gim.fulton.es Open in urlscan Pro
185.9.193.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gim.fulton.es:6522/gimweb/pc/inici.aspx
Submission: On June 14 via manual (June 14th 2023, 8:29:44 am UTC) from ES — Scanned from ES

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 185.9.193.2, located in Valencia, Spain and belongs to BPLAN, ES. The main domain is gim.fulton.es.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 27th 2023. Valid for: a year.

This is the only time gim.fulton.es was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	185.9.193.2 185.9.193.2	198479 (BPLAN) (BPLAN)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
15	3

13 185.9.193.2 (Valencia, Spain)

ASN198479 (BPLAN, ES)
PTR: 193-9-185-2.nunsys.com

gim.fulton.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	fulton.es gim.fulton.es	1 MB
1	gstatic.com www.gstatic.com	164 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	895 B
15	3

	Domain	Requested by
13	gim.fulton.es	gim.fulton.es
1	www.gstatic.com	www.google.com
1	www.google.com	gim.fulton.es
15	3

This site contains no links.

Subject Issuer	Validity	Valid
www.gim.fulton.es Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
Frame ID: 650D05357B9C4B5E264DBCE5B16C8571
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GIM WEB

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1270 kB
Transfer

1510 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request inici.aspx Show response
gim.fulton.es/gimweb/pc/ 16 KB
17 KB 623ms
385ms Document
text/html 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

656d2c1e6e1ee359a01ef1d12c6ef40e2f864597aaf3dae3c4f18861fec60a13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
cache-control: private,public
content-length: 15930
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
content-type: text/html; charset=utf-8
date: Wed, 14 Jun 2023 08:29:38 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=300; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 GIMWeb_v8.css
gim.fulton.es/gimweb/ 8 KB
8 KB 159ms
156ms Stylesheet
text/css 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/GIMWeb_v8.css

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

6a29c6710bbfb6b5b13c778c21b2f779c59e1bc1492a08fa48688d4fdd94ffbf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 8070
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:54:52 GMT
server: Microsoft-IIS/10.0
etag: "0ae6fb57740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 jquery-ui-1.11.2.min.css
gim.fulton.es/gimweb/pc/css/ 36 KB
36 KB 84ms
82ms Stylesheet
text/css 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/css/jquery-ui-1.11.2.min.css

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

450c8df12d4c6619416d6fcadd93cf339665845b8a548cba5a236962033e423c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 36722
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:54:06 GMT
server: Microsoft-IIS/10.0
etag: "0a349a7740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 bootstrap.min.css
gim.fulton.es/gimweb/pc/css/maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
120 KB 159ms
157ms Stylesheet
text/css 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/css/maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 122540
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:54:08 GMT
server: Microsoft-IIS/10.0
etag: "0d0359b7740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 bootstrap-theme.min.css
gim.fulton.es/gimweb/pc/css/maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 23 KB
23 KB 237ms
235ms Stylesheet
text/css 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/css/maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap-theme.min.css

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

6c7422a9c15b9c96f542187ad5163d70c87a911d204ee418ea214e063d728f4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 23357
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:54:08 GMT
server: Microsoft-IIS/10.0
etag: "0d0359b7740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 font-awesome.min.css
gim.fulton.es/gimweb/pc/css/maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
26 KB 243ms
241ms Stylesheet
text/css 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/css/maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 26711
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:54:06 GMT
server: Microsoft-IIS/10.0
etag: "0a349a7740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 jquery-1.11.2.min.js Show response
gim.fulton.es/gimweb/pc/Js/ 94 KB
94 KB 307ms
305ms Script
application/javascript 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/Js/jquery-1.11.2.min.js

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 95931
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:53:32 GMT
server: Microsoft-IIS/10.0
etag: "0a6c0857740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 jquery-ui-1.11.2.min.js Show response
gim.fulton.es/gimweb/pc/Js/ 248 KB
248 KB 308ms
306ms Script
application/javascript 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/Js/jquery-ui-1.11.2.min.js

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 253669
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:53:28 GMT
server: Microsoft-IIS/10.0
etag: "04c5e837740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 jquery-ui.js Show response
gim.fulton.es/gimweb/pc/tabla/js/ 454 KB
454 KB 312ms
310ms Script
application/javascript 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/tabla/js/jquery-ui.js

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

48506d0f7f2757a00caa3d8b4fc3aae78eee68c4a5d4b047d164b35564e798b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 464436
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:53:46 GMT
server: Microsoft-IIS/10.0
etag: "0e1188e7740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 popup_nuevo.js Show response
gim.fulton.es/gimweb/pc/js/ 3 KB
3 KB 386ms
385ms Script
application/javascript 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/js/popup_nuevo.js

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

e1b97c3733ea028caf02f9cd611f3f93602a664e22fbed54832154422cbe27e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 3141
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:53:32 GMT
server: Microsoft-IIS/10.0
etag: "0a6c0857740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 bootstrap.min.js Show response
gim.fulton.es/gimweb/pc/js/maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
38 KB 387ms
386ms Script
application/javascript 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to

Full URL

https://gim.fulton.es:6522/gimweb/pc/js/maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 36816
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:53:32 GMT
server: Microsoft-IIS/10.0
etag: "0a6c0857740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
895 B 260ms
84ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderRecaptcha&render=explicit

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40aeef248a85fecbfe81f4054e61b7e81b91884786610db9a2a02d6ed9653876

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 08:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 575
x-xss-protection: 1; mode=block
expires: Wed, 14 Jun 2023 08:29:39 GMT

GET
H2 200 Entrar.jpg
gim.fulton.es/gimweb/pc/IMAGENES/Imatges/ 1 KB
2 KB 79ms
78ms Image
image/jpeg 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gim.fulton.es:6522/gimweb/pc/IMAGENES/Imatges/Entrar.jpg

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

1b294511020cda4b435bd3b5cf63a91432d9b543f98fe56e31a3d14f2002a9a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 1435
x-xss-protection: 1; mode=block
last-modified: Mon, 03 May 2021 23:53:34 GMT
server: Microsoft-IIS/10.0
etag: "0d3f1867740d71:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 LogoIngresoWeb.jpg
gim.fulton.es/gimweb/pc/IMAGENES/Imatges/ 36 KB
36 KB 84ms
83ms Image
image/jpeg 185.9.193.2
BPLAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gim.fulton.es:6522/gimweb/pc/IMAGENES/Imatges/LogoIngresoWeb.jpg

Requested by

Host: gim.fulton.es
URL: https://gim.fulton.es:6522/gimweb/pc/inici.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.9.193.2 Valencia, Spain, ASN198479 (BPLAN, ES),

Reverse DNS

193-9-185-2.nunsys.com

Software

Microsoft-IIS/10.0 /

Resource Hash

829b1ca3c5cf5ac1e8f5b2ac6729cafeca11a7288e201180a6b5b436eefcdf65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gim.fulton.es:6522/gimweb/pc/inici.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' https://*.pagespeed-mod.com https://*.amazonaws.com https://*.github.io https://*.rawgit.com https://*.datatables.net https://*.jquery.com https://*.cloudflare.com https://*.gstatic.com https://*.youtube.com https://*.linkedin.com https://*.doubleclick.net https://*.ampproject.org https://*.googletagservices.com https://*.googleadservices.com https://*.google.com https://*.google.co.in https://*.addtoany.com https://*.googleapis.com https://*.tawk.to https://*.jsdelivr.net http://*.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.net https://*.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.fontawesome.com https://*.ionicframework.com https://*.rawgit.com/ https://*.github.io https://*.bootstrapcdn.com https://*.datatables.net https://*.jsdelivr.net https://*.twitter.com https://*.addtoany.com https://*.cloudflare.com https://*.googleapis.com https://*.tawk.to https://*.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://*.amazonaws.com https://*.rediff.com; manifest-src 'self' https://*.jsdelivr.net; font-src 'self' * https://*.tawk.to https://*.gstatic.com https://*.jsdelivr.net https://*.cloudflare.com https://*.googleapis.com; connect-src 'self' https://*.google.com https://*.googleapis.com https://*.facebook.com https://*.googlesyndication.com https://*.google-analytics.com https://*.doubleclick.net https://*.tawk.to wss://*.tawk.to; frame-src 'self' https://*.amazonaws.com https://*.highcharts.com/ https://*.officeapps.live.com https://*.azurewebsites.net https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
x-content-type-options: nosniff
date: Wed, 14 Jun 2023 08:29:38 GMT
x-permitted-cross-domain-policies: master-only
content-length: 36871
x-xss-protection: 1; mode=block
last-modified: Wed, 12 Jul 2017 06:40:52 GMT
server: Microsoft-IIS/10.0
etag: "0b21cced9fad21:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type

GET
H2 200 recaptcha__es.js Show response
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/ 410 KB
164 KB 195ms
64ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__es.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderRecaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ea2e3bcd05341d5646cdb5e7d690d215b50a680375f682879ebab0551326bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gim.fulton.es:6522/
Origin: https://gim.fulton.es:6522
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 17:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167741
x-xss-protection: 0
last-modified: Sun, 04 Jun 2023 14:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 17:42:02 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gim.fulton.es/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 41vi5hthff3hywwluuercyfd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.pagespeed-mod.com https://.amazonaws.com https://.github.io https://.rawgit.com https://.datatables.net https://.jquery.com https://.cloudflare.com https://.gstatic.com https://.youtube.com https://.linkedin.com https://.doubleclick.net https://.ampproject.org https://.googletagservices.com https://.googleadservices.com https://.google.com https://.google.co.in https://.addtoany.com https://.googleapis.com https://.tawk.to https://.jsdelivr.net http://.googlesyndication.com https://.google-analytics.com https://.googletagmanager.com https://.facebook.net https://.bootstrapcdn.com 'unsafe-hashes' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.fontawesome.com https://.ionicframework.com https://.rawgit.com/ https://.github.io https://.bootstrapcdn.com https://.datatables.net https://.jsdelivr.net https://.twitter.com https://.addtoany.com https://.cloudflare.com https://.googleapis.com https://.tawk.to https://.google.com 'unsafe-hashes' 'unsafe-inline'; img-src 'self' data: * blob:; object-src 'self' https://.amazonaws.com https://.rediff.com; manifest-src 'self' https://.jsdelivr.net; font-src 'self' https://.tawk.to https://.gstatic.com https://.jsdelivr.net https://.cloudflare.com https://.googleapis.com; connect-src 'self' https://.google.com https://.googleapis.com https://.facebook.com https://.googlesyndication.com https://.google-analytics.com https://.doubleclick.net https://.tawk.to wss://.tawk.to; frame-src 'self' https://.amazonaws.com https://.highcharts.com/ https://.officeapps.live.com https://.azurewebsites.net https://.googlesyndication.com https://.google.com https://.doubleclick.net; frame-ancestors 'self' X-Frame-Options: SAMEORIGIN
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gim.fulton.es
www.google.com
www.gstatic.com
185.9.193.2
2a00:1450:4001:80b::2004
2a00:1450:4001:82b::2003
1b294511020cda4b435bd3b5cf63a91432d9b543f98fe56e31a3d14f2002a9a9
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
33ea2e3bcd05341d5646cdb5e7d690d215b50a680375f682879ebab0551326bd
40aeef248a85fecbfe81f4054e61b7e81b91884786610db9a2a02d6ed9653876
450c8df12d4c6619416d6fcadd93cf339665845b8a548cba5a236962033e423c
48506d0f7f2757a00caa3d8b4fc3aae78eee68c4a5d4b047d164b35564e798b0
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
656d2c1e6e1ee359a01ef1d12c6ef40e2f864597aaf3dae3c4f18861fec60a13
6a29c6710bbfb6b5b13c778c21b2f779c59e1bc1492a08fa48688d4fdd94ffbf
6c7422a9c15b9c96f542187ad5163d70c87a911d204ee418ea214e063d728f4d
829b1ca3c5cf5ac1e8f5b2ac6729cafeca11a7288e201180a6b5b436eefcdf65
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
e1b97c3733ea028caf02f9cd611f3f93602a664e22fbed54832154422cbe27e0

gim.fulton.es Open in urlscan Pro 185.9.193.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1270 kBTransfer

1510 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

gim.fulton.es Open in urlscan Pro
185.9.193.2 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1270 kB
Transfer

1510 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions