subsidiosparaseguro.com Open in urlscan Pro
2600:9000:2250:9400:18:31f8:8740:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://subsidiosparaseguro.com/
Submission: On November 28 via automatic, source certstream-suspicious (November 28th 2023, 1:26:49 am UTC) — Scanned from DE

Summary HTTP 66 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 66 HTTP transactions. The main IP is 2600:9000:2250:9400:18:31f8:8740:93a1, located in United States and belongs to AMAZON-02, US. The main domain is subsidiosparaseguro.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 27th 2023. Valid for: a year.

This is the only time subsidiosparaseguro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2600:9000:225... 2600:9000:2250:9400:18:31f8:8740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	23.53.43.185 23.53.43.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:224... 2600:9000:224a:6800:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
10	108.157.4.34 108.157.4.34	16509 (AMAZON-02) (AMAZON-02)
1	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.176.31.115 35.176.31.115	16509 (AMAZON-02) (AMAZON-02)
16	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:249... 2600:9000:2490:4a00:4:1957:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.204.170.2 54.204.170.2	14618 (AMAZON-AES) (AMAZON-AES)
66	17

7 2600:9000:2250:9400:18:31f8:8740:93a1 (United States)

ASN16509 (AMAZON-02, US)

subsidiosparaseguro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.53.43.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-185.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:6800:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.157.4.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-34.dus51.r.cloudfront.net

app.leadfinery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.31.115 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-31-115.eu-west-2.compute.amazonaws.com

api.adtopiaglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:4a00:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-js.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.204.170.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-170-2.compute-1.amazonaws.com

display.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	525 B
10	leadfinery.com app.leadfinery.com	4 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 o.clarity.ms — Cisco Umbrella Rank: 7480 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
7	subsidiosparaseguro.com subsidiosparaseguro.com	2 MB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	148 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	5 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	195 KB
2	ringba.com b-js.ringba.com — Cisco Umbrella Rank: 126053 display.ringba.com — Cisco Umbrella Rank: 89047	15 KB
2	adtopiaglobal.com api.adtopiaglobal.com	365 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	304 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	172 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	763 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	912 B
1	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 16488
66	14

	Domain	Requested by
16	www.facebook.com	subsidiosparaseguro.com
10	app.leadfinery.com	subsidiosparaseguro.com
7	subsidiosparaseguro.com	subsidiosparaseguro.com
6	analytics.tiktok.com	subsidiosparaseguro.com analytics.tiktok.com
5	fonts.googleapis.com	subsidiosparaseguro.com
5	connect.facebook.net	subsidiosparaseguro.com connect.facebook.net
4	o.clarity.ms	subsidiosparaseguro.com www.clarity.ms
2	c.clarity.ms	1 redirects
2	api.adtopiaglobal.com	subsidiosparaseguro.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	subsidiosparaseguro.com www.clarity.ms
2	www.googletagmanager.com	subsidiosparaseguro.com www.googletagmanager.com
1	display.ringba.com	subsidiosparaseguro.com
1	b-js.ringba.com	subsidiosparaseguro.com
1	c.bing.com	1 redirects
1	analytics.pangle-ads.com	analytics.tiktok.com
1	cdn.matomo.cloud	subsidiosparaseguro.com
66	17

This site contains links to these domains. Also see Links.

Domain
www.healthcare.gov

Subject Issuer	Validity	Valid
*.seguroparalatinos.org Amazon RSA 2048 M03	`2023-11-27` - `2024-12-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-06` - `2023-12-05`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.leadfinery.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.api.adtopiaglobal.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh
*.ringba.com Amazon RSA 2048 M03	`2023-11-27` - `2024-12-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://subsidiosparaseguro.com/
Frame ID: FF6F54C32595953EA9C1C40CD7233782
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Seguro para LatinosSeguro para Latinos

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

66
Requests

98 %
HTTPS

59 %
IPv6

14
Domains

17
Subdomains

17
IPs

4
Countries

2719 kB
Transfer

4095 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.healthcare.gov/
Title: healthcare.gov

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=132A192DA2AE49B1853A8D870C2F603C&RedC=c.clarity.ms&MXFR=14C6049D8F9B6ACE0FA3174A8B9B6497 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=132A192DA2AE49B1853A8D870C2F603C&MUID=1584086B896E6E4D04651BBC88C26F05

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
subsidiosparaseguro.com/ 3 KB
3 KB 151ms
108ms Document
text/html 2600:9000:2250:9400:18:31f8:8740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subsidiosparaseguro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:18:31f8:8740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cb05e3fc509a759f72e8293baf4cb0daf415bc1f88827fb8154158ce767b4f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 2737
content-type: text/html
date: Tue, 28 Nov 2023 01:26:45 GMT
etag: "d3340103a5d8bd1a8275f01bf61c0e3f"
last-modified: Mon, 27 Nov 2023 19:08:25 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id: K1dy0APuNz7bjf5ZB2GqWljDf1dToxE41CbOm3NLJMW1D4tfDvi_CQ==
x-amz-cf-pop: FRA60-P2
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/splt075-fe-prod-builder:4c843d63-b7c3-4779-a050-7d345491c49f
x-amz-meta-codebuild-content-md5: 07e1dabf7143a84f2a5141150e1698ee
x-amz-meta-codebuild-content-sha256: 0009a73fa17ac8b624540ebd7f56285380a5fcf51d1f3ed402d43464abd19294
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 2.66772492.chunk.css
subsidiosparaseguro.com/static/css/ 227 KB
228 KB 108ms
107ms Stylesheet
text/css 2600:9000:2250:9400:18:31f8:8740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subsidiosparaseguro.com/static/css/2.66772492.chunk.css
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:18:31f8:8740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87dab8cbf6b5ef4ea752beed9750d16439e02febc7012fb7e2c0b444f5fe7507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/splt075-fe-prod-builder:4c843d63-b7c3-4779-a050-7d345491c49f
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 07e1dabf7143a84f2a5141150e1698ee
content-length: 232692
last-modified: Mon, 27 Nov 2023 19:08:25 GMT
server: AmazonS3
etag: "b4230111de6d7803d6ed737587025bae"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 0009a73fa17ac8b624540ebd7f56285380a5fcf51d1f3ed402d43464abd19294
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: 3epESPEhfdsAKRaKC1dUNe7wuPyVDnrlJ6tPI8AfnT91Wmm8TLZrhA==

GET
H2 200 main.4e0d6fc6.chunk.css
subsidiosparaseguro.com/static/css/ 924 KB
926 KB 101ms
101ms Stylesheet
text/css 2600:9000:2250:9400:18:31f8:8740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subsidiosparaseguro.com/static/css/main.4e0d6fc6.chunk.css
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:18:31f8:8740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce0b63f89df06cf42a70bb926c9530bde6adec23f3bf96f2eb68941b77a759d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/splt075-fe-prod-builder:4c843d63-b7c3-4779-a050-7d345491c49f
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 07e1dabf7143a84f2a5141150e1698ee
content-length: 946649
last-modified: Mon, 27 Nov 2023 19:08:26 GMT
server: AmazonS3
etag: "ce386d90db9b2a53ca174d564f57ce5b"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 0009a73fa17ac8b624540ebd7f56285380a5fcf51d1f3ed402d43464abd19294
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: t41m8LYigbUAADBpus-Km9NBVka3fDMBTCaA4QcpyfW_lJMzb77C9A==

GET
H2 200 2.81732f58.chunk.js Show response
subsidiosparaseguro.com/static/js/ 406 KB
408 KB 110ms
109ms Script
application/x-javascript 2600:9000:2250:9400:18:31f8:8740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:18:31f8:8740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c98c0ec9a2f6ae46f8721dcf8ce6f9f0371bb2063a1674766d5468aef3fff2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/splt075-fe-prod-builder:4c843d63-b7c3-4779-a050-7d345491c49f
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 07e1dabf7143a84f2a5141150e1698ee
content-length: 416187
last-modified: Mon, 27 Nov 2023 19:08:26 GMT
server: AmazonS3
etag: "fda18fd33da5fe9df487eb7e2564acd7"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 0009a73fa17ac8b624540ebd7f56285380a5fcf51d1f3ed402d43464abd19294
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: ZA3yjpFCqv2sOdc-rUgxTWvdl_DDt4s9VS0BjsrGQCLf4SBUMQnxwA==

GET
H2 200 main.0b9606c9.chunk.js Show response
subsidiosparaseguro.com/static/js/ 287 KB
288 KB 113ms
112ms Script
application/x-javascript 2600:9000:2250:9400:18:31f8:8740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subsidiosparaseguro.com/static/js/main.0b9606c9.chunk.js
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:18:31f8:8740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce5728c39060d343a90cb0ebc1fa0f8ceb52774e6e2cecc65428417d98b839ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/splt075-fe-prod-builder:4c843d63-b7c3-4779-a050-7d345491c49f
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 07e1dabf7143a84f2a5141150e1698ee
content-length: 293861
last-modified: Mon, 27 Nov 2023 19:08:25 GMT
server: AmazonS3
etag: "3e5196fb190f5afcfa679bff6eca5ec7"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 0009a73fa17ac8b624540ebd7f56285380a5fcf51d1f3ed402d43464abd19294
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: JPF51-55UPhEq6S2CaGcSBe7KycWc8dqn_iNingqPDBkU94TH0vOGg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
81 KB 45ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WK99DXT

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f90f8974196a6c86d1f9e2729783a23df0674f9a1fb18cfba2a419728fbd53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82177
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK99DXT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce760dd47919fa47e8c421831076a6eb3d730c757703104eb7e2b93aee902d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 151ms
106ms Script
application/javascript 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGMOQ9RC77UBEG41AJAG&lib=ttq
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e6f5912cf37b49c7dba33534279a4a7bc51ae0279de53e4f16aa3f37518d4867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 7d6e6deb.2b673c83
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 96,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=7, inner; dur=4
content-length: 1526
pragma: no-cache
server: nginx
x-tt-logid: 20231128012644A26364CCF22468FAA33F
x-cache-remote: TCP_MISS from a23-45-180-108.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.45.180.108
x-tt-trace-host: 012624bc7cc30b88bd1e7e3e5559fac87d554e8f7cf6c3cf46d7493562f6fc84d9bdf16a7cc66e485d039c750beb1bcd9b8a1d624867e2f4bb6dde98e1c3394f6f88f3ab5da9dccbc535c6f59dcc8a4b5ef2dec2b3ca98ffb37b87418383115b7af39561400ca64d8f2e7d97650bb8d814
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 150ms
106ms Script
application/javascript 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIK4JD3C77U3LS6JS1PG&lib=ttq
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b4afbb94e1f34c99f87a843d7955736798d7fb9d9ccc770efeec5bdf08696538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 5e22c96d.2b673c84
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 95,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=4
content-length: 1516
pragma: no-cache
server: nginx
x-tt-logid: 20231128012644AF2D9DB2E8B4EDFF6437
x-cache-remote: TCP_MISS from a72-247-190-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,72.247.190.92
x-tt-trace-host: 012624bc7cc30b88bd1e7e3e5559fac87d5a912832959443058e55d1aa25e49126bf723f79ce712202ef17aac896212e8c2cfd3c780f526547f56f573d3a1671f5d74bff8ba263d3aa553de48e2d915746ad4b3a1dbcaa58630bda60fdf617b4e3e13ac767835a790e5f3a4c1a3ecd80cb
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: HevTgnlWsd4Y10uqDHHF7kDMnA3NLnZ90Vgpvs0fEIfDpSsnurJE67vTxXo7irWUBtB7WaEcNX88NW2BRyDldw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 matomo.js
cdn.matomo.cloud/acabenefitsquiz.matomo.cloud/ 0
0 79ms
49ms Script
text/html 2600:9000:224a:6800:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/acabenefitsquiz.matomo.cloud/matomo.js

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:6800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:00:39 GMT
x-amz-version-id: x8CUW72Cdy4wRBv1lXTNc2XlWFvGGyiM
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
last-modified: Thu, 02 Nov 2023 02:17:11 GMT
server: CloudFront
x-amz-cf-pop: DUS51-P1
age: 5166
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/html
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 0
x-amz-cf-id: JvSqwrS_erbsN8XfxnQ019Mj4Pw7ffF-LW_ui0S-fsRyZAWxepyLLQ==

GET
H2 200 jgprib6su9 Show response
www.clarity.ms/tag/ 650 B
1014 B 148ms
94ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jgprib6su9
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 076ee7429e6cb41fd51c923f521735d1b755b33742f2d5063c87248944b996ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Tue, 28 Nov 2023 01:26:44 GMT
x-azure-ref: 20231128T012644Z-5ucqxgrpc165vbnx83xxcxpm3n00000008u0000000005rmf
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 901443270982030 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 73ms
72ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/901443270982030?v=2.9.138&r=stable&domain=subsidiosparaseguro.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

26690f149a17fa6d21d6a228a0e4b9f0870a2ca02985c56f0734b49da8d764cb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 0ijwFEuaGhA3wlcQxJfhksc4ntHM5YsdBn/1+g84h1ieu0IVmcITkxIDfhpwaqs5GuP398V/K/0N/Q5Zngq9Kg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-91HGQ5JVGN&gtm=45je3b81v9133384110z89132857080&_p=1701134804259&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1181285969.1701134804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701134804&sct=1&seg=0&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2F&dt=Seguro%20para%20Latinos&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=317
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 01:26:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subsidiosparaseguro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
594 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/css/main.4e0d6fc6.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62250a35703c2ceea5a584e9730fbf0ae21a27f085dde0e6b409dd41aea309a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 01:26:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/css/main.4e0d6fc6.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 23:45:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
1 KB 43ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/css/main.4e0d6fc6.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55dd98058597b9910e9650a64370dccf0368816a33ec4752cba9362a2d033a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 01:26:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/css/main.4e0d6fc6.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 01:04:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
635 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/css/main.4e0d6fc6.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 23:37:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H3 200 2060170190837421 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 104ms
104ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2060170190837421?v=2.9.138&r=stable&domain=subsidiosparaseguro.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6753e21a48eb25f40837a25d997c7c5a0f79a991395f8054f0127831acaa3120

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: C8cRl2E/a+4JlZbfvjlN9s3YHN+xWfV/jZc3Y9olNlVx8KsI3StXVL7gPcPG2EwGUIbPOGoDf6176gAPrh5b4Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 get-uuid
app.leadfinery.com/api/splt075/live/v1/ 0
0 138ms
79ms Preflight
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/get-uuid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://subsidiosparaseguro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Tue, 28 Nov 2023 01:26:44 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-id: g_8TypkvYoeZazmB2cWVKAnlPEbMVVwo-6PO2WtOqxHcjv5qvLsHRA==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront

POST
H2 200 get-uuid Show response
app.leadfinery.com/api/splt075/live/v1/ 113 B
579 B 73ms
73ms XHR
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/get-uuid
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: af344e5a9eae898f7e7868fb9b98a9372adf5d8716c1fffd3cf8a82e8d9858c7

Request headers

Accept: application/json
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer f1bMEBdZQrsSathFozcWjqLGu8V3KCvl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Nov 2023 01:26:44 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: DUS51-P2
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: Vx0s2EGKnMAO-kIM9quVte997puSxn6ogplJD8WVBN0FsOhdQFIM4g==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 13ms
13ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jgprib6su9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
etag: W/"0x8DBE772F014B026"
vary: Accept-Encoding
x-azure-ref: 20231128T012644Z-5ucqxgrpc165vbnx83xxcxpm3n00000008u0000000005rmt
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 71b8cf6e-801e-0048-4d51-1f33ec000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 11ms
11ms Script
application/javascript 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIK4JD3C77U3LS6JS1PG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 2b673c9e
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731376EB14F68E34DA9E86159
vary: Accept-Encoding
x-cache: TCP_HIT from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01344ffb0bd32d160fe2acaed6ffe8849031d088a1c2091fab6432c5b3492ced40792f70a5537926c4a0c71e7f496c34b9d8fec4c738a71f17b2805024156eeef335756ab4973a19dc0e849453c745dc8c63fbc8aa9b1ecf17fb908b4c8cbc45b2
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=18
content-length: 108282

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 10ms
10ms Script
application/javascript 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 2b673ca6
date: Tue, 28 Nov 2023 01:26:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073151111B4CD2494DDFE40889
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0131c97ea717a60ce12e0afbc3a7bdfd84e0febdc4bbf76925d5d2e827ddf526efbe7d128163601627f3d755fceb63a69555dbc2469a99b3d480a2de5af23bb3288cf2446109049910b8b4a19bd31df3c04b28d8d95a3e382fba269ba19f633569
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length: 36049

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
912 B 167ms
126ms Ping
text/plain 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 58aaaee6.80f53ada
date: Tue, 28 Nov 2023 01:26:44 GMT
x-bytefaas-request-id: 202311280126445EE291CE29A84338629E
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 119,23.54.206.24
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=34, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311280126445EE291CE29A84338629E
x-cache-remote: TCP_MISS from a23-222-0-46.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 29.14
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 012624bc7cc30b88bd1e7e3e5559fac87d58418788224041579ec2ed58fb95d1ac3ae35c5a2edcedb1cd9052ad17a2201766580cbcdb0438c4bd73f51766883b89df67e51a528e95a6bda6004ec77bc3386744086fdf3d5cc84af42ebe875df210b77e14daf899834733376ed914c540c0
x-origin-response-time: 34,23.222.0.46
access-control-allow-headers: *
expires: Tue, 28 Nov 2023 01:26:44 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
788 B 135ms
135ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1793e8d3.2b673cb0
date: Tue, 28 Nov 2023 01:26:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 122,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=34, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023112801264472A42C2E8B52EF311A00
x-cache-remote: TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.48.100.41
x-tt-trace-host: 012624bc7cc30b88bd1e7e3e5559fac87d750f77b4a381ec41f836540e055006035e032d7d2b07c22b2c58b8e054f36eca42212fc769174b2933815bcb6decc25921e752cf1d11bba060780b9240c19f8dc955fda83cf775fadecebf6d49f12684be1300ec31f0cc78905faf9b0642954d
access-control-allow-headers: Authorization,*
expires: Tue, 28 Nov 2023 01:26:44 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
787 B 146ms
146ms Ping
text/plain 23.53.43.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 17924fa8.2b673cb1
date: Tue, 28 Nov 2023 01:26:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-43-181.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 131,23.53.43.181
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=43, inner; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023112801264429A5F64C71CF82A03EA3
x-cache-remote: TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 43,23.48.100.41
x-tt-trace-host: 012624bc7cc30b88bd1e7e3e5559fac87d750f77b4a381ec41f836540e055006035e032d7d2b07c22b2c58b8e054f36eca102c4113a59ea22decbcac1e1808fffaf5028b001c6fae0306cfef152c4d9bd0dd43702fe09ad3a52d28be49a821845c5bd77da91a2781593d6e032dd06ea69c
access-control-allow-headers: Authorization,*
expires: Tue, 28 Nov 2023 01:26:44 GMT

GET
H3 200 3374464979550893 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3374464979550893?v=2.9.138&r=stable&domain=subsidiosparaseguro.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1ac81082ac697ec6ca969e4ee41e45f9f7ed28051535f9e1f2740979ac7b825

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6azOHDnQeyxYC4WEPjXH6qROYwTJCwQNc5d6ULd6evdYuGtFP9rLpYd2D8tCrg5jo+tGdcjm3SZg1mxaSnLX8Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
303 B 302ms
102ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://subsidiosparaseguro.com
Date: Tue, 28 Nov 2023 01:26:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 1370605930515370 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 73ms
73ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1370605930515370?v=2.9.138&r=stable&domain=subsidiosparaseguro.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

416ec89e499630fe1c181ed5c836a087adb1ee5cf8c55a0477e27977db5f8d94

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vonHOxPuP7RxgIm70xHh6IZCx+CLXTZ5PRkLIkFjgGgWaucUL/uEExGkIJ8LdC9rvAAxcEme69c1INR33+ppwA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 loader Show response
api.adtopiaglobal.com/ 194 B
365 B 37ms
36ms XHR
application/json 35.176.31.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adtopiaglobal.com/loader
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.31.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-31-115.eu-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: f659da832c050732074ab891e82a702a60056e1317c51f9b645a773029b24c7d

Request headers

Accept: application/json
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer f1bMEBdZQrsSathFozcWjqLGu8V3KCvl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://subsidiosparaseguro.com
date: Tue, 28 Nov 2023 01:26:44 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 194
vary: Origin
content-type: application/json

OPTIONS
H2 200 loader
api.adtopiaglobal.com/ 0
0 128ms
26ms Preflight
text/plain 35.176.31.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adtopiaglobal.com/loader
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.31.115 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-31-115.eu-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://subsidiosparaseguro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://subsidiosparaseguro.com
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 01:26:44 GMT
server: nginx/1.18.0
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2F&rl=&if=false&ts=1701134804777&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2F&rl=&if=false&ts=1701134804779&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&cs_est=true&it=1701134804385&coo=false&rqm=GET

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2F&rl=&if=false&ts=1701134804779&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2F&rl=&if=false&ts=1701134804779&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Requested by

Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=132A192DA2AE49B1853A8D870C2F603C&RedC=c.clarity.ms&MXFR=14C6049D8F9B6ACE0FA3174A8B9B6497
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=132A192DA2AE49B1853A8D870C2F603C&MUID=1584086B896E6E4D04651BBC88C26F05

42 B
444 B

29ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=132A192DA2AE49B1853A8D870C2F603C&MUID=1584086B896E6E4D04651BBC88C26F05
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 01:26:44 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 01:26:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F155D6E4A474E71AA6CFE74867CAB51 Ref B: FRA31EDGE0709 Ref C: 2023-11-28T01:26:44Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=132A192DA2AE49B1853A8D870C2F603C&MUID=1584086B896E6E4D04651BBC88C26F05
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect
o.clarity.ms/ 0
303 B 132ms
93ms Ping
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://subsidiosparaseguro.com
Date: Tue, 28 Nov 2023 01:26:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134804899&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134804900&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&cs_est=true&it=1701134804385&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134804901&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134804901&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 Spin.22321da3.gif
subsidiosparaseguro.com/static/media/ 81 KB
81 KB 104ms
104ms Image
image/gif 2600:9000:2250:9400:18:31f8:8740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subsidiosparaseguro.com/static/media/Spin.22321da3.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:18:31f8:8740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47db1ac21913b00210be5963592b75bf031338959c6141208641b11a046e6d40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/SPR_V1?uuid=SPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Mon, 27 Nov 2023 19:08:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "1233955dd1ec0add9900ff19af52d38e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/splt075-fe-prod-builder:4c843d63-b7c3-4779-a050-7d345491c49f
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 0009a73fa17ac8b624540ebd7f56285380a5fcf51d1f3ed402d43464abd19294
content-type: image/gif
x-cache: Miss from cloudfront
accept-ranges: bytes
x-amz-meta-codebuild-content-md5: 07e1dabf7143a84f2a5141150e1698ee
content-length: 82549
x-amz-cf-id: sCuhRmSOr9evmIxUUbo0qf6-83p1gWrlX0qn_GWwgN3E6koTozlDEA==

GET
H2 200 banner_2.8ee04dc4.jpg
subsidiosparaseguro.com/static/media/ 216 KB
217 KB 132ms
132ms Image
image/jpeg 2600:9000:2250:9400:18:31f8:8740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subsidiosparaseguro.com/static/media/banner_2.8ee04dc4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:18:31f8:8740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97d6fa6f2f717b18a229dabcf20a9f03b5fe6329b5ee2921175069b65d9cb766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/SPR_V1?uuid=SPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Mon, 27 Nov 2023 19:08:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "314d5691680fc5300f486593dba9d0ba"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/splt075-fe-prod-builder:4c843d63-b7c3-4779-a050-7d345491c49f
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 0009a73fa17ac8b624540ebd7f56285380a5fcf51d1f3ed402d43464abd19294
content-type: image/jpeg
x-cache: Miss from cloudfront
accept-ranges: bytes
x-amz-meta-codebuild-content-md5: 07e1dabf7143a84f2a5141150e1698ee
content-length: 221456
x-amz-cf-id: RA8KIGUBBSGLQ7wL-pamcq1iRjx3kE8FMBC85vry0eK7ajnHEPzaCA==

GET
H2 200 CA4f31afccd82d41f5a77defe4542dffab Show response
b-js.ringba.com/ 14 KB
14 KB 266ms
206ms Script
text/html 2600:9000:2490:4a00:4:1957:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-js.ringba.com/CA4f31afccd82d41f5a77defe4542dffab
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:4a00:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 78af9a5204256da8cf5704a740f48c93e73f15124572cd825e1fc7975b9a6e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-runtime: 0.0000
date: Tue, 28 Nov 2023 01:26:44 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA56-P6
x-powered-by: ASP.NET
access-control-max-age: 300
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public
content-length: 13856
x-amz-cf-id: IyW2_m41ic0KdDO1Vg_JxtfJT5OwsOQBj0j0qS39HJmw_WtrbUlj4A==
expires: Tue, 28 Nov 2023 01:31:14 GMT

OPTIONS
H2 200 user-agent
app.leadfinery.com/api/splt075/live/v1/ 0
0 65ms
64ms Preflight
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/user-agent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://subsidiosparaseguro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Tue, 28 Nov 2023 01:26:44 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-id: L9ODSLPpp4eF1U3IClnvxzuXtB5-ZRXV458ZFc3l9tTN8LW08LOfYg==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront

OPTIONS
H2 200 ringba-online
app.leadfinery.com/api/splt075/live/v1/ 0
0 63ms
63ms Preflight
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/ringba-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://subsidiosparaseguro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Tue, 28 Nov 2023 01:26:44 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-id: 670PuTT7vlhkdEqpm4xuOinjDhhEww9U2DfYh663I9I_sJ9HIy1wUw==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront

POST
H2 200 user-agent Show response
app.leadfinery.com/api/splt075/live/v1/ 1 KB
2 KB 76ms
76ms XHR
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/user-agent
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 29e88470ccb40825b1ab15d127031fede73d4f9eb02ac4b0a6d95e6ca408aac3

Request headers

Accept: application/json
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer f1bMEBdZQrsSathFozcWjqLGu8V3KCvl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: DUS51-P2
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: kK2ycP8RAzJsxQiDn7bCj1Is3BYumX9CkjmQZBCtvS8vO2Llp5ItFg==

POST
H2 200 ringba-online Show response
app.leadfinery.com/api/splt075/live/v1/ 41 B
507 B 88ms
87ms XHR
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/ringba-online
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a4187091aba0cdd62e1663d65cd5eebd1b2d7ba176afc1ab12fc4e88b2f45a01

Request headers

Accept: application/json
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer f1bMEBdZQrsSathFozcWjqLGu8V3KCvl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: DUS51-P2
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: 0EAOJ3LiPOVxPB5QhyrahOCjQYFSMipFM4l12UZtsPaDNRgsKX_Rnw==

OPTIONS
H2 200 data-ingestion-pipeline
app.leadfinery.com/api/splt075/live/v1/ 0
0 66ms
66ms Preflight
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/data-ingestion-pipeline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://subsidiosparaseguro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Tue, 28 Nov 2023 01:26:45 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-id: d6VySYitCM19G19ftLx_J2ZJ84vVa9qs73dtAVcBF3SL3uIpsIqY1A==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront

POST
H2 200 data-ingestion-pipeline Show response
app.leadfinery.com/api/splt075/live/v1/ 20 B
486 B 188ms
188ms XHR
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/data-ingestion-pipeline
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Accept: application/json
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer f1bMEBdZQrsSathFozcWjqLGu8V3KCvl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: DUS51-P2
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: i5TgqjTYN1mtw4zESAt63TnullXN91L7ZgtvfdpwBgvpplj0HNXkhg==

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a%26uuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134805061&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a%26uuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134805062&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&cs_est=true&it=1701134804385&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a%26uuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134805062&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a%26uuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134805063&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134805065&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134805065&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&cs_est=true&it=1701134804385&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134805065&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2FSPR_V1%3Fuuid%3DSPLT075-3101a870-8d8d-11ee-9cd2-b1f76391c07a&rl=&if=false&ts=1701134805066&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1701134804777.1715911765&ler=empty&it=1701134804385&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subsidiosparaseguro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 01:26:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 save-journey-status
app.leadfinery.com/api/splt075/live/v1/ 0
0 63ms
63ms Preflight
application/json 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/save-journey-status
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://subsidiosparaseguro.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Tue, 28 Nov 2023 01:26:45 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-id: hZgReoyBtP0HHdhSsbzkAhZcbjiNxKhGTXicCuapfqRM1WBLEjfFIg==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront

POST
H2 200 save-journey-status Show response
app.leadfinery.com/api/splt075/live/v1/ 0
536 B 107ms
106ms XHR
text/html 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/splt075/live/v1/save-journey-status
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer f1bMEBdZQrsSathFozcWjqLGu8V3KCvl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Nov 2023 01:26:45 GMT
content-encoding: gzip
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: DUS51-P2
vary: Authorization,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: mE5M7miB9TW1N6CNafFKNpPaaQ49XunqSlAx5nbMHpWQ0fz3ayoKew==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07995ca196a43cad6f1a4eb0b1a776c7ab4f266759b99513421f7abe5535d6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK gnbulk Show response
display.ringba.com/v2/nis/ 400 B
794 B 375ms
93ms XHR
application/json 54.204.170.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ringba.com/v2/nis/gnbulk
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.170.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-170-2.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4418036e650a061882dd6125709f162966df67a8859635a2bf633bd388b78200

Request headers

Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 01:26:45 GMT
X-Runtime: 0.0020
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Max-Age: 300
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://subsidiosparaseguro.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 400
Expires: -1

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
303 B 92ms
92ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://subsidiosparaseguro.com
Date: Tue, 28 Nov 2023 01:26:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
303 B 92ms
92ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: subsidiosparaseguro.com
URL: https://subsidiosparaseguro.com/static/js/2.81732f58.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://subsidiosparaseguro.com
Date: Tue, 28 Nov 2023 01:26:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-91HGQ5JVGN&gtm=45je3b81v9133384110&_p=1701134804259&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1181285969.1701134804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1701134804&sct=1&seg=0&dl=https%3A%2F%2Fsubsidiosparaseguro.com%2F&dt=Seguro%20para%20Latinos&_s=2&tfd=5322
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subsidiosparaseguro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 01:26:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subsidiosparaseguro.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.subsidiosparaseguro.com/	1970-01-20 18:41:50	Name: _gcl_au Value: 1.1.149595193.1701134804
.subsidiosparaseguro.com/	1970-01-21 02:08:14	Name: _ga Value: GA1.1.1181285969.1701134804
www.clarity.ms/	1970-01-21 01:17:50	Name: CLID Value: 7d34e17bad594d5792041187b9850f27.20231128.20241127
.tiktok.com/	1970-01-21 01:53:50	Name: _ttp Value: 2Ymdh6L6YKg44ZAWfLaXNNHMLKq
.subsidiosparaseguro.com/	1970-01-21 01:17:50	Name: _clck Value: 8avlrw%7C2%7Cfh3%7C0%7C1427
.subsidiosparaseguro.com/	1970-01-21 01:53:50	Name: _tt_enable_cookie Value: 1
.subsidiosparaseguro.com/	1970-01-21 01:53:50	Name: _ttp Value: V1EWsqhCpcHgzY0jIbID_IcYwIe
.subsidiosparaseguro.com/	1970-01-20 18:41:50	Name: _fbp Value: fb.1.1701134804777.1715911765
.bing.com/	1970-01-21 01:53:50	Name: MUID Value: 1584086B896E6E4D04651BBC88C26F05
.c.bing.com/	1970-01-20 16:42:19	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:53:50	Name: SRM_B Value: 1584086B896E6E4D04651BBC88C26F05
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:53:50	Name: MUID Value: 1584086B896E6E4D04651BBC88C26F05
.c.clarity.ms/	1970-01-20 16:42:19	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:32:15	Name: ANONCHK Value: 0
.subsidiosparaseguro.com/	1970-01-20 16:33:41	Name: _clsk Value: 1sa9hjo%7C1701134805343%7C1%7C1%7Co.clarity.ms%2Fcollect
.subsidiosparaseguro.com/	1970-01-21 02:08:14	Name: _ga_91HGQ5JVGN Value: GS1.1.1701134804.1.1.1701134806.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.matomo.cloud/acabenefitsquiz.matomo.cloud/matomo.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.pangle-ads.com
analytics.tiktok.com
api.adtopiaglobal.com
app.leadfinery.com
b-js.ringba.com
c.bing.com
c.clarity.ms
cdn.matomo.cloud
connect.facebook.net
display.ringba.com
fonts.googleapis.com
o.clarity.ms
region1.google-analytics.com
subsidiosparaseguro.com
www.clarity.ms
www.facebook.com
www.googletagmanager.com
108.157.4.34
193.108.153.24
2001:4860:4802:32::36
23.53.43.185
2600:9000:224a:6800:c:7d55:b3c0:93a1
2600:9000:2250:9400:18:31f8:8740:93a1
2600:9000:2490:4a00:4:1957:6500:93a1
2620:1ec:bdf::44
2620:1ec:c11::200
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
35.176.31.115
52.152.143.207
54.204.170.2
68.219.88.97
076ee7429e6cb41fd51c923f521735d1b755b33742f2d5063c87248944b996ab
07995ca196a43cad6f1a4eb0b1a776c7ab4f266759b99513421f7abe5535d6c0
1cb05e3fc509a759f72e8293baf4cb0daf415bc1f88827fb8154158ce767b4f0
26690f149a17fa6d21d6a228a0e4b9f0870a2ca02985c56f0734b49da8d764cb
29e88470ccb40825b1ab15d127031fede73d4f9eb02ac4b0a6d95e6ca408aac3
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725
3ce0b63f89df06cf42a70bb926c9530bde6adec23f3bf96f2eb68941b77a759d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
416ec89e499630fe1c181ed5c836a087adb1ee5cf8c55a0477e27977db5f8d94
4418036e650a061882dd6125709f162966df67a8859635a2bf633bd388b78200
47db1ac21913b00210be5963592b75bf031338959c6141208641b11a046e6d40
4f90f8974196a6c86d1f9e2729783a23df0674f9a1fb18cfba2a419728fbd53f
55dd98058597b9910e9650a64370dccf0368816a33ec4752cba9362a2d033a54
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
62250a35703c2ceea5a584e9730fbf0ae21a27f085dde0e6b409dd41aea309a8
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
6753e21a48eb25f40837a25d997c7c5a0f79a991395f8054f0127831acaa3120
78af9a5204256da8cf5704a740f48c93e73f15124572cd825e1fc7975b9a6e87
87dab8cbf6b5ef4ea752beed9750d16439e02febc7012fb7e2c0b444f5fe7507
97d6fa6f2f717b18a229dabcf20a9f03b5fe6329b5ee2921175069b65d9cb766
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a4187091aba0cdd62e1663d65cd5eebd1b2d7ba176afc1ab12fc4e88b2f45a01
af344e5a9eae898f7e7868fb9b98a9372adf5d8716c1fffd3cf8a82e8d9858c7
b4afbb94e1f34c99f87a843d7955736798d7fb9d9ccc770efeec5bdf08696538
c98c0ec9a2f6ae46f8721dcf8ce6f9f0371bb2063a1674766d5468aef3fff2b4
ce5728c39060d343a90cb0ebc1fa0f8ceb52774e6e2cecc65428417d98b839ce
ce760dd47919fa47e8c421831076a6eb3d730c757703104eb7e2b93aee902d08
d1ac81082ac697ec6ca969e4ee41e45f9f7ed28051535f9e1f2740979ac7b825
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f5912cf37b49c7dba33534279a4a7bc51ae0279de53e4f16aa3f37518d4867
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f659da832c050732074ab891e82a702a60056e1317c51f9b645a773029b24c7d

subsidiosparaseguro.com Open in urlscan Pro 2600:9000:2250:9400:18:31f8:8740:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

59 %IPv6

14 Domains

17 Subdomains

17 IPs

4 Countries

2719 kBTransfer

4095 kBSize

17 Cookies

1 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

subsidiosparaseguro.com Open in urlscan Pro
2600:9000:2250:9400:18:31f8:8740:93a1 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

59 %
IPv6

14
Domains

17
Subdomains

17
IPs

4
Countries

2719 kB
Transfer

4095 kB
Size

17
Cookies

66 HTTP transactions
1 data transactions