccd48b5804a92a17d0af5a336992da33637380c25858790759

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:50 GMT
last-modified: Tue, 16 Jan 2024 13:54:09 GMT
server: nginx
etag: "65a68a81-ae9e"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 44702

GET
H2 200 corazonh.png
apoyosgov.finanzaspersonales.info/wp-content/uploads/2023/11/ 7 KB
7 KB 87ms
85ms Image
image/png 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/uploads/2023/11/corazonh.png
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 769c6211eb1a26c89fa3d8a63371b2ea75294fd5b16a1ed2a90fd8f5878de7d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
last-modified: Sat, 13 Jan 2024 15:16:12 GMT
server: nginx
etag: "65a2a93c-1aef"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6895

GET
H2 200 magamenu-frontend.min.css
apoyosgov.finanzaspersonales.info/wp-content/plugins/astra-addon/addons/nav-menu/assets/css/minified/ 0
137 B 71ms
70ms Stylesheet
text/css 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/astra-addon/addons/nav-menu/assets/css/minified/magamenu-frontend.min.css?ver=4.6.1
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: "65a2a943-0"
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 0

GET
H2 200 frontend.min.js Show response
apoyosgov.finanzaspersonales.info/wp-content/themes/astra/assets/js/minified/ 21 KB
5 KB 74ms
69ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.5.0
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 2377c2205879b110ce07f581eedb383a2a4ea93d7473a4bc3ee1440c69cf0db2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-52bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
apoyosgov.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 74ms
70ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-2b6d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
apoyosgov.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 81ms
78ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-337e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 cv.js Show response
apoyosgov.finanzaspersonales.info/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 23 KB
7 KB 85ms
81ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=3.6.2
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 6b11c97fa853df89bf95f02a0668d1c340482ac24cef8bffc25c8a25fa7d262b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-5b7b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 astra-addon-65a7d109ec8be9-42985394.js Show response
apoyosgov.finanzaspersonales.info/wp-content/uploads/astra-addon/ 37 KB
7 KB 87ms
84ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/uploads/astra-addon/astra-addon-65a7d109ec8be9-42985394.js?ver=4.6.1
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: a0520951344a0a82548f72736baa2072e965cfdaeb51f397b3a5901b1024a406

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 13:07:21 GMT
server: nginx
etag: W/"65a7d109-93f1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 float.js Show response
apoyosgov.finanzaspersonales.info/wp-content/plugins/gtranslate/js/ 22 KB
7 KB 87ms
86ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/gtranslate/js/float.js?ver=6.4.2
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:19 GMT
server: nginx
etag: W/"65a2a943-595e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 27ms
9ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%7CMontserrat%3A600%2C700&display=fallback&ver=4.5.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apoyosgov.finanzaspersonales.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:45:41 GMT
x-content-type-options: nosniff
age: 6250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 22:45:41 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 22ms
5ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%7CMontserrat%3A600%2C700&display=fallback&ver=4.5.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apoyosgov.finanzaspersonales.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 01:48:29 GMT
x-content-type-options: nosniff
age: 81682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 01:48:29 GMT

GET
H2 200 cropped-SUBSIDIOS-USA@4x-2048x383.png
apoyosgov.finanzaspersonales.info/wp-content/uploads/2024/01/ 81 KB
81 KB 75ms
74ms Image
image/png 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/uploads/2024/01/cropped-SUBSIDIOS-USA@4x-2048x383.png
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 0b0f17d668648bcd5d38c310489bbb6888621439eaa58ab7c7cd590d2d8f0c59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
last-modified: Wed, 17 Jan 2024 13:07:21 GMT
server: nginx
etag: "65a7d109-1429e"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 82590

GET
H2 200 es.svg
apoyosgov.finanzaspersonales.info/wp-content/plugins/gtranslate/flags/svg/ 47 KB
8 KB 72ms
71ms Image
image/svg+xml 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apoyosgov.finanzaspersonales.info/wp-content/plugins/gtranslate/flags/svg/es.svg
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: b46849a7e0fd7bdf03ff8d742b44f1ff83d1cbe831b9c9d99e858d644fbc478e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:12 GMT
server: nginx
etag: W/"65a2a93c-bbd9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
apoyosgov.finanzaspersonales.info/wp-includes/js/ 18 KB
5 KB 72ms
72ms Script
application/javascript 149.28.13.247
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://apoyosgov.finanzaspersonales.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.28.13.247 Kent, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.13.247.vultrusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
last-modified: Sat, 13 Jan 2024 15:16:20 GMT
server: nginx
etag: W/"65a2a944-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
www.google-analytics.com/g/ 0
266 B 35ms
17ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VQXP1YQYSW&gtm=45je41a0v9175460298&_p=1705624190988&gcd=11l1l1l1l1&dma=0&cid=320771791.1705624191&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705624191&sct=1&seg=0&dl=https%3A%2F%2Fapoyosgov.finanzaspersonales.info%2F&dt=Apoyos%20y%20Ayudas%20en%20Estados%20Unidos%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=703
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VQXP1YQYSW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apoyosgov.finanzaspersonales.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/ 429 KB
135 KB 5ms
3ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d9faf92d5031707ade900a893ce95d561540cf4e8df13ccecfe2ee9c63dde01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21231
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137892
x-xss-protection: 0
server: cafe
etag: 15922169668158481824
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 17 Jan 2025 18:36:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
645 B 538ms
537ms Fetch
text/plain 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3180173731076470&correlator=4401510264384664&eid=31080521%2C31079962%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fif&iu_parts=22795378465%2Capoyosgov.finanzaspersonales.info%2CApoyosgov_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1705624191313&lmt=1705521700&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fapoyosgov.finanzaspersonales.info%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=320771791.1705624191&ga_sid=1705624191&ga_hid=96992058&ga_fc=true&dlt=1705624190826&idt=445&cust_params=id_post_wp%3D22&adks=2384267165&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

917389c42f0b39a53712cbf0d297cdeb21d8158644be48d1836d4ed640a6a87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 614
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://apoyosgov.finanzaspersonales.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 93 KB
29 KB 254ms
254ms Fetch
text/plain 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3180173731076470&correlator=4401510264384664&eid=31080521%2C31079962%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fif&iu_parts=22795378465%2Capoyosgov.finanzaspersonales.info%2CApoyosgov_Anchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=1&sc=1&cookie_enabled=1&abxe=1&dt=1705624191324&lmt=1705521700&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fapoyosgov.finanzaspersonales.info%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=320771791.1705624191&ga_sid=1705624191&ga_hid=96992058&ga_fc=true&dlt=1705624190826&idt=445&cust_params=id_post_wp%3D22&adks=351927301&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc3ee706b8ccec9c89019fd52f20be1712bdd676cb9c19306cf51698d0866a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29166
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://apoyosgov.finanzaspersonales.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
15 KB 841ms
840ms Fetch
text/plain 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3180173731076470&correlator=4401510264384664&eid=31080521%2C31079962%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fif&iu_parts=22795378465%2Capoyosgov.finanzaspersonales.info%2CApoyosgov_Content1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C250x250%7C300x250%7C336x280&fluid=height&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705624191329&lmt=1705521700&adxs=325&adys=215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fapoyosgov.finanzaspersonales.info%2F&vis=1&psz=950x35&msz=950x0&fws=4&ohw=1600&ga_vid=320771791.1705624191&ga_sid=1705624191&ga_hid=96992058&ga_fc=true&dlt=1705624190826&idt=445&cust_params=id_post_wp%3D22&adks=4068790068&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12e7ea5a8bfae7a245e45be8e77b6fc144d60b3a3e40d1944ce014d441333326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14984
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://apoyosgov.finanzaspersonales.info
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1428 6 KB
3 KB 68ms
16ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apoyosgov.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 00:29:51 GMT
expires: Sat, 18 Jan 2025 00:29:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/ 40 KB
14 KB 8ms
8ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl_page_level_ads.js?cb=31080521

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37fccb1c28e7bf54c11bec26a3ba55cc10f901b138fbd21aad32ef3578229da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 10:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50965
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13860
x-xss-protection: 0
server: cafe
etag: 12722142586417172404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 17 Jan 2025 10:20:26 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 684 B
322 B 968ms
968ms Fetch
text/plain 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3180173731076470&correlator=4401510264384664&eid=31080521%2C31079962%2C31079724&output=ldjh&gdfp_req=1&vrg=202401170101&ptt=17&impl=fif&iu_parts=22795378465%2Capoyosgov.finanzaspersonales.info%2CApoyosgov_Content2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C250x250%7C300x250%7C336x280&fluid=height&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705624191358&lmt=1705521700&adxs=385&adys=826&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fapoyosgov.finanzaspersonales.info%2F&vis=1&psz=830x35&msz=830x0&fws=4&ohw=1600&ga_vid=320771791.1705624191&ga_sid=1705624191&ga_hid=96992058&ga_fc=true&dlt=1705624190826&idt=445&cust_params=id_post_wp%3D22&adks=3466604491&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9dd2f4ea5a90f2a3aa92da7a88c8286d8fc3e7ee07c832fc8acd28189618fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://apoyosgov.finanzaspersonales.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 51ms
34ms XHR
application/json 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edec49016eb591c4f49c2a9cca5ceca54d9cb3c209c0647f450b26a2d39beb0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12084
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 68ms
49ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 00:29:51 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FE7 13 KB
5 KB 8ms
3ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apoyosgov.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 31039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 15:52:32 GMT
expires: Fri, 17 Jan 2025 15:52:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D92 829 B
1 KB 40ms
24ms Document
text/html 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a674f2e82c4469fee46c57419263256e7307822f714a317210eee3b98b60d80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8yillVZDAmhHKn3yIG2zPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apoyosgov.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8yillVZDAmhHKn3yIG2zPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 00:29:51 GMT
expires: Fri, 19 Jan 2024 00:29:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3664 6 KB
3 KB 6ms
4ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apoyosgov.finanzaspersonales.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 00:29:51 GMT
expires: Sat, 18 Jan 2025 00:29:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/ Frame 3664 23 KB
9 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/abg_lite_fy2021.js

Requested by

Host: 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
URL: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3664 8 KB
846 B 20ms
20ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
URL: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 00:15:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 00:29:51 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame 3664 15 KB
3 KB 65ms
8ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.css

Requested by

Host: 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
URL: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:46:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 14:19:33 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame 3664 378 KB
131 KB 66ms
9ms Script
text/javascript 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Requested by

Host: 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
URL: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 23:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134337
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:46:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 23:05:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 3664 20 KB
8 KB 7ms
7ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
URL: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:28:18 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FE7 39 KB
15 KB 17ms
5ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 16:19:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D92 0
0 39ms
38ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401170101&jk=3180173731076470&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7FE7 0
10 B 13ms
12ms Image
text/plain 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZBp76g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3664 0
225 B 598ms
186ms Ping
image/gif 2404:6800:4008:c1b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrjwlta7&c=6247118009793&slotId=3123559004896.5&qqid=CKSzsKCZ6IMDFUebgwgd0d0PPg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::78 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3664 15 KB
16 KB 4ms
4ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:23:39 GMT
x-content-type-options: nosniff
age: 21972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 18:23:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3664 15 KB
15 KB 4ms
4ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 05:28:25 GMT
x-content-type-options: nosniff
age: 68486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 05:28:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3664 0
20 B 36ms
36ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C-v5Qf8KpZeT3Fse2jvQP0bu_8APfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnGqYvApNgPyAEFqAMByAObBKoEnAJP0HIpePzILzfQSmEs3-woqdJFdhhX-Wx6I7_UCmr80mjkRUnekpPfj2hYntab1qmnhwD9aUDBEkZd4G2p17izpfVsrpH0XVq0Y6sRgKoS7LtEnYkLa-Fb2A7nCwYgbAytfbbzwRH3cW5fnaQvEWIzow2dzujDmPfm9G9taw0PP3fmDswUiBcmAdw7S1dY0gGtZpsqc8Tt9dRWaxk7heSVnlCKwyP10LMi9Bd5VJd4yWvyYzBvz3p6AzGAqLfn2g6d9QyBP8w9Ol1YMrWOrcvLnnw44rMXRjU5_BeCv4zw9TPEbjplpeK3IbBChgTYHfld4E4GDIR4FgVNGHtrnG1b_vQ4k81_JSia4yM9ifPejVviWyDUa2Mf6OtO6sAEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliYqa-gmeiDA4AKA8gLAeALAYAMAaoNAlVT4g0TCJfMr6CZ6IMDFUebgwgd0d0PPrATsImIFsgTkbCN5APYEwqIFAHYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1705624191891&ai=C-v5Qf8KpZeT3Fse2jvQP0bu_8APfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnGqYvApNgPyAEFqAMByAObBKoEnAJP0HIpePzILzfQSmEs3-woqdJFdhhX-Wx6I7_UCmr80mjkRUnekpPfj2hYntab1qmnhwD9aUDBEkZd4G2p17izpfVsrpH0XVq0Y6sRgKoS7LtEnYkLa-Fb2A7nCwYgbAytfbbzwRH3cW5fnaQvEWIzow2dzujDmPfm9G9taw0PP3fmDswUiBcmAdw7S1dY0gGtZpsqc8Tt9dRWaxk7heSVnlCKwyP10LMi9Bd5VJd4yWvyYzBvz3p6AzGAqLfn2g6d9QyBP8w9Ol1YMrWOrcvLnnw44rMXRjU5_BeCv4zw9TPEbjplpeK3IbBChgTYHfld4E4GDIR4FgVNGHtrnG1b_vQ4k81_JSia4yM9ifPejVviWyDUa2Mf6OtO6sAEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliYqa-gmeiDA4AKA8gLAeALAYAMAaoNAlVT4g0TCJfMr6CZ6IMDFUebgwgd0d0PPrATsImIFsgTkbCN5APYEwqIFAHYFAHQFQH4FgGAFwHoFwU

Requested by

Host: 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
URL: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3664 0
45 B 582ms
186ms Ping
image/gif 2404:6800:4008:c1b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrjwltat&c=6247118009793&slotId=3123559004896.5&qqid=CKSzsKCZ6IMDFUebgwgd0d0PPg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.g5&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::78 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3664 27 KB
18 KB 96ms
48ms XHR
text/xml 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CLonY0EPJ9O5c3jWhYIoK8YYVxa9VHQCpdPGsPI8IEVyGlCd0kn9D8OFyZfGBD2DPvXMeXnbG__JIIqK0EOaXQmlbjGQ&cry=1&dbm_d=AKAmf-BvLsgiIbJPJq0w8qbKiDvEto5nqAruNNx8bPVOnxkSal-k02W47Fov3nv68frQrm7SJCqjG8Xj_riqfpmEIymfGoDTQMLSGNdx7yH9VHgLo20ZyM1sS8sqz-U6EIvqeSHuNOl_1HFItkT8-r5wCNThZ1ANoGJ8Ecc8qDbw12L3hjVgTE3X9pb7w_Tn7OKKnlbDwsnUBTcfPWOU0J46B5IrpNAwET_0DF3BleYIgfSK89zJGNaQeeH8Q0arc6va-HQum9HxsjD0QcrFZyh0NxFh4IfjJX6mtjemL24fHmcocMwzIiMjMLp9earg0vc9ksRxYTYgBrQMF9yITj4lZjtFsuub7joFU1QnV26iR8asWb6lYosZroDZfxzwZpv9BbKXHLHND97UytwyA1pEizhG-H2WTACtcN7nfVqUdtRqRlp1SnzSlLKNYVIoj2yfd30by3coy2pzsjsH2FftN3mvE-3fYxEojSSRfmBgMfT4bfcNFGSKTIE8Y5XanDMvlTCsoSeDQXaRglb83lQEBNE-D-iqBfiGE1qOqYBHzAs7CXBesn6QdDQmjQRWRr73UvNpQMXW4s3_4SiuqtdVnHr0PcwUqjOsUN5Z2YlN2tcjECRzLwgkc9R2NYBLETqN-h2EMCQODPRzIiSAMqJbJrdmiVkwzw35Mw2QOi9liHwIJEMG0ozITx29OTBN7wgxqO7vmLhQPhdQUX4mN3vvwoE4AOfloTMvaY8-jlKoxGIiBzKoDNegxoQuBcjAJ30-wBIVr3c6pibOM1pdmSi1plIFNBbU6mxwhBtMIZcauHjl3dGEAf1cVurkS5BBtDe9iPx3YTUcIStFNKcZ2nSzatPBczGDYpGZI2LEmQ18mwYBlsZiN4Ujyz9leAgCzItz2AyN-yMMJoGWqXCAVscW5DnMkixP3mCMTqjR_emYS9QhDbF3P0BLmDaSNUk1V_D_-wpO0ojjALfuREfPtIzWaVHgwuipbv8XFTj99RMM8lYA96ST28p9rcahuhDh1skYluhBmFF96fUERqGAJyUvl__ZAjAbv5QN2j6WgLt_pAuv4b8O6-0jzNlsySg42Y-iT5iv8OllRmNidLJOIhDXvAK1KuXhYs5V4cKhL_jjIkRzi92ZYJkLbKPtK8oxzvNoMF69Kh_SvmxtDvfOm92VbhfedbX8jPOA8tMrSpcX8lQqpwbd86QNL3g9d_yDHcQ2DZpiRG3U2Sj4iS_I-ZlPJe8dvRG1tgbkaAT7H7_N3LAdTqBZdXqewAr5Rq2e3K1XUB60wqtWecE4RRlp8gkIeo8shx7UL4OgH3RNtjPKn6ud2Q7pttAFGFUVaQQuiiu32z-OkWuv9sS_dsX020aZpP1QVb4bIN-uZPUEaT1bKaDNQT8IxKnUfc6GjQ__uPobt_VMOEBWUutDKDmWxO3PcrunwUkTtaheZUcT1oZBUxLjN6Z3m_WbPID88Yn7kPL5jTqQXr7z5c8bJarma-YJ-cEr4dGpPu7PMZv7bmFCt5L3cbBwZQ0xCzFRgG0I5HxbDKi5O0Ft4BA2cNbatB9gCZF5JZ4O4WB5uz_6x4Tgulh8pqjADWv6zvig_8fZZcBc_zn1Ex1sdA5KCL8bAgR7HAIlwEfr3wfxoKmJL0O10yHDJZZD1gP6MldK0x59h4XoKSyDqdF17P6IOLsTgrKH-YZ1M4szq93tehIczVewiN5-zj7ROOONVaJrSieNVx9HquNrL1iTzd9B6aZx48iDs2L7_m2uLMGtdLpWfU6UI9OtoX2bcLfXPvxyc-6AmHazhKsjjIfA_EC5Jy2x9KdLAd6vioe-pYR30S07g-5A9GDy64_ta9ZCGMjra9sJp-3v97Z2PJLXGxUl6q9QMjAA9HPrhF1RZtO5S8LPtJJcVu7eJYNGMXG0iwcE3cJ2RwOnUcy87diVkaKQsSohOZBV3RuUsh2S835EjNI5NUhzMhNcOlntCI34YJk8tgefyQ3r3R53lrFXyH3y5_6vDIsOTpEsdAbfutNOl_7gU_qiwVEdX8xfTE3LbjPCzkzJm47vMhvgB1NUNCImEgwlw2nxZOWF5qsDG8cjAGPTN2mho2xMQOLy1tA8zpQZL4wkqBvz4Hux-7cdbQGT3XGJoSAzns7JXM7SPmA9NvLDV0oTDir2ZvCoXXyoZoaMGhizvjT6uh54D-yd4hJEpY_3kBOI8yychFMfojOZ6Hecz4X7J5DLkzCInOw7dJvK6W1bN5IZFtFmiguUKr4SBh3EMBjJ_JNVA3TDwRCw7o-W4P5nbgHeDRFK8jw6J_cipHw1capRMcoviH49HKc9cBcU21GW4cEehJYF0WGHrRBClVIFSNreyzIdHKwg7FpbJvVVlMICxahMuKKPdH0J3hom0f5g7mvjR4Vcozbq0_uFYuzX0-HVXec0VSP0b5yVl6CNvgiBEfoQp1FPxgLrxMw3bqgKQ88xcT3lJpG7Os6usjRAwI7hH008jA1WAN7ub95b0GPMkU2TIAmhuQkIajjLi8LuHUflQN_YwYkjhCPvBl9cfGlgrVa7vgh0KnArT9KMVbjolEHfnVFYZE9zP5czbdF8ZSukwyImjaY87r9hiUNSF4lddy_GxemZwMpCyOob3chZ3LBTMhs8ZjUq-_KaOsj9pPw7GyVSRVSHwAdYeEH6JeiHY4sVwfg077kJwo-e4PwUDkelnNjuPbvJ0Q3EOsopFvmgOdQd4IA9TEyCsKt1iubMAww7k2wgNN08mph2YqCxCQvubW5VdLaxNtNlRTWph9clK43Maeqs4aBLjvRYi85pMhpPOknSM9tpy4EYuwiNrvwF1KajW-ivp_s-DhfkLidRPpUQto2HK4RUJDtkmBfHCB8NghnqPyCcozS-lmd0YpQQ-7Dl-5F2NxZREtS64ghNBKMKbGJsKMy9GimXRK1NezTUaHFc8vqzjkgKe3hNxCAu-CYnJCkOtJThCrh9uj8r2_Y0uFwB0F49UYh3OuwWpAkYUivlzozBjKuBmpYvm0E7LkH12GiKVg6a33UFit2tc6Q2vmGo6g4c5kGThPADpv_HuXk-w5UEZfNmryXT8LtEVHJZR2FTyT2t3820u7rC7CNfvV0UWqh_d4QV0MWatsb0WCFwVM1lN5JPFpEt0On9gkEkhhLjGLNFBxZYBrna4zgIPIi9qDz-02B83xgHWq8NovQq1PPlcE09ErVLWhDHkDvVkigrIDFN_Ww6Xk-grsws8Ilw1A2-DHkwjOzxFRJnGnb7_K9fz4zZHdYRnXv7Ox1gbDeIXrYernOzaZRotsCJsQ5bci3xZqwm5nVsOiiPz_mIRkHk5Dk116uZrlMLIPpm6BMD2PIV5j1hHtJNcvq-2433cMyTK32vfNtKJdCtC6iVGwGnhv3z718mxhifpNHxrBwPg-gu-9H5W10E8hGjt99i7vCqy2bPfK4AsvOxbka8j8SCSrYG9e0GQ85eHuBG6mTEtmfqujIQoohL2NllFfmwqOnSkesMQ-7oF49CS0gtN1CjX2MBnTP56gRajRc5EQxkukCt7RqtcorReYuvNUNUPXY4GG4OLGqJ8LBViS3NFRJMDNYsIlffwRJxp7-Yl6_a3IIw0MLZVV25SED5v197QKampiYAu30ktS3eBIyb7BaSgnXExwTR4aohSp5lNzV9JjjTEE6EV7LYCmgxOJ1DG7BjryuJvsw8gYRRQmaOx4XrIhxbEJClwOBhKbcHSLJEnKMxOKyMSgAFXCcxLvoXvnwZkqvXJN0gmYoez4bx10GtAnlm1E9-Lg9sg7iWFxiU3vMx9HtZPfdpMjEhiZ-vHdReBeli4ftgyzA5lmMJ-2sRsVLkCawkXaoQbpfxHahsMc2fMBP3pGEdK3KuVBwUQJPlVaw0Cuh9P0FewJFXTNw8Cu-NhJiP4G6Wb3ay&cid=CAQSTgAvHhf_dIkdwM36Rpf-N7z8Er4UXKc10pM8VA2MpelYbW9tDnDD95gBIHXDz4FrJ0ZLc1T_SeWN-8ThKIaOFP8nibyJ85q9byd_hBWLSBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

68d280250e7788a27fec8070cb8d7353a4c36196f1f7d3c1a59a809755c5eb84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17471
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3664 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d5894a60758d1ef9cdadb21653c9c3afb0695a82b7cd944bcd11cfe585a6c23

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 47ms
35ms Preflight
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CMhbaf8KpZeT3Fse2jvQP0bu_8APfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnGqYvApNgPyAEFqAMBqgSZAk_Qcil4_MgvN9BKYSzf7Cip0kV2GFf5bHojv9QKavzSaORFSd6Sk9-PaFie1pvWqaeHAP1pQMESRl3gbanXuLOl9WyukfRdWrRjqxGAqhLsu0SdiQtr4VvYDucLBiBsDK19tvPBEfdxbl-dpC8RYjOjDZ3O6MOY9-b0b21rDQ8_d-YOzBSIFyYB3DtLV1jSAa1mmypzxO311FZrGTuF5JWeUIrDI_XQsyL0F3lUl3jJa_JjMG_PenoDMYCot-faDp31DIE_zD06XVgytY6ty8uefDjisxdGNTn8T4MleWNndFby_Z-PNk07EdSuo04EI-r5lJnXiVBLLFWHhcSFt8542xaLY_urAD1XpRKl60B-uciPL39sThH0wAS_no3s0wTgBAOIBYGhvuZNkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAfOpYHyA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEP3pDxjSuf-BAtIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYmKmvoJnogwOACgPICwHiDRMIl8yvoJnogwMVR5uDCB3R3Q8-sBOwiYgWyBORsI3kA9gTCogUAdgUAdAVAYAXAbIXHwodCAASFHB1Yi05ODE3ODcxOTQ2MzU1MTE5GJKKiQHoFwU&sigh=JXJCH4jTO5M&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_dIkdwM36Rpf-N7z8Er4UXKc10pM8VA2MpelYbW9tDnDD95gBIHXDz4FrJ0ZLc1T_SeWN-8ThKIaOFP8nibyJ85q9byd_hBWLSBgB&vt=10&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 00:29:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3664 0
0 42ms
41ms Fetch
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
URL: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3664 0
54 B 459ms
187ms Ping
image/gif 2404:6800:4008:c1b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrjwltba&c=6247118009793&slotId=3123559004896.5&qqid=CKSzsKCZ6IMDFUebgwgd0d0PPg&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::78 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
dvrtr.innovid.com/v3/ Frame 3664 20 KB
4 KB 212ms
51ms XHR
text/xml 172.64.151.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dvrtr.innovid.com/v3/vast?_media=1&ctx=23056155&cmp=184135&sid=4847&plc=3933653&advid=7310&adsrv=118&psf=0&_vast=https%3A%2F%2Frtr.innovid.com%2Fr1.6571f0fe045bc2.35392522%3Bcb%3D%7Bs1%7D%3Fivc_adstxt_domain%3D%7Bs2%7D%26ivc_adstxt_publisher%3D%7Bs3%7D%26ivc_appid%3D%7Bs4%7D%26ivc_campaignid%3D%7Bs5%7D%26ivc_creativeid%3D%7Bs6%7D%26ivc_orderid%3D%7Bs7%7D%26ivc_dealid%3D%7Bs8%7D%26ivc_publisherid%3D%7Bs9%7D%26ivc_site%3D%7Bs10%7D%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3D%7Bs11%7D&_s1=1705624191375780&_s2=google.com&_s3=pub-6021724631432713&_s4=&_s5=20884459649&_s6=541056210&_s7=1015240721&_s8=549644393846647869&_s9=1&_s10=412722566554&_s11=AD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]&DVP_PROG_REP=1&DVP_DV_TT=4&DVP_PP_ID=3&prr=1&DVP_DV_CT=2&DVP_PP_IMP_ID=ABAjH0gR4GugfakSKXTKUVmpAvKY&DVP_DBM_1=INSERT_DBM_CUSTOMER_ID
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b2e410b45c7e2611c1b0240cdd7521138d5502d4513737575bd7e8f144882d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:52 GMT
content-encoding: br
server: cloudflare
vary: origin, Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 847af7413985c470-EWR
link: <https://s-static.innovid.com>; rel=preconnect, <https://cdn.doubleverify.com>; rel=preconnect, <https://s.innovid.com>; rel=preconnect, <https://rtr.innovid.com>; rel=preconnect, <https://tpsc-video-ue.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect, <https://ad.doubleclick.net>; rel=preconnect
alt-svc: h3=":443"; ma=86400

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame 5461 196 KB
56 KB 50ms
14ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 16:50:42 GMT
age: 113950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 16:50:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5461 15 KB
5 KB 61ms
26ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 15:46:20 GMT
age: 31412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 15:46:20 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5461 95 KB
28 KB 64ms
28ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 16:32:23 GMT
age: 28649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 16:32:23 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5461 5 KB
2 KB 59ms
24ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 16:58:16 GMT
age: 27096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 16:58:16 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5461 40 KB
13 KB 61ms
27ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 16:50:42 GMT
age: 113950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 16:50:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5461 4 KB
655 B 25ms
23ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401170101/pubads_impl.js?cb=31080521

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 00:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 00:09:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 00:29:52 GMT

GET
H3 200 es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5461 3 KB
3 KB 18ms
16ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/es.png

Requested by

Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 12:06:59 GMT
x-content-type-options: nosniff
server: cafe
age: 44573
etag: 15820072736840818134
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
expires: Fri, 19 Jan 2024 12:06:59 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5461 295 B
319 B 17ms
15ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:02:18 GMT
x-content-type-options: nosniff
server: cafe
age: 62854
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jan 2024 07:02:18 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12112985228693474599/ Frame 5461 3 KB
3 KB 17ms
15ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12112985228693474599/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef394c3fd60c64c7183e20087b5856569e7da3bded3ab7f3e82920ec03626f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 17 Jan 2025 11:22:30 GMT
date: Thu, 18 Jan 2024 11:22:30 GMT
x-content-type-options: nosniff
age: 47242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2767
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 04:00:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16023218668796661988/ Frame 5461 29 KB
29 KB 17ms
16ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16023218668796661988/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: apoyosgov.finanzaspersonales.info
URL: https://apoyosgov.finanzaspersonales.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43a59282b4fe62f5e9b224c6446413124fe7b3abffd7774a7e3dd88af6f44b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 17 Jan 2025 23:43:15 GMT
date: Thu, 18 Jan 2024 23:43:15 GMT
x-content-type-options: nosniff
age: 2797
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29185
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 15:03:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 5461 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5461 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2c6d8babba63c4b85ec569757ac0e14f0ac4d9e602a6f23713ae71ecc2e85cd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5461 15 KB
16 KB 14ms
13ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apoyosgov.finanzaspersonales.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:23:39 GMT
x-content-type-options: nosniff
age: 21973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 18:23:39 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5461 0
0 50ms
50ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0cTuf8KpZc34NLHtjvQP85S52AeSz8q1daLQgJPNEcCNtwEQASCryoOZAWDJxqmLwKTYD6AB8ICZqirIAQmpAgMVKfPm1Uk-4AIAqAMByAMKqgTQAk_QpJvVtWH_rbu50PV0qPoBTd_bOZE0O-nOX-62eHO5zXxYPHJbE_UyTSrcT7sULBR3P7GZoJHxa9yFxKSOVZEyFj7VK_BbMFBiqsCBDUOfhwZxZ5Tx67Fqz31iO4v_W87yUhVmXzAN8KsOWi15erNj9CWMiXi0YwHV3eS2WCooOr78ZEHBYOrpkCE--XCDo-OFTpJTaSMsKy_Xt6-4sLqPi-9aVtVBT_0dsrmHQMiwou09E3gV1USGjjXTx0miCOik1ATnRREvCY0bIYV45RitCovO6USjaJIGwIorUhno7mhERqWJ8yZ3-tilbJA10dgS2rVak50elT_swwmNlZYCb8rB7Ec4mbXa5Co0PVZ88oz2R2IPjJtVhDvQGJ89Z8VsX9uJR8P6QfNMIBY9h2q4BjdnanHXSD9U5oJsKliZdPb1PaWcmIc2ZAhUEcNBJMAE4PrUotoE4AQBiAXH-K29TZIFBAgEGAGSBQQIBRgEoAYugAfwuOmJBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENvDBNIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYh7evoJnogwOaCeECaHR0cHM6Ly93b3VnYnkuY29tL2FydGljbGUvMTE3NjI_dXRtX3Rlcm09U2FpbHBvaW50JTIwSWRlbnRpdHklMjBhbmQlMjBBY2Nlc3MlMjBNYW5hZ2VtZW50LGNsb3VkJTIwaWRlbnRpdHklMjBhbmQlMjBhY2Nlc3MlMjBtYW5hZ2VtZW50JTIwaWFtLGZvcnJlc3RlciUyMHdhdmUlMjBpZGVudGl0eSUyMG1hbmFnZW1lbnQlMjBhbmQlMjBnb3Zlcm5hbmNlLGNsb3VkJTIwaWFtJTIwaWRlbnRpdHksY3Jvd2RzdHJpa2UlMjBwcml2aWxlZ2VkJTIwYWNjZXNzJTIwbWFuYWdlbWVudCxtaWNyb3NvZnQlMjBhenVyZSUyMGlkZW50aXR5JTIwYW5kJTIwYWNjZXNzJTIwbWFuYWdlbWVudCZjYW1wX2lkPTI4MjIwNSZnZG4yPXRydWWACgPICwHaDBEKCxCQ9o2qzbf2hZcBEgIBA-INEwih6a-gmeiDAxWxtoMIHXNKDnu4E-QD2BMMiBQB0BUBgBcBshcfCh0IABIUcHViLTk4MTc4NzE5NDYzNTUxMTkYkoqJAQ&sigh=pdSL1mqVxLA&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_xH8NrPkkJ0zTKFEQfKCZKVLwRJSnNUqwUwhL_UYOSpvs_qjAoC2J96G7rZ0fgmm1PsSHr-RK5ZAgmvjVIQO9Ui-oWk-9zN_nRDUYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 3664 0
54 B 199ms
199ms Ping
image/gif 2404:6800:4008:c1b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrjwlteq&c=6247118009793&slotId=3123559004896.5&qqid=CKSzsKCZ6IMDFUebgwgd0d0PPg&fb=outstream-lima&vmfc=13&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::78 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3664 41 KB
15 KB 7ms
7ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 02:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 02:41:48 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3664 0
54 B 192ms
192ms Ping
image/gif 2404:6800:4008:c1b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lrjwltqv&c=6247118009793&slotId=3123559004896.5&qqid=CKSzsKCZ6IMDFUebgwgd0d0PPg&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=20000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=1&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.vx~videopreviewvisible.wd&ua_e=1&umsem=0&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::78 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 19_source_184135_960345.mp4
s-static.innovid.com/media/encoded/12_23/691297/ Frame 3664 36 MB
36 MB 67ms
18ms Media
video/mp4 23.56.213.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-static.innovid.com/media/encoded/12_23/691297/19_source_184135_960345.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.213.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-213-52.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: y225.D.VW8QrPb75AnbTLOz1S2fW1t1l
Date: Fri, 19 Jan 2024 00:29:52 GMT
Last-Modified: Wed, 13 Dec 2023 16:38:15 GMT
Server: AmazonS3
x-amz-request-id: EJ2MQEE5FYJEZBZ7
ETag: "44d0ee8dbde7ba2f13390898afcd2d20-2"
x-amz-server-side-encryption: AES256
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-37903296/37903297
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37903297
x-amz-id-2: YkXFbFu4JkzLpUFZ0hNHtuJdE/U6QEwKTFpYGWrnpO2IfK6yHwbZvoIbwhDUv0fzqKLeY3kYVR4=

POST
H2 204 csi
csi.gstatic.com/ Frame 3664 0
45 B 192ms
191ms Ping
image/gif 2404:6800:4008:c1b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lrjwltre&c=6247118009793&slotId=3123559004896.5&qqid=CKSzsKCZ6IMDFUebgwgd0d0PPg&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=20000&mt=video%2Fmp4&vs=1920x1080&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fdvrtr.innovid.com%252Fv3%252Fvast%253F_media%253D1%2526ctx%253D23056155%2526cmp%253D184135%2526sid%253D4847%2526plc%253D3933653%2526advid%253D7310%2526adsrv%253D118%2526psf%253D0%2526_vast%253Dhttps%25253A%25252F%25252Frtr.innovid.com%25252Fr1.6571f0fe045bc2.35392522%25253Bcb%25253D%25257Bs1%25257D%25253Fivc_adstxt_domain%25253D%25257Bs2%25257D%252526ivc_adstxt_publisher%25253D%25257Bs3%25257D%252526ivc_appid%25253D%25257Bs4%25257D%252526ivc_campaignid%25253D%25257Bs5%25257D%252526ivc_creativeid%25253D%25257Bs6%25257D%252526ivc_orderid%25253D%25257Bs7%25257D%252526ivc_dealid%25253D%25257Bs8%25257D%252526ivc_publisherid%25253D%25257Bs9%25257D%252526ivc_site%25253D%25257Bs10%25257D%252526ivc_dsp%25253Ddv360%252526ivc_dbmtoken%25253D%25257Bs11%25257D%2526_s1%253D1705624191375780%2526_s2%253Dgoogle.com%2526_s3%253Dpub-6021724631432713%2526_s4%253D%2526_s5%253D20884459649%2526_s6%253D541056210%2526_s7%253D1015240721%2526_s8%253D549644393846647869%2526_s9%253D1%2526_s10%253D412722566554%2526_s11%253DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%2526_api%253D%255BAPIFRAMEWORKS%255D%2526_ssm%253D%255BSERVERSIDE%255D%2526_tsm%253D%255BTIMESTAMP%255D%2526gdpr%253D%2526gdpr_consent%253D%2526_abm%253D%255BAPPBUNDLE%255D%2526_pum%253D%255BPAGEURL%255D%2526DVP_PROG_REP%253D1%2526DVP_DV_TT%253D4%2526DVP_PP_ID%253D3%2526prr%253D1%2526DVP_DV_CT%253D2%2526DVP_PP_IMP_ID%253DABAjH0gR4GugfakSKXTKUVmpAvKY%2526DVP_DBM_1%253DINSERT_DBM_CUSTOMER_ID&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::78 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 16CF 23 KB
8 KB 7ms
7ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 21076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:38:36 GMT
expires: Fri, 17 Jan 2025 18:38:36 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401170101&jk=3180173731076470&bg=!oaKlou3NAAa8BdJLnAU7ADQBe5WfOP3jSVSERR_yAYOGNbkh-aqNM6IM0YgjkKrnhXXMDZhSRoeUO3onfontqNEsZZhiAgAAAGpSAAAAA2gBBwoAXHHT01D0GxE2cVFQoOpmbIaJp49bq9OUC8QZzwF0Tuimbbl-v0edWWs9D-LHxCa6Vd49XX8bvMOxLGNnB_vno9yKGZeuDBqNPa4vwA8tofPFkjXGYeaOCMMfS9FzmQLN76KpWlbMXJu8xkQx1G_VRoiUT2iUKWwTuRUaFj4WmaNoGnQXAPyJZPZZVYBzHMLzHFFa7F8N458xmXum_THr3cFNoNyF9ZR2DEZj1wzwUyaU9CXwN9ffK9V5FfYH8FjmCYZyB5c6EXAsjgy3N6yvSRV_AITR-NxRNFMSek1wPCMHEK1JUZ8WnzhVBIhhpEaVL0mSDw2SwK5dXBL257ibEkY8TllJcoK0BIMIWH7nNny0S-qfLZn6qTSlcrBzQ0LF6L_z8IOPAdRWhWFMGi7W58UVkdZ5HtYCkQyLe5v73L5SmZx1gtZYDPSte2u5N0_ZPc1KsFFi9N1v9wpZTvoDlh8oN6lkfApfcivCm593Kj-z9dm0mUV8v3B8O5jaaKCuCAVfGGC3XvkH61VHLvHwGODj7-khnIFMGic_TMbyFPewJ_E2MoL6zaohAVbUFQ2QG2gNhlFqLLR5TnCznsw7OdgrX6Z_KxNJ41diW-hOAeN41ytV6UmAbNZg_AExd0Ar7clD13Ix8_ugE01Wv2GSAYf0FYVNxMH1htWkw0Bs4jFU0Oas_RiwGL7IGANjP4WzEY44qRf3o5Fz2MTKQJy5siOfli4h58jzmyTtKd53zlJayt-vJ7I9fQUcmTZJNS8ub0GYN9WMOekd-R1lTEpAfoRIF4viK-MnI0X29tJTqA0Ts0MYI29qwwHT9y3gm0ujmXLaXefll7duzDeFRo_E2Mh-KeN5c1qsQlrGcY6SkoLM6sHlwewvi0SoquYadNuZYjXtj2Uw-OkMSImyzygcbimvstYNL_hb2TLG8LLfly9RY0xkmIdrZaCM0umxQZEwNTM6fDdfkv6OSaOIKBq80nYrTc3TZsEov0iWqaVU9nLtji7gm2OOt2Lk2xU_qL1jXQJr1jUI1hjvhWK2rQx5RGfDhMM5ElGj_srXD3kL4oHNfGxaedqtodrNMxNN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 16CF 50 KB
19 KB 10ms
10ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 02:34:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 02:34:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16CF 0
20 B 41ms
41ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BQcxtf8KpZdz9PMOEoPMP3KOr8AoAAAAAOAHgBAI&bg=!CgmlCUbNAAZVxkGXdcY7ADQBe5WfOFWKhPHtrSR4ZQtwGe-eL6STWxt6CzCX7T20PgAb9y01yUJIZemhZ7vke9XecurBAgAAAH5SAAAAB2gBB5kDGQ2IAtnhrIYOkiegkIwIMN8qry2LnCVCLpLBndgO-H8bb_RwkdTxbjEpUNWu5U3nM1yOxepMPhruHKWYBklLlgHc_eu2fM0Rm1rih1esey_N3qj27evRYfOQx0Vrz5LZloBmSWl0z5CtkfYELYrr-LssnBle8g26zZV32uZfT-SH1JEj2GmMWC8ZItHLnqsqhkLtJl42JQr2XUqiD_ZHOkfjc8O6fsRjksYIP8WvzwFLe06O3RZZ2LC494IRxthQVj44jSrEtIi279corjcZn6i23lfC6rlLLQTaIaZOOeNizehSyKIhjBUDFwO4ByWydMrxL7TAvxhNrgQeIloAmuykHfLShpwoFyF6NIFLw3blhNNNWv4Q4SytEQgmP_p8AwXsflO6-gn_5FIWAJzwKfAz7rlOHzbCZf1g68tlZw7hB3UmmMUInRQh_XY66NAPE5mvVZc0z21w6Ia1Zif1FSlcxwe5AQAsnhAUilphMfMMFQYdpDu3xUAdQ4DNCK_5_GkudW5tHLmvg3TrgFi0lc-Jh4HDDki8bW-83EPFG9I14DikPKMiG1viYY7lrnWULuAkun3JIBHFvcCmeuJ1V69JmfdePHHGqHwHRs6FfMuvPr9DxfbvWVJ3nCl1xujQdi9g6-e8NBWLe1QC74wIqGtWg6LpnNlMOUaWa34s6YUJ3W8iWv7ciY1FROBOAkmx7GviSjjEMAsboUOVVbtCsWbG9W4sUrN2gpx07BRvugkABo_cYev_66u8Bi3YDNAdH-hmOcpCF7xE6BF0tWjRoPlhMFx49rERwT3bB-tUVo3REdOnTA49-1Z0QvQlrJrcC7V1X8P_RLk_Mzw8uTpkxPFJA1_UYXRH4txb-th2d2Eqk4ocz4c3PFQSVZVDpZztp-sEsKQswDq1Px54KvX_vEKE1ep6U3c4sbOJ-dvXU2KtK5ID4YhN0si7m0OLcBP9ig69ZEjqIU-fuEOHuXArgj0Zf_z-4I8N3keboYzbrROcOXGlW2_xTOzxC3jdJ3z32r9THfyLZic7iuLTClyftETCLRbcL9xQfQQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
ag.innovid.com/ Frame 3664
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&actio...
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&acti...

43 B
297 B

377ms
16ms

Image
image/gif

2600:1f18:445b:902:2f7a:d312:2bf4:737f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=play&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Protocol: H2
Server: 2600:1f18:445b:902:2f7a:d312:2bf4:737f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 19 Jan 2024 00:29:53 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=play&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control: no-cache
content-length: 0
expires: -1

GET
H2

200

B31045744.383253085;dc_pre=CKjEh6GZ6IMDFWUKaAgdKDAGkQ;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7...
ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/ Frame 3664
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7...
https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_pre=CKjEh6GZ6IMDFWUKaAgdKDAGkQ;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7...

42 B
118 B

30ms
28ms

Image
image/gif

142.251.40.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_pre=CKjEh6GZ6IMDFWUKaAgdKDAGkQ;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7=$%7BBUNDLE_ID%7D;dvs8=$%7BCREATIVE_ID%7D;dvs9=$%7BINSERTION_ORDER_ID%7D;dvs10=$%7BPUBLISHER_ID%7D;dvs11=$%7BUNIVERSAL_SITE_ID%7D;dvs12=$%7BEXCHANGE_ID%7D;dvs13=1120300705;dvs14=1120300705;ord=1705624192222;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;;ltd=;dc_tdv=1?

Protocol

Server

142.251.40.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1642420.3424460DV360DISPLAY/B31045744.383253085;dc_pre=CKjEh6GZ6IMDFWUKaAgdKDAGkQ;dc_trk_aid=574808967;dc_trk_cid=206943461;dvs1=1;dvs2=$%7BSOURCE_URL_ENC%7D;dvs3=$%7BCAMPAIGN_ID%7D;dvs4=$%7BAUCTION_ID%7D;dvs5=1;dvs6=103;dvs7=$%7BBUNDLE_ID%7D;dvs8=$%7BCREATIVE_ID%7D;dvs9=$%7BINSERTION_ORDER_ID%7D;dvs10=$%7BPUBLISHER_ID%7D;dvs11=$%7BUNIVERSAL_SITE_ID%7D;dvs12=$%7BEXCHANGE_ID%7D;dvs13=1120300705;dvs14=1120300705;ord=1705624192222;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content event.png
tpsc-video-ue.doubleverify.com/ Frame 3664 0
162 B 658ms
437ms Image
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-ue.doubleverify.com/event.png?vstevt=0&dup=2de5738a-66df-4556-aedf-e570fcdf27b3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 00:29:53 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 2024-01-18T00:29:53

GET
H2 200 dc_oe=ChMInLnWoJnogwMVQwJoCB3c0QquEAAYACDIr99iOhoIo6z2mQQQv56N7NMEGJGwjeQDIK3b5MOJEkITCKSzsKCZ6IMDFUebgwgd0d0PPg;dc_rmcid=CAQSTgAvHhf_dIkdwM36Rpf-N7z8Er4UXKc10pM8VA2MpelYbW9tDnDD95gBIHXDz4FrJ0ZLc1T...
ade.googlesyndication.com/ddm/activity/ Frame 3664 42 B
401 B 87ms
38ms Image
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInLnWoJnogwMVQwJoCB3c0QquEAAYACDIr99iOhoIo6z2mQQQv56N7NMEGJGwjeQDIK3b5MOJEkITCKSzsKCZ6IMDFUebgwgd0d0PPg;dc_rmcid=CAQSTgAvHhf_dIkdwM36Rpf-N7z8Er4UXKc10pM8VA2MpelYbW9tDnDD95gBIHXDz4FrJ0ZLc1T_SeWN-8ThKIaOFP8nibyJ85q9byd_hBWLSBgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliYqa-gmeiDAw;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15232%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D828093318%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705624192734;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3664 42 B
443 B 56ms
28ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-v5Qf8KpZeT3Fse2jvQP0bu_8APfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnGqYvApNgPyAEFqAMByAObBKoEnAJP0HIpePzILzfQSmEs3-woqdJFdhhX-Wx6I7_UCmr80mjkRUnekpPfj2hYntab1qmnhwD9aUDBEkZd4G2p17izpfVsrpH0XVq0Y6sRgKoS7LtEnYkLa-Fb2A7nCwYgbAytfbbzwRH3cW5fnaQvEWIzow2dzujDmPfm9G9taw0PP3fmDswUiBcmAdw7S1dY0gGtZpsqc8Tt9dRWaxk7heSVnlCKwyP10LMi9Bd5VJd4yWvyYzBvz3p6AzGAqLfn2g6d9QyBP8w9Ol1YMrWOrcvLnnw44rMXRjU5_BeCv4zw9TPEbjplpeK3IbBChgTYHfld4E4GDIR4FgVNGHtrnG1b_vQ4k81_JSia4yM9ifPejVviWyDUa2Mf6OtO6sAEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliYqa-gmeiDA4AKA8gLAeALAYAMAaoNAlVT4g0TCJfMr6CZ6IMDFUebgwgd0d0PPrATsImIFsgTkbCN5APYEwqIFAHYFAHQFQH4FgGAFwHoFwU&sigh=m59JUU-SABI&label=part2viewed&ad_mt=6&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15232%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D828093318%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705624192734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
ag.innovid.com/ Frame 3664
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&actio...
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&acti...

43 B
296 B

382ms
22ms

Image
image/gif

2600:1f18:445b:902:2f7a:d312:2bf4:737f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=init&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Protocol: H2
Server: 2600:1f18:445b:902:2f7a:d312:2bf4:737f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 19 Jan 2024 00:29:53 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=init&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 200 uuid
rtr.innovid.com/placement/1e847t/ Frame 3664 0
215 B 426ms
22ms Image
text/plain 2600:1f18:445b:900:f333:8b0:1a1e:136f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtr.innovid.com/placement/1e847t/uuid?cb=93eeb72d-135a-f9bc-b8a0-a83eeb538fc2&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:900:f333:8b0:1a1e:136f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:53 GMT
cache-control: no-cache
content-length: 0
expires: -1

GET
H/1.1 204
No Content visit.jpg
tpsc-video-ue.doubleverify.com/ Frame 3664 0
162 B 397ms
151ms Image
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-ue.doubleverify.com/visit.jpg?vstevt=2&tagtype=video&ctx=23056155&cmp=184135&sid=4847&plc=3933653&advid=7310&adsrv=118&DVP_PP_ID=3&prr=1&crt=1gs8ig&dup=2de5738a-66df-4556-aedf-e570fcdf27b3&dvtagver=dvot_2024-01-18_06361b298_45ec3c9&DVP_PROG_REP=1&DVP_DV_TT=4&DVP_DV_CT=2&DVP_PP_IMP_ID=ABAjH0gR4GugfakSKXTKUVmpAvKY&DVP_DBM_1=INSERT_DBM_CUSTOMER_ID&vad=15000&vmftype=video&dvp_cfbs=99&dvp_infra=cloudflare&dvp_zjsver=0.21.19&vstvr=2.0-i&dvp_media=1&dvp_psf=0&app=-1&essd=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 00:29:53 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/18/2024 00:29:53

GET
H2 204 /
vtrk.doubleverify.com/ Frame 3664 0
184 B 305ms
25ms Image
text/plain 2606:4700:4400::ac40:9111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&ec=vast&cid=2de5738a-66df-4556-aedf-e570fcdf27b3&el=https%3A%2F%2Frtr.innovid.com%2Fr1.6571f0fe045bc2.35392522%3Bcb%3D1705624191375780%3Fivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg&ea=impression&cm114=1&cm115=30&cd101=vast&cd102=src&cd111=inline&cd112=unwrapped&cd117=2&cd170=118&cd188=EWR&cd189=cloudflare&cd190=23056155&cd191=184135&cd192=4847&cd193=3933653&cd194=7310&cd196=1&cd141=%5BAPIFRAMEWORKS%5D&cd142=2024-01-19T00%3A29%3A52.744Z&cd143=2024-01-19T00%3A29%3A52.744Z&z=73727216
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 00:29:53 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 847af7467baac335-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3664 0
557 B 102ms
64ms Image
image/gif 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumDcNT5aC54mTO3e9S7D-Q5TM4X5BAtVZ04Qxpys6UxwyJKxazgI8hbNxkx5Quw2KwlIrhiaPrDzzUtOblZBaDnNbjU61S7FJdtKXWfFA_Lv9Msoiyxlm5rxHDtppzvrVcVX1MfjQPT9UPTzGeuXCz6LRb4Guq-uKu8dfiPM4dQxKAfPOKc4jYNHCxCbTwfIpTRVUbsS1Q3AB_9oJMULucFGvgf1xhQs6x_W7swFFZRKUKl4QoBIj9bdr73BqqyDQIAd79c191gqspdO_I0qSl9x8gdPmGWx24z391PmP8CYgDwVhoQ8lAfAyidsc-NeMMnoyz1fyAFAi3Z8rJlo2BYX2lZGBredTVfsHgk9s8CIijo3iAylgiHO0Y3iXJ42rfiNrI760FLvTt2NyknJCSYiHWr5WejnlKSfAnjYocpEwVPY-gCovjlzcvYoZ0CUNc967dE1I1jb93iw5lgf2_uaRvyEK8EQTWbySmC4wlUsWd2lwZHWZG32p7nMkqEeHW63qkAug2T81MskLTppgWPbz-bujHpYVwtuk9eZu-VZF6c__mkH4h63Hksx0M453pCxxIe7B98iB5qggweMBC62bXp8jWRgSfJdixlN8dmqT-BWuczpsZn4X_SPggfu66nOwTCJJB9yaXqbOf1C5AZt-wwRZBHVFYzMzhhP1Haqlfh7h-CJRPGkX7s-EmK95l5oEI9fc9HZJS0QmnY_p60dlL26Saw1WUMTdDmyeatG_Gaz5G2ANg8qYAdcItP4jqAX6oh8I7TY1Lana48taluvU9-oAJD1e4hoo5q2trz6PrcxwaIjDhK1aiKNY8iisJ4wqeYVChutu6OH3cnmYB6SVGQoVuzBxqEDmbNF-TpyQEcPhQ0axg5SSmvr5wXrAJ_hpAr53gE5pcZpM3VZlOnsCpX79DbYcW6dzwXmnzqUXfz2BG6xcqp9TTms7f_T3yy1gE15Dh-n6CR--08M4AEXhjHyDd5YXzAbKc2vGyELFLxxqW0_UGjug8JD7VNqcUH4PsRqCF2Oopp2WYjD7h_7zY-uXiWYv2tFCaX_GZttkEMfEGgd_tH9uybNEfKESfcs8EqdEwwe6fCkuv7uNR97EufyQE4CjXrsOH6wFO9c_mwmAPPLOWnOCb8f-RxiZgtElVKlF-vuYWnZw0NaHOP-iAJgXok2BVG4KS9ZrciGZeCDzcUSsAwjJxUjFXiv8_I2LORZKPufA2xOw-iep8ykkIhGIz6_gPpvBWN4shzB6mcGS30IFAQg4v_-UgeUmDATJHhP_G8U4Of4DC77MP7uYraEsc-Olfc6YqYwwD2vknurrX7ORFD-p15l-vmr_F66YCZJrcX3xZvDXasw62Yg&sai=AMfl-YSN6I-bnb9C563KrT__OlUkvLh387BgjgKisb5I4OT6UQNqI4xEDw7Uf1lvQ6jNTX5N_m8sucVaCDnJxOEwjTk2y_LoMFiDOEyEO90iGRw0U6WuBcG2nA5UGYGe39Lmyp8ua4FU-03Y1nkEmKQyaF3dRQoHHHOCeUzJqoHW-JUN5LXw0Ty-s6RrFiWypO6gJNaZu0kp7czY26ciqCtqUmGBLLiogmTrnCHeib0okr_0cPNutDUM-aXhf22vad8DEWE_7grE8VcRKiRyYVA_IapcyRuFUOPWDZ5kssL6BxICu5hmLk9xA2T1OBkg2drA&sig=Cg0ArKJSzI_8m85y65udEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3664
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKHdmZYEEKOs9pkEGNK5_4ECIAEwAQ&v=APEucNV6zWitjkwh0t3dVZl1TNAFIFatwdsmMvtUNn6qas2QV9L1lpiC26seEBwLs6XQcPsrcdutYNXDgp94qbNdhUK1UGRQXo_zFJrpTeFs_1EeelA...
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZanCgDzcP8XqxUhu7lOIHgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6DjrI8fmIbxhQcbDdvNdU&google_cver=1

43 B
774 B

28ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6DjrI8fmIbxhQcbDdvNdU&google_cver=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWO6k2h%2BHrA9MO0c9wrZmdDTEXqCRgrsM2tzMBXiZRhOtGG6hyXk%2FPXBWqGSXXSiL3k1TgqUNPHCLnZf3lwAlmz7YaNIPsisE5%2Fg%2F4NjdEr0WWKy%2FqvCIrazgvyvrUDKoEveGIZz6LiTgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847af746992cc32c-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6DjrI8fmIbxhQcbDdvNdU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3664 0
20 B 40ms
39ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3664 42 B
64 B 47ms
45ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOddEyAUbim-eZa42RGEcbBUrrk5Xh5xiThZo0wVCTALCEZIdHxR8gCb2_K2gXNMfKYzWEyl4MOh-bEMmcLV_ju7KggOL8EnKCvQ3EtYO4IFGRoVbiHYzK_3eG1e5duVXaOzH9hm8GjMc&sai=AMfl-YT2j0KMsUy4i7n6AxjDnZD6MPer4XxyBcWXJFXz5byKOfx-0nqAjrzGTLsSnOrz78Rn2M94heyVDOsoup7wWD8SpUvZh2-4cKypFFKtHAHLECAftRSlgWP8TG0N51we-aOQZcZpT13SSiN_reK7&sig=Cg0ArKJSzHwjvENz3oFLEAE&cid=CAQSTgAvHhf_dIkdwM36Rpf-N7z8Er4UXKc10pM8VA2MpelYbW9tDnDD95gBIHXDz4FrJ0ZLc1T_SeWN-8ThKIaOFP8nibyJ85q9byd_hBWLSBgB&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15232%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D828093318%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705624192734&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3664 42 B
108 B 31ms
31ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-v5Qf8KpZeT3Fse2jvQP0bu_8APfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnGqYvApNgPyAEFqAMByAObBKoEnAJP0HIpePzILzfQSmEs3-woqdJFdhhX-Wx6I7_UCmr80mjkRUnekpPfj2hYntab1qmnhwD9aUDBEkZd4G2p17izpfVsrpH0XVq0Y6sRgKoS7LtEnYkLa-Fb2A7nCwYgbAytfbbzwRH3cW5fnaQvEWIzow2dzujDmPfm9G9taw0PP3fmDswUiBcmAdw7S1dY0gGtZpsqc8Tt9dRWaxk7heSVnlCKwyP10LMi9Bd5VJd4yWvyYzBvz3p6AzGAqLfn2g6d9QyBP8w9Ol1YMrWOrcvLnnw44rMXRjU5_BeCv4zw9TPEbjplpeK3IbBChgTYHfld4E4GDIR4FgVNGHtrnG1b_vQ4k81_JSia4yM9ifPejVviWyDUa2Mf6OtO6sAEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliYqa-gmeiDA4AKA8gLAeALAYAMAaoNAlVT4g0TCJfMr6CZ6IMDFUebgwgd0d0PPrATsImIFsgTkbCN5APYEwqIFAHYFAHQFQH4FgGAFwHoFwU&sigh=m59JUU-SABI&label=vast_creativeview&ad_mt=6&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15232%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D828093318%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1705624192734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3664 0
54 B 189ms
188ms Ping
image/gif 2404:6800:4008:c1b::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lrjwltrq&c=6247118009793&slotId=3123559004896.5&qqid=CKSzsKCZ6IMDFUebgwgd0d0PPg&fb=outstream-lima&gpm_i=13&gpm_c=13&gpm_a=13&smb=Infinity&br=20000&mt=video%2Fmp4&vs=1920x1080&dm=15000&event_name=first_play&asset_bytes=175018&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=7&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.134~ff.13g~videopreviewstarted.13k
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c1b::78 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5461 42 B
64 B 58ms
57ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHjY7PpBAgcZviqyNyHfOC4Ds0Ai3qCSHzaj2whAxJS6GdEQ-DVj3rCPIGiXHu8st-wsA-nXywGA2zs47TVPfeN1yA_ZQpiP-SKoLcT7qkYkrQrnUmoWodv1D_voCdGhqFkWVJKvCBU5YN1k6q5xjPmBJq&sai=AMfl-YTxqtFyhHv101IV2iyUYGj8bAIoSa_xd_4enI7n7b_LxmMh3vjClZIvLcumL0n9d3XtKxHJw7zuJ2nDvOdt5Rq6Cr9VEUe3R2leXTZEb27pHW9a7RCFgja9FdysqkwuDIJK47LK7AbrP1lcwFY32Q&sig=Cg0ArKJSzDyz-JmGPNk6EAE&cid=CAQSTwAvHhf_xH8NrPkkJ0zTKFEQfKCZKVLwRJSnNUqwUwhL_UYOSpvs_qjAoC2J96G7rZ0fgmm1PsSHr-RK5ZAgmvjVIQO9Ui-oWk-9zN_nRDUYAQ&id=ampim&o=464,215&d=672,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=204&tls=1205&g=100&h=100&tt=1205&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://apoyosgov.finanzaspersonales.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3664 42 B
64 B 44ms
41ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOddEyAUbim-eZa42RGEcbBUrrk5Xh5xiThZo0wVCTALCEZIdHxR8gCb2_K2gXNMfKYzWEyl4MOh-bEMmcLV_ju7KggOL8EnKCvQ3EtYO4IFGRoVbiHYzK_3eG1e5duVXaOzH9hm8GjMc&sai=AMfl-YT2j0KMsUy4i7n6AxjDnZD6MPer4XxyBcWXJFXz5byKOfx-0nqAjrzGTLsSnOrz78Rn2M94heyVDOsoup7wWD8SpUvZh2-4cKypFFKtHAHLECAftRSlgWP8TG0N51we-aOQZcZpT13SSiN_reK7&sig=Cg0ArKJSzHwjvENz3oFLEAE&cid=CAQSTgAvHhf_dIkdwM36Rpf-N7z8Er4UXKc10pM8VA2MpelYbW9tDnDD95gBIHXDz4FrJ0ZLc1T_SeWN-8ThKIaOFP8nibyJ85q9byd_hBWLSBgB&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,110,87,262%26tos%3D2002,0,0,0,0%26mtos%3D2002,2002,2002,2002,2002%26amtos%3D0,0,0,0,0%26mcvt%3D2002%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2164%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D60%26pst%3D201%26dur%3D15232%26vmtime%3D2170%26dtos%3D2002%26dtoss%3D1%26dvs%3D2002%26dfvs%3D2002%26dvpt%3D2164%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D828093318%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2002&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1705624192734

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
ag.innovid.com/ Frame 3664
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&actio...
https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&acti...

43 B
296 B

12ms
11ms

Image
image/gif

2600:1f18:445b:902:2f7a:d312:2bf4:737f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
Protocol: H2
Server: 2600:1f18:445b:902:2f7a:d312:2bf4:737f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 19 Jan 2024 00:29:56 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:56 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1itanp&client_id=7310&video_id=1196167&channel_id=3922478&publisher_id=4847&placement_tag_id=0&project_state=2&r=1705624192222&placement_hash=1e847t&action=vpoint&event_id=percent&event_value=25&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-6021724631432713%26ivc_appid%3D%26ivc_campaignid%3D20884459649%26ivc_creativeid%3D541056210%26ivc_orderid%3D1015240721%26ivc_dealid%3D549644393846647869%26ivc_publisherid%3D1%26ivc_site%3D412722566554%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABpCmEKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhQIgaG-5k2oAqOs9pkEsAKRsI3kA0AB0gIqGAEiEwiks7CgmeiDAxVHm4MIHdHdDz4oATABOK3b5MOJEkACSAFYiIQgENK5_4ECgBCY7H0y99qoJ1iHG63ZNg%26iv_geo_dma%3D501%26iv_geo_country%3DUS%26iv_geo_city%3DNew+York%26iv_geo_state%3DNY%26iv_geo_zip%3D10013%26iv_geo_lat%3D40.7157%26iv_geo_lon%3D-74.0
cache-control: no-cache
content-length: 0
expires: -1

GET
H/1.1 204
No Content event.png
tpsc-video-ue.doubleverify.com/ Frame 3664 0
162 B 305ms
140ms Image
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-ue.doubleverify.com/event.png?vstevt=4&dup=2de5738a-66df-4556-aedf-e570fcdf27b3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 00:29:56 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 2024-01-18T00:29:56

GET
H2 200 dc_oe=ChMInLnWoJnogwMVQwJoCB3c0QquEAAYACDIr99iOhoIo6z2mQQQv56N7NMEGJGwjeQDIK3b5MOJEkITCKSzsKCZ6IMDFUebgwgd0d0PPg;dc_rmcid=CAQSTgAvHhf_dIkdwM36Rpf-N7z8Er4UXKc10pM8VA2MpelYbW9tDnDD95gBIHXDz4FrJ0ZLc1T...
ade.googlesyndication.com/ddm/activity/ Frame 3664 42 B
107 B 44ms
42ms Image
image/gif 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInLnWoJnogwMVQwJoCB3c0QquEAAYACDIr99iOhoIo6z2mQQQv56N7NMEGJGwjeQDIK3b5MOJEkITCKSzsKCZ6IMDFUebgwgd0d0PPg;dc_rmcid=CAQSTgAvHhf_dIkdwM36Rpf-N7z8Er4UXKc10pM8VA2MpelYbW9tDnDD95gBIHXDz4FrJ0ZLc1T_SeWN-8ThKIaOFP8nibyJ85q9byd_hBWLSBgB;eps=CIBhEAEYHTICigI6BIBAgEBIvf3BOliYqa-gmeiDAw;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,110,87,262%26tos%3D3665,0,0,0,0%26mtos%3D3665,3665,3665,3665,3665%26amtos%3D0,0,0,0,0%26mcvt%3D3665%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3827%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D62%26pst%3D201%26dur%3D15232%26vmtime%3D3836%26dtos%3D1663%26dtoss%3D2%26dvs%3D1663%26dfvs%3D1663%26dvpt%3D1663%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3665,3665,3665,3665,3665%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D828093318%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3665;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1705624192734;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3664 42 B
64 B 33ms
32ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-v5Qf8KpZeT3Fse2jvQP0bu_8APfnL75dK3b5MOJEuOA3emmGhABIKvKg5kBYMnGqYvApNgPyAEFqAMByAObBKoEnAJP0HIpePzILzfQSmEs3-woqdJFdhhX-Wx6I7_UCmr80mjkRUnekpPfj2hYntab1qmnhwD9aUDBEkZd4G2p17izpfVsrpH0XVq0Y6sRgKoS7LtEnYkLa-Fb2A7nCwYgbAytfbbzwRH3cW5fnaQvEWIzow2dzujDmPfm9G9taw0PP3fmDswUiBcmAdw7S1dY0gGtZpsqc8Tt9dRWaxk7heSVnlCKwyP10LMi9Bd5VJd4yWvyYzBvz3p6AzGAqLfn2g6d9QyBP8w9Ol1YMrWOrcvLnnw44rMXRjU5_BeCv4zw9TPEbjplpeK3IbBChgTYHfld4E4GDIR4FgVNGHtrnG1b_vQ4k81_JSia4yM9ifPejVviWyDUa2Mf6OtO6sAEv56N7NME4AQDiAWBob7mTZAGAaAGeYAHzqWB8gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliYqa-gmeiDA4AKA8gLAeALAYAMAaoNAlVT4g0TCJfMr6CZ6IMDFUebgwgd0d0PPrATsImIFsgTkbCN5APYEwqIFAHYFAHQFQH4FgGAFwHoFwU&sigh=m59JUU-SABI&label=videoplaytime25&ad_mt=3836&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,110,87,262%26tos%3D3665,0,0,0,0%26mtos%3D3665,3665,3665,3665,3665%26amtos%3D0,0,0,0,0%26mcvt%3D3665%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3827%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D62%26pst%3D201%26dur%3D15232%26vmtime%3D3836%26dtos%3D1663%26dtoss%3D2%26dvs%3D1663%26dfvs%3D1663%26dvpt%3D1663%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3665,3665,3665,3665,3665%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D828093318%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3665&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0%26t%3D1705624192734

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 00:29:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finanzaspersonales.info/	1970-01-21 03:23:04	Name: _ga_VQXP1YQYSW Value: GS1.1.1705624191.1.0.1705624191.0.0.0
.finanzaspersonales.info/	1970-01-21 03:23:04	Name: _ga Value: GA1.1.320771791.1705624191
.doubleclick.net/	1970-01-21 03:23:04	Name: IDE Value: AHWqTUlZljJhn66oep9_JGplvKtyWTBKuIg2tR3s8-x7pBTIYCV-BE9i9tSJ2lT28zU
.doubleclick.net/	1970-01-20 22:06:16	Name: APC Value: AfxxVi5uZCS0VbT0XgDutEQLaKkN39IaQ6RHy6kYZzHcnrHMc5aiBw
.finanzaspersonales.info/	1970-01-21 03:08:40	Name: __gads Value: ID=d4feba5962444cd6:T=1705624191:RT=1705624191:S=ALNI_MYVZxw-7vwoLNsfSuAsDe5GVBfj6Q
.finanzaspersonales.info/	1970-01-21 03:08:40	Name: __gpi Value: UID=00000a0846f04525:T=1705624191:RT=1705624191:S=ALNI_MaTZxhvs7jtqkHd-62s71NFH25skA
.casalemedia.com/	1970-01-21 02:32:40	Name: CMID Value: ZanCgDzcP8XqxUhu7lOIHgAA
.casalemedia.com/	1970-01-20 19:56:40	Name: CMPS Value: 124
.casalemedia.com/	1970-01-20 19:56:40	Name: CMPRO Value: 124
.innovid.com/	1970-01-20 19:56:40	Name: uuid Value: 77156c24-0964-458c-a359-892de76ee436-20240118 19:29:52

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

893a14e03a6546f5cdf25a333c357e88.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
ag.innovid.com
apoyosgov.finanzaspersonales.info
bid.g.doubleclick.net
cdn.ampproject.org
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dvrtr.innovid.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
rtr.innovid.com
s-static.innovid.com
s.innovid.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tpsc-video-ue.doubleverify.com
vtrk.doubleverify.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.18.36.155
142.251.163.155
142.251.40.130
142.251.40.198
142.251.40.98
149.28.13.247
172.217.165.130
172.64.151.202
23.56.213.52
2404:6800:4008:c1b::78
2600:1f18:445b:900:f333:8b0:1a1e:136f
2600:1f18:445b:902:2f7a:d312:2bf4:737f
2600:1f18:445b:903:18f4:4b22:4678:cd8a
2606:4700:4400::ac40:9111
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2001
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2008
34.117.228.201
0b0f17d668648bcd5d38c310489bbb6888621439eaa58ab7c7cd590d2d8f0c59
0b2e410b45c7e2611c1b0240cdd7521138d5502d4513737575bd7e8f144882d8
0f5b8f66d9e8b3c0bb39bba1d77e328a9c0e46564271c373a624590a6437f18c
12e7ea5a8bfae7a245e45be8e77b6fc144d60b3a3e40d1944ce014d441333326
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e0fe529f9085f147cabaa9078c5c16035a817810fc3a84813b66de0e06fe8c3
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2377c2205879b110ce07f581eedb383a2a4ea93d7473a4bc3ee1440c69cf0db2
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
37fccb1c28e7bf54c11bec26a3ba55cc10f901b138fbd21aad32ef3578229da8
3b911ac824a9e7ccd48b5804a92a17d0af5a336992da33637380c25858790759
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d5894a60758d1ef9cdadb21653c9c3afb0695a82b7cd944bcd11cfe585a6c23
3f3cea92a9df11a15e1e7776c16438cc8f84638040a71784452121af017fd00c
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c0561c2c4810cbb09911bc45252c68724f181aa5bd16455493e31d2bfeba8b3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef394c3fd60c64c7183e20087b5856569e7da3bded3ab7f3e82920ec03626f8
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68d280250e7788a27fec8070cb8d7353a4c36196f1f7d3c1a59a809755c5eb84
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6b11c97fa853df89bf95f02a0668d1c340482ac24cef8bffc25c8a25fa7d262b
73a00c376a59d1087afa04e96e25f7ba9c3901aab74447353753a3eef42395ce
769c6211eb1a26c89fa3d8a63371b2ea75294fd5b16a1ed2a90fd8f5878de7d3
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d94b224ce185d1e83c260cdf3a78cd6dbb8d659f6f86e7c810ef17da5a500da
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8a674f2e82c4469fee46c57419263256e7307822f714a317210eee3b98b60d80
917389c42f0b39a53712cbf0d297cdeb21d8158644be48d1836d4ed640a6a87b
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9d9faf92d5031707ade900a893ce95d561540cf4e8df13ccecfe2ee9c63dde01
a0520951344a0a82548f72736baa2072e965cfdaeb51f397b3a5901b1024a406
a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46849a7e0fd7bdf03ff8d742b44f1ff83d1cbe831b9c9d99e858d644fbc478e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c9dd2f4ea5a90f2a3aa92da7a88c8286d8fc3e7ee07c832fc8acd28189618fab
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d43a59282b4fe62f5e9b224c6446413124fe7b3abffd7774a7e3dd88af6f44b1
d52a65ab7f3300e13e5fc813240c7ef63ac3f12edc861fba439815de15871a72
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d4061f5fe454acda1a4e4152afe3bc06966a941eb3c1eaf1f0d4b1c51b401f
e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d
edec49016eb591c4f49c2a9cca5ceca54d9cb3c209c0647f450b26a2d39beb0e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c6d8babba63c4b85ec569757ac0e14f0ac4d9e602a6f23713ae71ecc2e85cd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
fbb4d05ac474f1b451ce2b307eee201d3ea6bc55b28829ec29bdf1613b2120d0
fc3ee706b8ccec9c89019fd52f20be1712bdd676cb9c19306cf51698d0866a10
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

apoyosgov.finanzaspersonales.info Open in urlscan Pro 149.28.13.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

94 %HTTPS

63 %IPv6

12 Domains

27 Subdomains

26 IPs

3 Countries

38157 kBTransfer

40258 kBSize

10 Cookies

0 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

apoyosgov.finanzaspersonales.info Open in urlscan Pro
149.28.13.247 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

94 %
HTTPS

63 %
IPv6

12
Domains

27
Subdomains

26
IPs

3
Countries

38157 kB
Transfer

40258 kB
Size

10
Cookies

102 HTTP transactions
4 data transactions