Submitted URL: https://penzu.com/p/a8cc146b
Effective URL: https://penzu.com/public/a8cc146b
Submission: On March 16 via manual from US — Scanned from ES

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 60 HTTP transactions. The main IP is 34.203.159.219, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is penzu.com. The Cisco Umbrella rank of the primary domain is 200070.
TLS certificate: Issued by Amazon on February 15th 2022. Valid for: a year.
This is the only time penzu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 34.203.159.219 14618 (AMAZON-AES)
4 13.226.156.114 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.156.119 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 35.190.25.25 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 45.33.30.181 63949 (LINODE-AP...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 167.114.119.127 16276 (OVH)
2 8 2600:9000:218... 16509 (AMAZON-02)
1 34.243.100.214 16509 (AMAZON-02)
60 23
Apex Domain
Subdomains
Transfer
12 penzu.com
penzu.com — Cisco Umbrella Rank: 200070
1 MB
9 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2270
d.adroll.com — Cisco Umbrella Rank: 1396
77 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 88
729 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
110 KB
5 cloudfront.net
d3c2plo0qyv3hc.cloudfront.net
d2zah9y47r7bi2.cloudfront.net
55 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 310
2 KB
4 mixpanel.com
api.mixpanel.com — Cisco Umbrella Rank: 1204
623 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 525
syndication.twitter.com — Cisco Umbrella Rank: 769
133 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
83 KB
1 trackjs.com
usage.trackjs.com — Cisco Umbrella Rank: 2734
229 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
15 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 214
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
14 KB
1 columbiaredevelopment.com
columbiaredevelopment.com
32 KB
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2682
71 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
60 17
Domain Requested by
12 penzu.com 1 redirects penzu.com
d2zah9y47r7bi2.cloudfront.net
9 www.youtube.com penzu.com
www.youtube.com
8 s.adroll.com 2 redirects penzu.com
s.adroll.com
4 api.mixpanel.com d2zah9y47r7bi2.cloudfront.net
4 www.google-analytics.com penzu.com
d2zah9y47r7bi2.cloudfront.net
4 d3c2plo0qyv3hc.cloudfront.net penzu.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 connect.facebook.net penzu.com
connect.facebook.net
2 platform.twitter.com penzu.com
platform.twitter.com
1 d.adroll.com s.adroll.com
1 usage.trackjs.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 columbiaredevelopment.com penzu.com
1 netdna.bootstrapcdn.com penzu.com
1 syndication.twitter.com platform.twitter.com
1 stats.g.doubleclick.net d2zah9y47r7bi2.cloudfront.net
1 d2zah9y47r7bi2.cloudfront.net penzu.com
1 fonts.googleapis.com penzu.com
60 23

This site contains links to these domains. Also see Links.

Domain
podcast.penzu.com
support.penzu.com
wholesalinghousesinfo.com
Subject Issuer Validity Valid
penzu.com
Amazon
2022-02-15 -
2023-03-16
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018
2020-04-20 -
2022-04-21
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-12-23 -
2022-03-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-31 -
2022-10-30
a year crt.sh
*.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-29 -
2023-01-29
a year crt.sh
columbiaredevelopment.com
R3
2022-02-22 -
2022-05-23
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
www.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.trackjs.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-08-11 -
2022-08-11
a year crt.sh
s.adroll.com
Amazon
2021-08-02 -
2022-08-31
a year crt.sh
adroll.mgr.consensu.org
Amazon
2021-09-09 -
2022-10-08
a year crt.sh

This page contains 3 frames:

Primary Page: https://penzu.com/public/a8cc146b
Frame ID: 14527F973AB88BF6D0C99CFCC9614C77
Requests: 41 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fpenzu.com
Frame ID: 917AF0495658839FFD842FAC2FCC432B
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xOhluGg7CRk
Frame ID: 7E9648A738BCE08450757A2EF1FCF3BB
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Write In Private: Free Online Diary And Personal Journal | Penzu

Page URL History Show full URLs

  1. https://penzu.com/p/a8cc146b HTTP 302
    https://penzu.com/public/a8cc146b Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • api\.mixpanel\.com/track

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

60
Requests

95 %
HTTPS

64 %
IPv6

17
Domains

23
Subdomains

23
IPs

5
Countries

2392 kB
Transfer

7595 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://penzu.com/p/a8cc146b HTTP 302
    https://penzu.com/public/a8cc146b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 53
  • https://s.adroll.com/j/exp/GRQHM6D2LFFV5BJOAFYHSA/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 54
  • https://s.adroll.com/j/pre/GRQHM6D2LFFV5BJOAFYHSA/SHQJXEDS4JGK3GDBYXPRTN/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request a8cc146b
penzu.com/public/
Redirect Chain
  • https://penzu.com/p/a8cc146b
  • https://penzu.com/public/a8cc146b
12 KB
4 KB
Document
General
Full URL
https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
5731a5b4447547afa469319691b9c8376050402e328eae597a08e67235935904
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9

Response headers

date
Wed, 16 Mar 2022 06:38:58 GMT
content-type
text/html; charset=utf-8
server
nginx/1.8.0
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Tue, 16 Mar 2021 06:38:58 GMT
pragma
no-cache
x-runtime
1
etag
W/"5fc14f963d5f69f20b1d89722dacf171"
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
content-encoding
gzip

Redirect headers

date
Wed, 16 Mar 2022 06:38:58 GMT
content-type
text/html; charset=utf-8
content-length
99
location
https://penzu.com/public/a8cc146b
server
nginx/1.8.0
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Tue, 16 Mar 2021 06:38:58 GMT
pragma
no-cache
x-runtime
0
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
fonts-sprite.css
d3c2plo0qyv3hc.cloudfront.net/app/ckeditor/fonts/
18 KB
18 KB
Stylesheet
General
Full URL
https://d3c2plo0qyv3hc.cloudfront.net/app/ckeditor/fonts/fonts-sprite.css
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-114.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07146610105d3f4f5927961b5145ee7b7365f685f357b7049a5b3dcb4f6a0ee7

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 06:16:13 GMT
Via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
Last-Modified
Tue, 15 Nov 2016 18:55:44 GMT
Server
AmazonS3
Age
1505
ETag
"b5bf7ffe033e2943a5ecd08b407dc564"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
18409
X-Amz-Cf-Id
zvVMqVsJAZ6GjFwJjI0rNcKtra4MLmEtC-AzmA-4mz-sP7S4Yeq0yg==
css
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic|Open+Sans:400,300,600,700&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
029ff46286c01c7ad6d4b26a15dc354b34a5c92e3b590584ce13ea6a279c9add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 06:38:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Mar 2022 06:38:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Mar 2022 06:38:58 GMT
vendor.css
penzu.com/app/dist/
5 KB
2 KB
Stylesheet
General
Full URL
https://penzu.com/app/dist/vendor.css?rel=90f9e0d428
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
46469020254ff1dd284554b6800a3b85b717eee79a304125ad39c28e3a0f1c0c
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Aug 2017 15:02:11 GMT
server
nginx/1.8.0
etag
W/"599af5f3-14a5"
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
core.css
penzu.com/app/dist/
585 KB
80 KB
Stylesheet
General
Full URL
https://penzu.com/app/dist/core.css?rel=6d1790e9d5
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
6879209c0b87c73188d415b1a058063bb7cde297f8347e5dc264dca5effdc16b
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Jul 2021 14:11:52 GMT
server
nginx/1.8.0
etag
W/"60face28-92434"
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
tracker.js
d2zah9y47r7bi2.cloudfront.net/releases/current/
26 KB
9 KB
Script
General
Full URL
https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cache-control
s-max-age=3600, max-age=604800, public
Content-Encoding
gzip
ETag
W/"160874c6a444216fd269e7e0e2370aa7"
Age
105548
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-meta-content-type
application/javascript
Connection
keep-alive
Last-Modified
Thu, 13 Sep 2018 19:10:28 GMT
Server
AmazonS3
Date
Tue, 15 Mar 2022 01:19:51 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
Cache-Control
s-max-age=3600, max-age=604800, public
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
1KbrYKjdbGYREU9CaUZHnpljpPT5YGl8WdUkwZorPeDn8RWGAAUGbQ==
vendor_bundle.js
penzu.com/app/dist/
1 MB
401 KB
Script
General
Full URL
https://penzu.com/app/dist/vendor_bundle.js?rel=ded260e0a3
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
ce2671c6e7191b53bbca54a2a6db5463a7e327878ed7dd0b39d6bdd7395c9c8f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jan 2022 10:39:23 GMT
server
nginx/1.8.0
etag
W/"61dd5e5b-1404fe"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
core_bundle.js
penzu.com/app/dist/
185 KB
50 KB
Script
General
Full URL
https://penzu.com/app/dist/core_bundle.js?rel=62504e71e0
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
fdaff9e112facd4e9a5fa63019e6fddcfa83838e1fc3f3160a84e29bc0023e65
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jan 2022 10:39:13 GMT
server
nginx/1.8.0
etag
W/"61dd5e51-2e3fb"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
ckeditor.js
penzu.com/app/ckeditor/
547 KB
163 KB
Script
General
Full URL
https://penzu.com/app/ckeditor/ckeditor.js
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
89b9b6141e44e5019fe68a5ba2c3038a8336cbc566200a87902ccd04844355c6
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Aug 2017 17:57:31 GMT
server
nginx/1.8.0
etag
W/"59a6fc8b-88c0f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
app_bundle.js
penzu.com/app/dist/
486 KB
111 KB
Script
General
Full URL
https://penzu.com/app/dist/app_bundle.js?rel=32f5f44189
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
21397c10f31aafbc1ffaab8a1c171956083e45405f286c9bc27939592d4da674
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Dec 2021 13:23:41 GMT
server
nginx/1.8.0
etag
W/"61c326dd-799f4"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mrs/CBBA) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 06:38:58 GMT
Content-Encoding
gzip
Age
482
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (mrs/CBBA)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
wood.jpg
d3c2plo0qyv3hc.cloudfront.net/images/backgrounds/
14 KB
14 KB
Image
General
Full URL
https://d3c2plo0qyv3hc.cloudfront.net/images/backgrounds/wood.jpg
Requested by
Host: penzu.com
URL: https://penzu.com/app/dist/core.css?rel=6d1790e9d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-114.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ded23e95dda072cfa4a3e7f0b581b5ff5b17472caaadc2d29c6eea2a5da9bbc

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 06:27:28 GMT
Via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
Last-Modified
Thu, 18 Dec 2014 21:17:50 GMT
Server
AmazonS3
Age
691
ETag
"ea296cf72cad96be4cb7ff85e4338617"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
14312
X-Amz-Cf-Id
I3QQlQs-PtHyJWRjQFggCbpV5t-Jbta4JKHfar0TCnDFMDX14ejfHQ==
logo_default-free.png
d3c2plo0qyv3hc.cloudfront.net/images/logos/
5 KB
5 KB
Image
General
Full URL
https://d3c2plo0qyv3hc.cloudfront.net/images/logos/logo_default-free.png
Requested by
Host: penzu.com
URL: https://penzu.com/app/dist/core.css?rel=6d1790e9d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-114.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef7a2c25c308e248e0e6f088f6f8fb9f37d3a4f637baf79f246ea0d64dbc4a81

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:58:27 GMT
Via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
Last-Modified
Wed, 10 Aug 2016 21:37:00 GMT
Server
AmazonS3
Age
11743
ETag
"e8d6a5796f0a5f30bbb3c25b4ccfccc6"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
4781
X-Amz-Cf-Id
8olQRcl2CWXD8i03RvZ7yxsVnA8D6fkF06ZhHNXbFLVsC-lOQJkUZg==
penzu_white.png
d3c2plo0qyv3hc.cloudfront.net/images/logos/
7 KB
8 KB
Image
General
Full URL
https://d3c2plo0qyv3hc.cloudfront.net/images/logos/penzu_white.png
Requested by
Host: penzu.com
URL: https://penzu.com/app/dist/core.css?rel=6d1790e9d5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-114.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4957285c5f3eba5ce214e716c872395e98315849afa5c03e799b3874f584f21f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 05:58:28 GMT
Via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Last-Modified
Thu, 18 Dec 2014 21:20:27 GMT
Server
AmazonS3
Age
2432
ETag
"5e437dae0b8a0c39f0607b50067192b3"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
7466
X-Amz-Cf-Id
fv5UG6Kb6RCeHcCWmx5UTi82Zyri1hafWfQq3xCVuKYvQMDtWmQh1w==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic|Open+Sans:400,300,600,700&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://penzu.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:45:07 GMT
x-content-type-options
nosniff
age
28432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 22:45:07 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3849
date
Wed, 16 Mar 2022 05:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 16 Mar 2022 07:34:50 GMT
/
api.mixpanel.com/decide/
65 B
323 B
XHR
General
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=6d1bada8c1aa26cdcb98372fe0372af4&ip=1&_=1647412739122
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:59 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://penzu.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api.mixpanel.com/track/
1 B
158 B
XHR
General
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL3Blbnp1LmNvbS9wdWJsaWMvYThjYzE0NmIiLCIkYnJvd3Nlcl92ZXJzaW9uIjogODksIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4yMS4wIiwiZGlzdGluY3RfaWQiOiAiMTdmOTE3MzdjMmY0N2MtMGE3NjcwODEwODdlYTgtNTc3MWUzMy0xZDRjMDAtMTdmOTE3MzdjMzA0ZjQiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICIkZGlyZWN0IiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJodHRwczovL3Blbnp1LmNvbS9wdWJsaWMvYThjYzE0NmIiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICI2ZDFiYWRhOGMxYWEyNmNkY2I5ODM3MmZlMDM3MmFmNCJ9fQ%3D%3D&ip=1&_=1647412739126
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 16 Mar 2022 06:38:59 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://penzu.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
1
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c46dd0d9ed58ce8d27cfcce12d21591e455e844414a35c3e04e3f74b897b86e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
M1de2dx04aexMdDMMjeZPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
jBvEDBd2tFg/WUMJwCiUG2+/uItsaQFKLT/ljDOf4SonkRO9Hm7cEKm/yNlR4DN8XJr43bLM/GnGi+KVs6N9sA==
x-fb-trip-id
917726464
x-fb-content-md5
0b04defa0265989408d4961bf7f2ba92
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 16 Mar 2022 06:38:59 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a3b93c5124fdcb71367fcca68a926490"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 16 Mar 2022 06:55:32 GMT
/
api.mixpanel.com/track/
1 B
72 B
XHR
General
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJWaWV3IFB1YmxpYyBFbnRyeSIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJGN1cnJlbnRfdXJsIjogImh0dHBzOi8vcGVuenUuY29tL3B1YmxpYy9hOGNjMTQ2YiIsIiRicm93c2VyX3ZlcnNpb24iOiA4OSwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjIxLjAiLCJkaXN0aW5jdF9pZCI6ICIxN2Y5MTczN2MyZjQ3Yy0wYTc2NzA4MTA4N2VhOC01NzcxZTMzLTFkNGMwMC0xN2Y5MTczN2MzMDRmNCIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJhYl9lbmdhZ2VtZW50X29uYm9hcmRpbmciOiAiYSAodjEpIiwidmVyc2lvbiI6ICIyLjguNiIsInBsYXRmb3JtIjogIldlYiIsIiR0aW1lIjoge30sInNvdXJjZV9wYXRoIjogIl4iLCJzdGF0ZV9uYW1lIjogIiIsIm9ubGluZSI6IHRydWUsInRva2VuIjogIjZkMWJhZGE4YzFhYTI2Y2RjYjk4MzcyZmUwMzcyYWY0In19&ip=1&_=1647412739260
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 16 Mar 2022 06:38:59 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://penzu.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
alt-svc
clear
content-length
1
a8cc146b
penzu.com/api/pe/
14 KB
5 KB
XHR
General
Full URL
https://penzu.com/api/pe/a8cc146b
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
b531d97514a92ecae57789d88f179d385c36f1641c6e78ef2ad2edbc40a1dbf3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://penzu.com/public/a8cc146b
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
x-xss-protection
1; mode=block
x-runtime
21
server
nginx/1.8.0
x-frame-options
SAMEORIGIN
etag
W/"c4976d0abd5f802b745986a7f4ad7033"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
private, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
access-control-allow-headers
*,x-requested-with,Content-Type,If-Modified-Since,If-None-Match,Auth-User-Token
emoji_newyears.png
penzu.com/app/images/icons/
18 KB
18 KB
Image
General
Full URL
https://penzu.com/app/images/icons/emoji_newyears.png
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
eecc77a8a53725b15a97b4bc5293d953038750a3695becccf553443497dec21f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2018 12:08:59 GMT
server
nginx/1.8.0
etag
"5a4a24db-4819"
x-frame-options
SAMEORIGIN
content-type
image/png
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
18457
x-xss-protection
1; mode=block
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame 917A
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fpenzu.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mrs/CBB7) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
29005
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Mar 2022 06:38:59 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mrs/CBB7)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
collect
www.google-analytics.com/j/
4 B
143 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1803779043&t=pageview&_s=1&dl=https%3A%2F%2Fpenzu.com%2Fpublic%2Fa8cc146b&ul=en-us&de=UTF-8&dt=Write%20In%20Private%3A%20Free%20Online%20Diary%20And%20Personal%20Journal%20%7C%20Penzu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1212768981&gjid=247514970&cid=1403190453.1647412739&tid=UA-3563385-3&_gid=1234525428.1647412739&_r=1&_slc=1&z=2003799928
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://penzu.com/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 06:38:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://penzu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1803779043&t=event&_s=2&dl=https%3A%2F%2Fpenzu.com%2Fpublic%2Fa8cc146b&ul=en-us&de=UTF-8&dt=Write%20In%20Private%3A%20Free%20Online%20Diary%20And%20Personal%20Journal%20%7C%20Penzu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=event&ea=View%20Public%20Entry&el=View%20Public%20Entry&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1403190453.1647412739&tid=UA-3563385-3&_gid=1234525428.1647412739&z=122246376
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 20:30:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36531
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
435 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3563385-3&cid=1403190453.1647412739&jid=1212768981&gjid=247514970&_gid=1234525428.1647412739&_u=IEBAAEAAAAAAAC~&z=212190868
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://penzu.com/
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Mar 2022 06:38:59 GMT
content-type
text/plain
access-control-allow-origin
https://penzu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 917A
364 B
499 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=e9455fe96a223632d207f9f939cebafca9a67110
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fpenzu.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
c17ec1ad3ad09c7c7184bfe9674704744f7f15c22c7bd6d4244f174744efbf26
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
104
date
Wed, 16 Mar 2022 06:38:58 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 06:38:59 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
930199f4807b569f8a7edb51202e84b46ac138948cd7971daed33c9bc1e78841
content-length
218
sdk.js
connect.facebook.net/en_US/
285 KB
81 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3bacb4be87afd574664c77a55d69928f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b0d4b58c5bace070b2f7a04b866c23c8f185ff1187d4fe8c41d6c62fcd76c1d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://penzu.com/
Origin
https://penzu.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
I9moT6GciQ122AMX4O1D8g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82902
x-fb-rlafr
0
x-fb-debug
bm7MZzZN88CtsN852lMqP4POLSbZB7UhTinaw9mO5mWzr1jtxTTomRH69djSiur78PRXXkKjrETBZFzwJRzVGg==
x-fb-content-md5
aa2474fbf734f4e3dc2c03934f7a5c25
x-frame-options
DENY
date
Wed, 16 Mar 2022 06:38:59 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8609a81b2392bfa40d8bf84546259c2d"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 16 Mar 2023 01:19:12 GMT
/
api.mixpanel.com/track/
1 B
70 B
XHR
General
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJQdWJsaWMgRW50cnkgVmlldyIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJGN1cnJlbnRfdXJsIjogImh0dHBzOi8vcGVuenUuY29tL3B1YmxpYy9hOGNjMTQ2YiIsIiRicm93c2VyX3ZlcnNpb24iOiA4OSwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjIxLjAiLCJkaXN0aW5jdF9pZCI6ICIxN2Y5MTczN2MyZjQ3Yy0wYTc2NzA4MTA4N2VhOC01NzcxZTMzLTFkNGMwMC0xN2Y5MTczN2MzMDRmNCIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJhYl9lbmdhZ2VtZW50X29uYm9hcmRpbmciOiAiYSAodjEpIiwidmVyc2lvbiI6ICIyLjguNiIsInBsYXRmb3JtIjogIldlYiIsIiR0aW1lIjoge30sInNvdXJjZV9wYXRoIjogIi9wdWJsaWMvOmlkIiwic3RhdGVfbmFtZSI6ICJwdWJsaWNFbnRyeSIsIm9ubGluZSI6IHRydWUsInRva2VuIjogIjZkMWJhZGE4YzFhYTI2Y2RjYjk4MzcyZmUwMzcyYWY0In19&ip=1&_=1647412739409
Requested by
Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 16 Mar 2022 06:38:59 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://penzu.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
alt-svc
clear
content-length
1
xOhluGg7CRk
www.youtube.com/embed/ Frame 7E96
60 KB
26 KB
Document
General
Full URL
https://www.youtube.com/embed/xOhluGg7CRk
Requested by
Host: penzu.com
URL: https://penzu.com/app/dist/vendor_bundle.js?rel=ded260e0a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7e16fea44c43076e979ca7b8a1fd2367e2a841b1b250361412b7be874a5be40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 16 Mar 2022 06:38:59 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=es for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
background.jpg
penzu.com/stylesheets/themes/page/basic/
212 KB
212 KB
Image
General
Full URL
https://penzu.com/stylesheets/themes/page/basic/background.jpg
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
e722ce3684d3e78516464b67210b5b2cbcc853c2c4a70bd13a631d0b8937cf88
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Mar 2017 15:15:16 GMT
server
nginx/1.8.0
etag
"58bece84-34ef6"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
216822
x-xss-protection
1; mode=block
pad_top.gif
penzu.com/stylesheets/themes/pad/basic/
408 B
751 B
Image
General
Full URL
https://penzu.com/stylesheets/themes/pad/basic/pad_top.gif
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.159.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-159-219.compute-1.amazonaws.com
Software
nginx/1.8.0 /
Resource Hash
03bad2cefe03090835f78d743c1525b8d5a9564c50f8ecbd518f1d7a0558cfb9
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/public/a8cc146b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 31 Mar 2016 02:09:45 GMT
server
nginx/1.8.0
etag
"56fc86e9-198"
x-frame-options
SAMEORIGIN
content-type
image/gif
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
408
x-xss-protection
1; mode=block
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v23/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v23/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic|Open+Sans:400,300,600,700&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://penzu.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 11:52:55 GMT
x-content-type-options
nosniff
age
67564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35440
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:43:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 11:52:55 GMT
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/
70 KB
71 KB
Font
General
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: penzu.com
URL: https://penzu.com/app/dist/core.css?rel=6d1790e9d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://penzu.com/
Origin
https://penzu.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752, 617, 617, 617
age
8344484
cdn-cachedat
2021-07-17 11:05:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71896
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a84b0e5cdd1197b48adb896de979a6d5
accept-ranges
bytes
cf-ray
6ecb7d35ff3b663b-MAD
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
Real-estate-investor-vs-real-estate-agent-what-is-the-difference.jpg
columbiaredevelopment.com/wp-content/uploads/2018/11/
32 KB
32 KB
Image
General
Full URL
https://columbiaredevelopment.com/wp-content/uploads/2018/11/Real-estate-investor-vs-real-estate-agent-what-is-the-difference.jpg
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.33.30.181 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
harry.vrazer.net
Software
nginx /
Resource Hash
ad0590a2876387044af09f5d0f99556e1556453624b933da6c4f9ef8148c32cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 16 Mar 2022 06:38:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Dec 2021 16:58:10 GMT
server
nginx
etag
"61cb4222-7e30"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
32304
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:38:59 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1803779043&t=event&_s=3&dl=https%3A%2F%2Fpenzu.com%2Fpublic%2Fa8cc146b&ul=en-us&de=UTF-8&dt=Write%20In%20Private%3A%20Free%20Online%20Diary%20And%20Personal%20Journal%20%7C%20Penzu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=event&ea=Public%20Entry%20View&el=Public%20Entry%20View&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1403190453.1647412739&tid=UA-3563385-3&_gid=1234525428.1647412739&z=273427593
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Mar 2022 23:15:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26636
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/bd67d609/ Frame 7E96
338 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/bd67d609/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/xOhluGg7CRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 03:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
11624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47168
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 00:13:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Mar 2023 03:25:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7E96
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:06:41 GMT
x-content-type-options
nosniff
age
48738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/bd67d609/www-embed-player.vflset/ Frame 7E96
279 KB
86 KB
Script
General
Full URL
https://www.youtube.com/s/player/bd67d609/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06f8162aa9ef077724723137428181eb5bdcbf05b03d9e86555fae1d139a9fe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/xOhluGg7CRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 01:26:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
18735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88091
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 00:13:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Mar 2023 01:26:44 GMT
base.js
www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/ Frame 7E96
2 MB
523 KB
Script
General
Full URL
https://www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b033925ea98eda17fc6f329f522ac3005af5c12c0c3feebd43f36c996941b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/xOhluGg7CRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 15:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
139889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
535526
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 00:13:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 14 Mar 2023 15:47:30 GMT
fetch-polyfill.js
www.youtube.com/s/player/bd67d609/fetch-polyfill.vflset/ Frame 7E96
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/bd67d609/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/xOhluGg7CRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 22:56:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
27738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 00:13:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Mar 2023 22:56:41 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 7E96
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H3
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a275ae3754d7f47ad3b1bff64f546a3de866861a08955523e386bdf14b7d27b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 16 Mar 2022 06:39:00 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 7E96
29 B
587 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bd67d609/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:38:13 GMT
x-content-type-options
nosniff
age
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Mar 2022 06:53:13 GMT
remote.js
www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/ Frame 7E96
119 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13bf16858cdd934b26308a950832cd91fb2afbfb09261c790c79e4302509b1bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/xOhluGg7CRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 15:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
139407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37874
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 00:13:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 14 Mar 2023 15:55:33 GMT
lgrQep_cHvWFMgJTnyMczGzKq0lFy3dFEtoDT0eWErg.js
www.google.com/js/th/ Frame 7E96
35 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/lgrQep_cHvWFMgJTnyMczGzKq0lFy3dFEtoDT0eWErg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
960ad07a9fdc1ef5853202539f231ccc6ccaab4945cb774512da034f479612b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 21:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
32008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13675
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 18:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Mar 2023 21:45:32 GMT
embed.js
www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/ Frame 7E96
26 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24ff1024af5ac3cbf4c5e66ff023195111d23bb72d29b029f22b02819ae2b146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/xOhluGg7CRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 15:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
139890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7755
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 00:13:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 14 Mar 2023 15:47:30 GMT
truncated
/ Frame 7E96
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQPBm1ArAJaWU8p_OfyeYqj1MxpJMpD4-SwqkFzOQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7E96
2 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLQPBm1ArAJaWU8p_OfyeYqj1MxpJMpD4-SwqkFzOQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
63b8c81bd81ce3ed39dd635b901fcf40129653ad2d54f2580fbb1505ffd40259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 05:12:10 GMT
x-content-type-options
nosniff
age
5210
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2389
x-xss-protection
0
server
fife
etag
"v1ae"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 16 Mar 2022 02:52:06 GMT
sddefault.webp
i.ytimg.com/vi_webp/xOhluGg7CRk/ Frame 7E96
14 KB
15 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/xOhluGg7CRk/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec490cc6758aecff6847ed9b6fa22fb35f4eea8da4db36fd3b122d8af5c5717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:27:31 GMT
x-content-type-options
nosniff
age
689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14468
x-xss-protection
0
server
sffe
etag
"1623299412"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 16 Mar 2022 08:27:31 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 7E96
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bd67d609/player_ias.vflset/es_ES/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Mar 2022 06:39:00 GMT
generate_204
www.youtube.com/ Frame 7E96
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?sDnNfg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xOhluGg7CRk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/embed/xOhluGg7CRk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:39:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/89/ Frame 7E96
48 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/89/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 08:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14262
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:19:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 16 Mar 2022 08:45:45 GMT
usage.gif
usage.trackjs.com/
43 B
229 B
Image
General
Full URL
https://usage.trackjs.com/usage.gif?token=472335e890524be497946376672c0850&correlationId=8d9f112a-843e-4034-92af-3ffb77d22c7e&application=&x=de41633d-dc53-408f-a806-27c628fbeaa6&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.119.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
prd-usage-2.tjsint.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 06:39:01 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
roundtrip.js
s.adroll.com/j/
46 KB
15 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: penzu.com
URL: https://penzu.com/public/a8cc146b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b86eb5398c67c85f4c5f437f420be7c9bcad49af0db8433a0e5ee2e1b83f834

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Amz-Version-Id
6hBu523wParALjcAlYJG1sicm6m4WuKw
Content-Encoding
gzip
Etag
W/"dc6e09bbb08a43b0580bdf4e20f1cd3e"
Age
1638
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Last-Modified
Mon, 07 Mar 2022 17:25:11 GMT
Server
AmazonS3
Date
Wed, 16 Mar 2022 06:11:43 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
DUS51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
PH4CuKy5U-g9eKyfxZlHI9q-LTDEzQYNcRQX0HHJ2kh6Z5mHZenQgg==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/GRQHM6D2LFFV5BJOAFYHSA/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
762 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
2600:9000:2182:a000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Amz-Version-Id
Yo1foR6FJ6WFFBWqTYM2cazsDqVdFv1D
Via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
60263
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 03 Mar 2022 22:40:46 GMT
Server
AmazonS3
Date
Tue, 15 Mar 2022 13:54:39 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
g5hOhEcTUALBgXKi5HlMk0AnrFWaSbXvmxWvvT5SlNy7QU7EU3ARDQ==

Redirect headers

Date
Tue, 15 Mar 2022 12:03:30 GMT
Via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Age
66929
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
DUS51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
szu9T5yug2BxJSAGfU9y97RCx2kyLfoG25X7RcJmD1y3ISIiJkV5qA==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/GRQHM6D2LFFV5BJOAFYHSA/SHQJXEDS4JGK3GDBYXPRTN/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
733 B
Script
General
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:2182:a000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 5cd60f530cdafe284762767565aa2746.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
41235
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Tue, 15 Mar 2022 19:11:47 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
rPgXGamelugJZ0QmCi8wPm7Y7QdhlsJA4hX2qVn6-NGdcHPLG1DTPA==

Redirect headers

Date
Wed, 16 Mar 2022 04:18:00 GMT
Via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Age
8461
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
DUS51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
31zyBoOPAYc6_NtLjhAbaP6k4v8ICUa5A3TDunM0RfrY9Mewg-TWXw==
index.js
s.adroll.com/j/pre/GRQHM6D2LFFV5BJOAFYHSA/SHQJXEDS4JGK3GDBYXPRTN/
4 KB
3 KB
Script
General
Full URL
https://s.adroll.com/j/pre/GRQHM6D2LFFV5BJOAFYHSA/SHQJXEDS4JGK3GDBYXPRTN/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Amz-Version-Id
vxP5PHFNVcP3up25GWjF5A.eUeINfNSY
Content-Encoding
gzip
Etag
W/"33ed216ef4569e95a97e55fb39d91d38"
Age
3321
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
Last-Modified
Thu, 10 Mar 2022 13:45:45 GMT
Server
AmazonS3
Date
Wed, 16 Mar 2022 05:58:29 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
DUS51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
60mN80G9sAGJEYUXrIbqhoaEn_Nu8CtCYljiqSj42dtM2jxjTTIAHg==
GRQHM6D2LFFV5BJOAFYHSA
d.adroll.com/consent/check/
439 B
532 B
Script
General
Full URL
https://d.adroll.com/consent/check/GRQHM6D2LFFV5BJOAFYHSA?arrfrr=https%3A%2F%2Fpenzu.com%2Fpublic%2Fa8cc146b&_s=d4cf4fd03345911349dbe6e085a019f4&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.100.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-100-214.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
12fb814304a8f6ab51652a9de368e4730dc544373c691f34e49f21f5edee19d4

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:39:01 GMT
server
nginx/1.20.0
content-length
439
content-type
application/javascript
consent_tcfv2.js
s.adroll.com/j/
392 KB
54 KB
Script
General
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d41b88e85f102322f6518ab48a1cfc3b8687aedd42bef4a223aacb94b3afefd

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Amz-Version-Id
o01OriqlDtvpD57hQzwr4sTdG9KQBCAh
Content-Encoding
gzip
Etag
W/"c01687097ed4972335daebc2d2581891"
Age
123
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 5cd60f530cdafe284762767565aa2746.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Feb 2022 17:35:14 GMT
Server
AmazonS3
Date
Wed, 16 Mar 2022 06:36:58 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
DUS51-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
czdF2-dBrhKEpL6eUWL_WnZlZ159T74xOQKza-vj_qo6ez3spqGGEQ==
nextroll-32x32.png
s.adroll.com/i/favicon/
2 KB
2 KB
Image
General
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://penzu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 00:06:58 GMT
Via
1.1 5cd60f530cdafe284762767565aa2746.cloudfront.net (CloudFront)
Age
23524
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Type
image/png
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Tn3OSIFk3Q_-wP_hQ15M-i1D_llb0d45bICfVYvbYbc2rzJVnisjdg==
log_event
www.youtube.com/youtubei/v1/ Frame 7E96
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bd67d609/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:800::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/xOhluGg7CRk
X-YouTube-Client-Version
1.20220313.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtPbElSdFRua05scyiDjMaRBg%3D%3D
X-YouTube-Ad-Signals
dt=1647412739995&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 16 Mar 2022 06:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 16 Mar 2022 06:39:02 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored string| CKEDITOR_BASEPATH string| ENV object| trackJs string| GoogleAnalyticsObject function| ga function| webpackJsonp function| webpackHotUpdate function| setImmediate function| clearImmediate function| $ object| Braintree function| _ object| angular object| braintree function| moment function| Pikaday object| mixpanel object| Modernizr object| SC object| CKEDITOR function| fbAsyncInit object| twttr string| adroll_adv_id string| adroll_pix_id object| __twttrll object| __twttr object| Auth object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB boolean| __adroll_loaded string| adroll_sid object| dataLayer object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| __adroll_consent_data function| __cmp function| __tcfapi object| adroll_exp_list object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild

8 Cookies

Domain/Path Name / Value
penzu.com/ Name: _pzds
Value: BAh7BjoPc2Vzc2lvbl9pZCIlZjQ3MzVmZjEzZDhmYWE0ZDNlZTc3MGZlMWM2MWNjNjc%3D--25d1614b847e3aece7d05ee449e60473e36f9f6b
penzu.com/ Name: _safe_cookies__known_cookies
Value: _pzds
.penzu.com/ Name: mp_6d1bada8c1aa26cdcb98372fe0372af4_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217f91737c2f47c-0a767081087ea8-5771e33-1d4c00-17f91737c304f4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22ab_engagement_onboarding%22%3A%20%22a%20(v1)%22%2C%22version%22%3A%20%222.8.6%22%2C%22platform%22%3A%20%22Web%22%7D
.penzu.com/ Name: _ga
Value: GA1.2.1403190453.1647412739
.penzu.com/ Name: _gid
Value: GA1.2.1234525428.1647412739
.penzu.com/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: gNLXF_TFt_o
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: OlIRtTnkNls

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mixpanel.com
columbiaredevelopment.com
connect.facebook.net
d.adroll.com
d2zah9y47r7bi2.cloudfront.net
d3c2plo0qyv3hc.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
netdna.bootstrapcdn.com
penzu.com
platform.twitter.com
s.adroll.com
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
usage.trackjs.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.244.42.8
13.226.156.114
13.226.156.119
167.114.119.127
2600:9000:2182:a000:6:9280:1080:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:acf
2a00:1450:4001:801::2004
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2016
2a00:1450:4001:810::200e
2a00:1450:4001:827::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:400c:c1b::9b
2a00:1450:400e:800::200e
2a03:2880:f02d:100:face:b00c:0:3
34.203.159.219
34.243.100.214
35.190.25.25
45.33.30.181
029ff46286c01c7ad6d4b26a15dc354b34a5c92e3b590584ce13ea6a279c9add
03bad2cefe03090835f78d743c1525b8d5a9564c50f8ecbd518f1d7a0558cfb9
06f8162aa9ef077724723137428181eb5bdcbf05b03d9e86555fae1d139a9fe1
07146610105d3f4f5927961b5145ee7b7365f685f357b7049a5b3dcb4f6a0ee7
12fb814304a8f6ab51652a9de368e4730dc544373c691f34e49f21f5edee19d4
13bf16858cdd934b26308a950832cd91fb2afbfb09261c790c79e4302509b1bf
1b033925ea98eda17fc6f329f522ac3005af5c12c0c3feebd43f36c996941b78
21397c10f31aafbc1ffaab8a1c171956083e45405f286c9bc27939592d4da674
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
24ff1024af5ac3cbf4c5e66ff023195111d23bb72d29b029f22b02819ae2b146
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
46469020254ff1dd284554b6800a3b85b717eee79a304125ad39c28e3a0f1c0c
4957285c5f3eba5ce214e716c872395e98315849afa5c03e799b3874f584f21f
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b86eb5398c67c85f4c5f437f420be7c9bcad49af0db8433a0e5ee2e1b83f834
4d41b88e85f102322f6518ab48a1cfc3b8687aedd42bef4a223aacb94b3afefd
4ded23e95dda072cfa4a3e7f0b581b5ff5b17472caaadc2d29c6eea2a5da9bbc
4ec490cc6758aecff6847ed9b6fa22fb35f4eea8da4db36fd3b122d8af5c5717
5731a5b4447547afa469319691b9c8376050402e328eae597a08e67235935904
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
63b8c81bd81ce3ed39dd635b901fcf40129653ad2d54f2580fbb1505ffd40259
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6879209c0b87c73188d415b1a058063bb7cde297f8347e5dc264dca5effdc16b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89b9b6141e44e5019fe68a5ba2c3038a8336cbc566200a87902ccd04844355c6
960ad07a9fdc1ef5853202539f231ccc6ccaab4945cb774512da034f479612b8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a275ae3754d7f47ad3b1bff64f546a3de866861a08955523e386bdf14b7d27b5
ad0590a2876387044af09f5d0f99556e1556453624b933da6c4f9ef8148c32cb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d
b0d4b58c5bace070b2f7a04b866c23c8f185ff1187d4fe8c41d6c62fcd76c1d0
b531d97514a92ecae57789d88f179d385c36f1641c6e78ef2ad2edbc40a1dbf3
b7e16fea44c43076e979ca7b8a1fd2367e2a841b1b250361412b7be874a5be40
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c17ec1ad3ad09c7c7184bfe9674704744f7f15c22c7bd6d4244f174744efbf26
c46dd0d9ed58ce8d27cfcce12d21591e455e844414a35c3e04e3f74b897b86e4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ce2671c6e7191b53bbca54a2a6db5463a7e327878ed7dd0b39d6bdd7395c9c8f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e722ce3684d3e78516464b67210b5b2cbcc853c2c4a70bd13a631d0b8937cf88
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eecc77a8a53725b15a97b4bc5293d953038750a3695becccf553443497dec21f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef7a2c25c308e248e0e6f088f6f8fb9f37d3a4f637baf79f246ea0d64dbc4a81
ef7da2ea9165f4486462c7f1dccddb7485e6a1922d220a1c393a8fa7214829fd
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fdaff9e112facd4e9a5fa63019e6fddcfa83838e1fc3f3160a84e29bc0023e65