urlscan.io logo urlscan.io
SecurityTrails logo

es.jeinzmacias.org Open in urlscan Pro
172.217.18.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://d08wh.elverruca.xyz/ch15.php
Effective URL: https://es.jeinzmacias.org/
Submission: On August 13 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 17 domains to perform 75 HTTP transactions. The main IP is 172.217.18.19, located in United States and belongs to GOOGLE, US. The main domain is es.jeinzmacias.org.
TLS certificate: Issued by GTS CA 1D4 on August 3rd 2023. Valid for: 3 months.
This is the only time es.jeinzmacias.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.177.236 13335 (CLOUDFLAR...)
3 52.222.196.15 16509 (AMAZON-02)
4 172.217.18.19 15169 (GOOGLE)
10 216.58.212.130 15169 (GOOGLE)
5 216.58.206.42 15169 (GOOGLE)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 142.250.185.72 15169 (GOOGLE)
1 172.217.18.1 15169 (GOOGLE)
2 172.217.23.97 15169 (GOOGLE)
1 142.250.184.234 15169 (GOOGLE)
1 216.58.206.41 15169 (GOOGLE)
7 142.250.186.163 15169 (GOOGLE)
1 10 142.250.186.162 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
1 142.250.185.130 15169 (GOOGLE)
14 142.250.184.193 15169 (GOOGLE)
4 216.58.212.163 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
1 3 172.217.16.132 15169 (GOOGLE)
2 172.217.18.98 15169 (GOOGLE)
75 22
1    172.67.177.236 (United States)

ASN13335 (CLOUDFLARENET, US)
d08wh.elverruca.xyz
3    52.222.196.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-196-15.cdg50.r.cloudfront.net
d10xsoss226fg9.cloudfront.net
4    172.217.18.19 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f19.1e100.net
es.jeinzmacias.org
10    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
pagead2.googlesyndication.com
5    216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f10.1e100.net
fonts.googleapis.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    142.250.185.72 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
1    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net
blogger.googleusercontent.com
2    172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f1.1e100.net
4.bp.blogspot.com
1    142.250.184.234 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
ajax.googleapis.com
1    216.58.206.41 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f9.1e100.net
www.blogger.com
7    142.250.186.163 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
10    142.250.186.162 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads.g.doubleclick.net
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    142.250.185.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
14    142.250.184.193 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
tpc.googlesyndication.com
4    216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f3.1e100.net
www.gstatic.com
2    142.250.184.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
3    172.217.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f4.1e100.net
www.google.com
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
365 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
163 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
99 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
ajax.googleapis.com — Cisco Umbrella Rank: 392
38 KB
4 jeinzmacias.org
es.jeinzmacias.org
55 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1216
www.googleadservices.com — Cisco Umbrella Rank: 150
603 B
3 cloudfront.net
d10xsoss226fg9.cloudfront.net
30 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
113 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
88 KB
2 blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 13308
8 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2763
83 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2069
256 B
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 10017
57 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12544
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
89 KB
1 elverruca.xyz
d08wh.elverruca.xyz
993 B
75 17
Domain Requested by
14 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com es.jeinzmacias.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
d08wh.elverruca.xyz
googleads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com es.jeinzmacias.org
googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
4 es.jeinzmacias.org d08wh.elverruca.xyz
es.jeinzmacias.org
3 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
3 d10xsoss226fg9.cloudfront.net d08wh.elverruca.xyz
es.jeinzmacias.org
ajax.googleapis.com
2 www.googleadservices.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 connect.facebook.net es.jeinzmacias.org
connect.facebook.net
2 4.bp.blogspot.com es.jeinzmacias.org
ajax.googleapis.com
2 stackpath.bootstrapcdn.com es.jeinzmacias.org
stackpath.bootstrapcdn.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.blogger.com es.jeinzmacias.org
1 ajax.googleapis.com es.jeinzmacias.org
1 blogger.googleusercontent.com es.jeinzmacias.org
1 www.googletagmanager.com es.jeinzmacias.org
1 d08wh.elverruca.xyz
75 21

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.blogger.com
Subject Issuer Validity Valid
elverruca.xyz
E1		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
es.jeinzmacias.org
GTS CA 1D4		 2023-08-03 -
2023-11-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-22 -
2023-08-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://es.jeinzmacias.org/
Frame ID: A4F2F4A9AB7C67E850285EEBC769A74C
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: 53660593C01AD062D554355097F5B67A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&adk=1812271804&adf=3025194257&lmt=1691916990&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fes.jeinzmacias.org%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934552815&bpp=4&bdt=344&idt=445&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8421661981663&frm=20&pv=2&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=480
Frame ID: 838161AFE1264FF947197A83B8737779
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&slotname=5564591058&adk=355361742&adf=630492306&pi=t.ma~as.5564591058&w=728&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&format=728x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934552819&bpp=2&bdt=348&idt=483&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=homjSyZkPn&p=https%3A//es.jeinzmacias.org&dtd=488
Frame ID: E371AB04B99EC10620C323B554C32B0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&slotname=4251509388&adk=1965089977&adf=2457125540&pi=t.ma~as.4251509388&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934552821&bpp=1&bdt=350&idt=492&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LLB81C8Mmt&p=https%3A//es.jeinzmacias.org&dtd=495
Frame ID: B9C45C4B565D06163462D1557849C697
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&slotname=2938427711&adk=3166004989&adf=854214101&pi=t.ma~as.2938427711&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934552822&bpp=1&bdt=351&idt=497&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C370x280&nras=1&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UYLgB1BNmY&p=https%3A//es.jeinzmacias.org&dtd=500
Frame ID: DEBAFBE4D1F5B7D99B2BE25D7DBD04A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Frame ID: 93519BD867CD0BF06B0A6B6E35AADE1B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6DD5D54F3F950A7648FC94F4FA29F5C8
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 596E2410D7C00B579EB69A2DFCD2C002
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3FA3D76DDB1828D24CEA8762B00F4ED2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3601F459252C44613EE6BCC5173019AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E049894F512F1A7D356B99A6270AD6CA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: 9BAADF55210C0C54B18E339360918B51
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Frame ID: 3CE9D0FF0187E2D730AD5AB479CA0955
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jeinz Macias

Page URL History Show full URLs

  1. https://d08wh.elverruca.xyz/ch15.php Page URL
  2. https://es.jeinzmacias.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

99 %
HTTPS

0 %
IPv6

17
Domains

21
Subdomains

22
IPs

3
Countries

1193 kB
Transfer

3086 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d08wh.elverruca.xyz/ch15.php Page URL
  2. https://es.jeinzmacias.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 60
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CsFS9Wt_YZKi6NbD4xtYP3KCHwAzMhZuXcs-Tz_q9EaXdq836PhABIKj-pntg8a38haQfoAGVw6HTKcgBCagDAcgDywSqBNUBT9AXc5fkO2KaogxYiP9qx3gyOwZPlNvhhrSTsSLHSct7Xrwufav2yvCPa9NZkh1ZUwipqSV_2kdLd11bWJru4EHqsOiW8r0r-fKu3oCvZAG5bCHGMNz7KD7keQ6_iL4dlvKtmTuUl0_NKYV-oDt5ArRqa80Dnv6vsZYgno43sraKc14_T8zn3xBA-2yiI_wZYLiGv8ZFkL6Ha0pQJLcMPwRfxqr4BixJUSPs-uS9IYj8TSkhe4ZpcZxr-gsCHt53uQ5iYnhNmF-WDwsnWi4_XpxeRheYwASF5-eEqASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHsc3usgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDwLtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCb8BaHR0cHM6Ly9jaW5lbWExc3QuY29tL3Bvc3QvMTcxMy9tYXlvcmVzLWVycm9yZXMtcGVsaWN1bGFzLXktdGVsZXZpc2lvbj91dG1fY2FtcGFpZ249Qmxvb3BlcnNFUytWMStBSytDV1crQXV0bytVVjAyK0cuYWZlK1JFU1ArTkVXK0MuRVNIK0dBJnV0bV9zb3VyY2U9R29vZ2xlJmFsPTEmdXRtX21lZGl1bT1lcy5qZWluem1hY2lhcy5vcmeACgHICwGiDAgqBgoEw7CxArgT5APYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItOTE1NzMwMjY1NzAwMTg4NxgA&sigh=D5D25zugc2w&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW3NupUJ7okvQTmshRTQok8iKHrKp93ZIhKzIQPSTFD5doQRy59HJ7CaiMiEQcMAOsLewWsZjKOxgB&template_id=484&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229652367019680671229%22,%22debug_reporting%22:true,%22destination%22:%22https://cinema1st.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211180466581%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211248434961996347489%22}&andc=true

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ch15.php
d08wh.elverruca.xyz/ 		1 KB
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d08wh.elverruca.xyz/ch15.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f616b841a0fb51d-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 13 Aug 2023 13:49:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTJToJEnVBb%2BFHFJ5Scvm2Zc98FIvbeAS8HWa1bhlLrXG9y5VH%2BUfnMeLkvofuD8jdll1nhIB%2B5Y46Y2fgsRe0Z3MvDMlpAc91WIktlbxSIEt99yoWWPdkg1rD08enjQ7OYOfhgH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
play-1674199954437.png
d10xsoss226fg9.cloudfront.net/NynvaEMiEl7tQIA2UymaSpVlSiYN3Bmh/3D28C83C85544F0D9517DD2E7C7EEDAA/il/ba050b1e918740cd91343feb91f42367/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10xsoss226fg9.cloudfront.net/NynvaEMiEl7tQIA2UymaSpVlSiYN3Bmh/3D28C83C85544F0D9517DD2E7C7EEDAA/il/ba050b1e918740cd91343feb91f42367/play-1674199954437.png
Requested by
Host: d08wh.elverruca.xyz
URL: https://d08wh.elverruca.xyz/ch15.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-15.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; report=support@muvi.com

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://d08wh.elverruca.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
q7g9lWGjhYzHkVP.e8RmHd_JqMC.yWqN
date
Sat, 12 Aug 2023 17:51:52 GMT
via
1.1 fbdf5158ae0cd2f5d84c84ce83cd7038.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
CDG50-P2
age
71879
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74412
x-xss-protection
1; report=support@muvi.com
last-modified
Fri, 20 Jan 2023 07:32:36 GMT
server
AmazonS3
etag
"59c17019af681bc6243e87fbdbec51ca"
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
max-age=36000, stale-while-revalidate=600, stale-if-error=86400
accept-ranges
bytes
x-amz-cf-id
r76QX2Y61ocjUGxKe_KAXdrKN_4ASC3pSgNUV9Wf9tBtWSr5j32tfA==
Primary Request /
es.jeinzmacias.org/ 		168 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://es.jeinzmacias.org/
Requested by
Host: d08wh.elverruca.xyz
URL: https://d08wh.elverruca.xyz/ch15.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f19.1e100.net
Software
GSE /
Resource Hash
8eaabdce022a6677bddc8d88c153e63da2d815598d87099fbf6991307577d833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d08wh.elverruca.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
38309
content-type
text/html; charset=UTF-8
date
Sun, 13 Aug 2023 13:49:12 GMT
etag
W/"575bcf7cb501697bf624fc5b98ba30872baa0a383d15bf9ad504119e960a6d12"
expires
Sun, 13 Aug 2023 13:49:12 GMT
last-modified
Sun, 13 Aug 2023 10:56:30 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9157302657001887
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
834a2b2a73d3b21564f65ff0c2d7aa3ae47e668f149d05450d988ba7edb09e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Origin
https://es.jeinzmacias.org
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50952
x-xss-protection
0
server
cafe
etag
904182595706365257
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 13:49:12 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i,700,700i|Playfair+Display:400,500,600,700
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
ESF /
Resource Hash
e68c94ce7b6eb9c3b05658e7d8f7b073f2b673c7b185c2690c3ecb4fc846c514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 13:49:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 13:49:12 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
10175704
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7f616b898b152d8c-ARN
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		1 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Signika:wght@600
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
ESF /
Resource Hash
d3339780411c06eb69f566d44653c6281cc07c67cb41b2e018cc61c812326fed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 13:49:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 13:49:12 GMT
js
www.googletagmanager.com/gtag/ 		270 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GL04XD59T4
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cc682472fc8fc081b53c34dbf8c7dce6988167868ace359cd77b0248e3842a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91029
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 13 Aug 2023 13:49:12 GMT
AVvXsEiA75LnxVpX_3ai1UeK2XD1g1_9zoakAslUCrr8GfF2yPpsrGtehBKLnE9GJpNPJe2Lk987H99lC_9K-Hp0cYLDZFtvtJnHBEhvsuhd1lynrbnFd8WCtxO4spu46LItydc0fbnBKRe3ylNHr05-LtuqqN8ZyteJit2s-7l_lZnZ17Aj3iNjnmA0dk-6JdI=s180
blogger.googleusercontent.com/img/a/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiA75LnxVpX_3ai1UeK2XD1g1_9zoakAslUCrr8GfF2yPpsrGtehBKLnE9GJpNPJe2Lk987H99lC_9K-Hp0cYLDZFtvtJnHBEhvsuhd1lynrbnFd8WCtxO4spu46LItydc0fbnBKRe3ylNHr05-LtuqqN8ZyteJit2s-7l_lZnZ17Aj3iNjnmA0dk-6JdI=s180
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
fife /
Resource Hash
3b0a3559957a5c2e823c0386af5e0df743f9caddedc99b9a05c13ab8fc57479f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:13 GMT
x-content-type-options
nosniff
server
fife
etag
"v4"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="elverruca.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1820
x-xss-protection
0
expires
Mon, 14 Aug 2023 13:49:13 GMT
NO_IMAGE_AVAILABLE-1684422372121.png
d10xsoss226fg9.cloudfront.net/WAM5r55JZDXcqP3Faq3S1oESWjx1h03W/3D28C83C85544F0D9517DD2E7C7EEDAA/il/dd73d8fda2cd4ced802877d9903ed8b2/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10xsoss226fg9.cloudfront.net/WAM5r55JZDXcqP3Faq3S1oESWjx1h03W/3D28C83C85544F0D9517DD2E7C7EEDAA/il/dd73d8fda2cd4ced802877d9903ed8b2/NO_IMAGE_AVAILABLE-1684422372121.png
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.196.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-15.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6146186286eaeebcabbffa10a0dbfa8a98aa91f5c5e7f0fb808c88e2034238ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; report=support@muvi.com

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
PhV5.TlbTsn0Ealig_lYf01WwjP5uXmU
date
Sun, 13 Aug 2023 13:36:52 GMT
via
1.1 fbdf5158ae0cd2f5d84c84ce83cd7038.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
CDG50-P2
age
794
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14747
x-xss-protection
1; report=support@muvi.com
last-modified
Thu, 18 May 2023 15:06:16 GMT
server
AmazonS3
etag
"0c572d5b0e7fd169abfbc81f055d2bc2"
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
max-age=36000, stale-while-revalidate=600, stale-if-error=86400
accept-ranges
bytes
x-amz-cf-id
jJhIURRyHvKRVlaDsHNJt6ActFoLdIRGcIGrErXwEPlliZfQXbMrRA==
nth.png
4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/nth.png
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f1.1e100.net
Software
fife /
Resource Hash
fd7739e2674c5fe13e0a51140a51189b82c5bbaf087c18a04d30b62fad9648a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:32:05 GMT
x-content-type-options
nosniff
age
4627
content-disposition
inline;filename="nth.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3725
x-xss-protection
0
server
fife
etag
"v76c"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:32:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 08:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 08:33:41 GMT
cookienotice.js
es.jeinzmacias.org/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://es.jeinzmacias.org/js/cookienotice.js
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f19.1e100.net
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Aug 2023 11:50:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sun, 20 Aug 2023 13:49:12 GMT
2338307535-widgets.js
www.blogger.com/static/v1/widgets/ 		156 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2338307535-widgets.js
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f9.1e100.net
Software
sffe /
Resource Hash
d5b2e8385447633d74aca1a712aa1bd64c226aaf845b1d1cd1c64868d75ea619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57823
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 17:56:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 12 Aug 2024 13:39:59 GMT
/
es.jeinzmacias.org/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://es.jeinzmacias.org/
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f19.1e100.net
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Aug 2023 10:56:30 GMT
server
GSE
etag
W/"575bcf7cb501697bf624fc5b98ba30872baa0a383d15bf9ad504119e960a6d12"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
content-length
38309
x-xss-protection
1; mode=block
expires
Sun, 13 Aug 2023 13:49:12 GMT
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://es.jeinzmacias.org
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
153944
cdn-cachedat
06/15/2023 15:40:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9fe3d70d4eb57af4b4d2d6e3e950403d
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7f616b8aac492d59-ARN
cdn-requestpullsuccess
True
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i,700,700i|Playfair+Display:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://es.jeinzmacias.org
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 03:25:06 GMT
x-content-type-options
nosniff
age
123846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 03:25:06 GMT
vEF72_JTCgwQ5ejvMV0Ox_Kg1UwJ0tKfX4zNpD8E4ASzH1r9Xzyoyjkm.woff2
fonts.gstatic.com/s/signika/v25/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/signika/v25/vEF72_JTCgwQ5ejvMV0Ox_Kg1UwJ0tKfX4zNpD8E4ASzH1r9Xzyoyjkm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Signika:wght@600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
1a9c344439f81488ad6e4cb3368386db72c9371e71bbfb70ab06206d74032ab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://es.jeinzmacias.org
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 22:16:54 GMT
x-content-type-options
nosniff
age
142338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24224
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:47:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 22:16:54 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i,700,700i|Playfair+Display:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://es.jeinzmacias.org
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 09:02:57 GMT
x-content-type-options
nosniff
age
189975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 09:02:57 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i,700,700i|Playfair+Display:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://es.jeinzmacias.org
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:27:30 GMT
x-content-type-options
nosniff
age
112902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 06:27:30 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i,700,700i|Playfair+Display:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://es.jeinzmacias.org
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 14:13:03 GMT
x-content-type-options
nosniff
age
84969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 14:13:03 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9157302657001887
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
7caa3964f00db3778eea2a6cd2296668a6abd828138eeed218b267a1620e8658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128449
x-xss-protection
0
server
cafe
etag
12404972686807488715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 13:49:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame 5366 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9157302657001887
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

age
4507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 12:34:05 GMT
etag
12368291122986407432
expires
Sun, 27 Aug 2023 12:34:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
summary
es.jeinzmacias.org/feeds/posts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://es.jeinzmacias.org/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed
Requested by
Host: d08wh.elverruca.xyz
URL: https://d08wh.elverruca.xyz/ch15.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f19.1e100.net
Software
blogger-renderd /
Resource Hash
48f8df1fc06eb14b6d55bcc1fcd3c1deb18084a848afbf25c139fef01a64fc9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 13 Aug 2023 10:56:30 GMT
server
blogger-renderd
etag
W/"ff00f338fecd967bfd93281e0062eb317ee8354b848ffad827ddf9cc579b9dbd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
1406
x-xss-protection
0
expires
Sun, 13 Aug 2023 13:49:14 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GL04XD59T4&gtm=45je3890&_p=1918725927&cid=1898851947.1691934553&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691934553&sct=1&seg=0&dl=https%3A%2F%2Fes.jeinzmacias.org%2F&dr=https%3A%2F%2Fd08wh.elverruca.xyz%2F&dt=Jeinz%20Macias&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GL04XD59T4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 13:49:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://es.jeinzmacias.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
8fa6ad906e34421e84ee7ea4ca6e35b9b0ca89885fd82fd1ca07a29243184000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 13 Aug 2023 13:49:13 GMT
content-md5
aR8E58DLr/j2YagH3rgyag==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
ERboxOvNA9yiZXR6c6byuNtZD9gHwdAzWXXChyCkTnKlet6tr4Lb2qmtXZhnuh97tfETDkmy0ferfX942bpdDw==
x-fb-content-md5
1f49b4b258c7c90734e8a2866f7a5d72
cross-origin-opener-policy
same-origin-allow-popups
etag
"be2120d19010f7054623ba29d510353f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 13 Aug 2023 13:56:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		397 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=es.jeinzmacias.org&callback=_gfp_s_&client=ca-pub-9157302657001887
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c84e29fd94abbaa6ab85ccb575107295c010d697a4c636fb8a52604343cff9ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8381 		190 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&adk=1812271804&adf=3025194257&lmt=1691916990&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fes.jeinzmacias.org%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934552815&bpp=4&bdt=344&idt=445&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8421661981663&frm=20&pv=2&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=480
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ab90d7b82c5640c07150607a7ea818559dd77147c8adfa08b1e95390a3743471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
52957
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:49:14 GMT
expires
Sun, 13 Aug 2023 13:49:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: es.jeinzmacias.org
URL: https://es.jeinzmacias.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Aug 2023 13:49:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E371 		436 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&slotname=5564591058&adk=355361742&adf=630492306&pi=t.ma~as.5564591058&w=728&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&format=728x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934552819&bpp=2&bdt=348&idt=483&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=homjSyZkPn&p=https%3A//es.jeinzmacias.org&dtd=488
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d488970dd238d5c6c0dedfe538d0f0ff2ed1d17e9c4f38697bec40e5e05f55d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:49:13 GMT
expires
Sun, 13 Aug 2023 13:49:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B9C4 		436 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&slotname=4251509388&adk=1965089977&adf=2457125540&pi=t.ma~as.4251509388&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934552821&bpp=1&bdt=350&idt=492&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LLB81C8Mmt&p=https%3A//es.jeinzmacias.org&dtd=495
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
42ee02e063704179da9375dcdd353e535733c1d8c55bfc7f283bdd38bcc099d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:49:13 GMT
expires
Sun, 13 Aug 2023 13:49:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DEBA 		436 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&slotname=2938427711&adk=3166004989&adf=854214101&pi=t.ma~as.2938427711&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934552822&bpp=1&bdt=351&idt=497&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C370x280&nras=1&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=UYLgB1BNmY&p=https%3A//es.jeinzmacias.org&dtd=500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
265901bd369b083e87c66550238a85e99a877f69e8e388f132f8389a1817a113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:49:13 GMT
expires
Sun, 13 Aug 2023 13:49:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3487228d26ff01d4e017f90b95ac0a6d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
d8fb880dc4fe6594608dd288073512539f795867592cc1ee27203ef10cbce22e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://es.jeinzmacias.org/
Origin
https://es.jeinzmacias.org
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 13 Aug 2023 13:49:13 GMT
content-md5
L/m34uBLB2Q3ylLJB/QOig==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87214
x-fb-debug
/CEs6vgFDVMX3Gv49Wp8VtX2Vx5ZsOZ2GGgJnSxlbaV+DhGJyKaXdLtMDg8x6sl447R/2N5A0sNBgyy3ZwkXVA==
x-fb-content-md5
2c6532846e80435b7ca0508bf1236008
cross-origin-opener-policy
same-origin-allow-popups
etag
"1a94146357a59554be72996e5804478f"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Mon, 12 Aug 2024 13:36:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
376e3a744b9c7edb8e796eb9e8e2fed3cb14050517a7aea8e587f29b1ef56821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11947
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/reactive_library_fy2021.js?bust=31076952
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
e0ed6fb859cb3f5717155a163435f97d0c689d4eec6b5ce5515e6f4fe1ae9def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53697
x-xss-protection
0
server
cafe
etag
11680004481672623087
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Aug 2023 13:49:14 GMT
NO_IMAGE_AVAILABLE-1684422372121.png
d10xsoss226fg9.cloudfront.net/WAM5r55JZDXcqP3Faq3S1oESWjx1h03W/3D28C83C85544F0D9517DD2E7C7EEDAA/il/dd73d8fda2cd4ced802877d9903ed8b2/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10xsoss226fg9.cloudfront.net/WAM5r55JZDXcqP3Faq3S1oESWjx1h03W/3D28C83C85544F0D9517DD2E7C7EEDAA/il/dd73d8fda2cd4ced802877d9903ed8b2/NO_IMAGE_AVAILABLE-1684422372121.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.222.196.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-196-15.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6146186286eaeebcabbffa10a0dbfa8a98aa91f5c5e7f0fb808c88e2034238ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; report=support@muvi.com

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
PhV5.TlbTsn0Ealig_lYf01WwjP5uXmU
date
Sun, 13 Aug 2023 13:36:52 GMT
via
1.1 a5a1b1bd5c5ec5b1378fad5d0770b5e0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
CDG50-P2
age
796
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14747
x-xss-protection
1; report=support@muvi.com
last-modified
Thu, 18 May 2023 15:06:16 GMT
server
AmazonS3
etag
"0c572d5b0e7fd169abfbc81f055d2bc2"
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
max-age=36000, stale-while-revalidate=600, stale-if-error=86400
accept-ranges
bytes
x-amz-cf-id
O4f22dFqMuZ2zTZxBtEUO_-m3D6Vm6L1rdLAiDWlB9v8B8DmZGYnpw==
nth.png
4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/nth.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f1.1e100.net
Software
fife /
Resource Hash
fd7739e2674c5fe13e0a51140a51189b82c5bbaf087c18a04d30b62fad9648a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 12:32:05 GMT
x-content-type-options
nosniff
age
4629
content-disposition
inline;filename="nth.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3725
x-xss-protection
0
server
fife
etag
"v76c"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 14 Aug 2023 12:32:05 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9351 		103 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e12be770f50e4e19b2e2e78f2ce54d343e641d243b5c70fb741204805b2c1ab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
37038
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:49:15 GMT
expires
Sun, 13 Aug 2023 13:49:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 13:49:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 6DD5 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308090102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9157302657001887&plah=es.jeinzmacias.org&bust=31076952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

age
46020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 01:02:14 GMT
etag
12368291122986407432
expires
Sun, 27 Aug 2023 01:02:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 6DD5 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 13:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 13:28:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 13:49:15 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6DD5 		205 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 02:55:22 GMT
x-content-type-options
nosniff
age
384833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 08 Aug 2024 02:55:22 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6DD5 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 16:06:13 GMT
x-content-type-options
nosniff
age
250982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 09 Aug 2024 16:06:13 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 6DD5 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:48:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
46853
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6441
x-xss-protection
0
server
cafe
etag
14691725014340836395
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 00:48:22 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/ Frame 6DD5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:58:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
49822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8576
x-xss-protection
0
server
cafe
etag
10593844011591499743
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:58:53 GMT
css
fonts.googleapis.com/ Frame 596E 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 13:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 13:44:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 13:49:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 596E 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
49914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:57:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 596E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
50125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:50 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3FA3 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

age
2460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:08:15 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 596E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 11:10:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
9503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 11:10:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 596E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
49914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:57:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 596E 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 13:49:15 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame 596E 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 07:16:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3601 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
age
805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:35:50 GMT
expires
Mon, 12 Aug 2024 13:35:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E049 		831 B
990 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f4.1e100.net
Software
GSE /
Resource Hash
4802470bac0cb528a302906f7fda18c1c76dc724c3635cb682c990eee939837e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NB-3ZyJfRk_mV8now5EfQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://es.jeinzmacias.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-NB-3ZyJfRk_mV8now5EfQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:49:15 GMT
expires
Sun, 13 Aug 2023 13:49:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3FA3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:49:15 GMT
expires
Sun, 13 Aug 2023 13:49:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 13 Aug 2023 13:49:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
pagead2.googlesyndication.com/bg/ Frame 3601 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
113634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14662
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 06:15:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E049 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=3585628911202807&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3601 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rl3rBA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
css
fonts.googleapis.com/ Frame 9351 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 13:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 13:36:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 13:49:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 9351 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
49914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:57:21 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 9351
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CsFS9Wt_YZKi6NbD4xtYP3KCHwAzMhZuXcs-Tz_q9EaXdq836PhABIKj-pntg8a38haQfoAGVw6HTKcgBCagDAcgDywSqBNUBT9AXc5fkO2KaogxYiP9qx3gyOwZPlNvhhrSTsSLHSct7Xrw...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229652367019680671229%22,%22debug_reporting%22:true,%22destination%22:%22https://cinema1st.com%22,%22event_report_window%22:...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229652367019680671229%22,%22debug_reporting%22:true,%22destination%22:%22https://cinema1st.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211180466581%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211248434961996347489%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:15 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"9652367019680671229","debug_reporting":true,"destination":"https://cinema1st.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11180466581"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"11248434961996347489"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 13 Aug 2023 13:49:15 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 13 Aug 2023 13:49:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9652367019680671229","debug_reporting":true,"destination":"https://cinema1st.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11180466581"],"4":["08-13"],"6":["true"]},"priority":"500","source_event_id":"11248434961996347489"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/ Frame 9351 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
50125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9094
x-xss-protection
0
server
cafe
etag
8732331910907961498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:53:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 9351 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 11:10:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
9503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Aug 2023 11:10:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 9351 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 23:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
49914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 26 Aug 2023 23:57:21 GMT
l
www.google.com/ads/measurement/ Frame 9351 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyUsHbO0H5X4pLyRXaozkjQ5qbcpvyLF1UK4cxHmsLXalp_RZru_Fr0Q4GrXkfCBnR6vx0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9351 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 13:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57470
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691580806885528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Aug 2023 13:49:15 GMT
1ecb17048d796ff7836f25d4dc1a1361.js
www.gstatic.com/mysidia/ Frame 9351 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f3.1e100.net
Software
sffe /
Resource Hash
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14130
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 18:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 07:16:49 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13275082368674735148/ Frame 9351 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13275082368674735148/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.193 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
989be415fcf6ad44495fcb1f5c53939ec941e4fbc769a1edc9eb8dad7bf57074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 04:10:22 GMT
x-content-type-options
nosniff
age
553133
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17141
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 12:51:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 06 Aug 2024 04:10:22 GMT
truncated
/ Frame 9351 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
pagead2.googlesyndication.com/bg/ Frame 9BAA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Requested by
Host: d08wh.elverruca.xyz
URL: https://d08wh.elverruca.xyz/ch15.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
113634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14662
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 06:15:21 GMT
truncated
/ Frame 9351 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
585974987ea431fafb87d1c9a74c824e0a27f9edb573de86fda330d14a3b49db

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229652367019680671229%22,%22debug_reporting%22:true,%22destination%22:%22https://cinema1st.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211180466581%22],%224%22:[%2208-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211248434961996347489%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 13 Aug 2023 13:49:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9351 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
96058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 11:08:17 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9351 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 14:21:37 GMT
x-content-type-options
nosniff
age
430058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 14:21:37 GMT
jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
pagead2.googlesyndication.com/bg/ Frame 3CE9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9157302657001887&output=html&h=280&adk=1263336535&adf=1540489176&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1691916990&rafmt=1&to=qs&pwprc=3096516588&format=370x280&url=https%3A%2F%2Fes.jeinzmacias.org%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691934554769&bpp=1&bdt=2297&idt=0&shv=r20230809&mjsv=m202308090102&ptt=9&saldr=aa&abxe=1&cookie=ID%3De2a4f32e4469f9c9-229412494fde00d0%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig&gpic=UID%3D00000c5fc189ad49%3AT%3D1691934553%3ART%3D1691934553%3AS%3DALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA&prev_fmts=0x0%2C728x280%2C370x280%2C370x280&nras=2&correlator=8421661981663&frm=20&pv=1&ga_vid=1898851947.1691934553&ga_sid=1691934553&ga_hid=1918725927&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076733%2C31076807%2C31076924%2C44798934%2C31076952%2C44792012&oid=2&pvsid=3585628911202807&tmod=337034725&uas=0&nvt=1&ref=https%3A%2F%2Fd08wh.elverruca.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=SQ80F9uF6T&p=https%3A//es.jeinzmacias.org&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:15:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
113634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14662
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Aug 2024 06:15:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=3585628911202807&bg=!JCelJ3PNAAaiGN5Pghg7ADkAdvg8WpqVamtkaWueYPFr4Q6Zfz88TopAHt45-U-QBkCe8-bMjihdx6y0AEWrrXMZaLfyp3ON7LQCAAAAXFIAAAAjaAEHmQLJdj934Hj82c3Hcyk8Sct681NHdpTQUNbPQ53Pv0HFJw6HfIzw_M8rkFgrtzPd1fx3ny6w1valMpJ-Vs2WUD3fLHcuIVQW4eEncB8-3L0s3sn7J80bOVFRIRR-d_4lYWg_DXA8gKMQZRhikvZUOvuSg-DOtAUwfyxskkdxAgRwIQ_NSk5dnfAR1VNZ7oObb63RwJTyKsYfXOpeqnAnD-pKk1IZHq2OwRnb-bdEI2sKa41xAw2PrpeG3zB0z_sVo37OUI7YW1XIhfqBE9XtzVeFGWNI6FkD8EaNgRZjzSzNJZpWHC15wuWeK2CwFPhnxqViZBcLIoLtcrfQX13I1G0lRtfezigGh402-a9ljzkd8w_XMOrn9w3oKyKaGf-u4PjRbDVHJZc31lRYynGo_qpf0nR08yZZT1cDIqQiBAQrQL9_4RgrjkzYiA_SYCizwI8NlPhhTpX8KtRY-hts5lSpTMerAgKkut_bKRo_Ux3VJMl2iTpZIhfe44R3B5swaC3Xp7CADcMLYmPn5565L-GETuAV3Pnc2tg2yFa55dxzDmzcVLjKLS1_LIa7m4KgpDJchp1Z1xD1I4rwoC00nG3i9bHoZr_KZHkmDnGyFtXCeOtrZkTojie42hpZ5viYpcLFtRK2V66hw1Qy-2-6qAGtkCu6yUkr2yTwN8zXqTUZBXStnsCoTMTtluAeacVu49s5IJvvbVPHWQ52SaTzIUyv6JSuZa0jUkc8W6DQiWDsgWS5tXdxDsjIvhFp3hbmOFS99Eqd0Y-D1FgjBM_zdlryznKMFZyD0G071tCenvQFDeGIH02wOqUVa0X37mBHuhvnCmlV2B36PkLSzwH6khj7x6qlX3KejmSx8P8qipTS9aIRXPS9VeoxHJwApQce8-G7-K7fmGuAMVhp--h1SJy5CqqTRRkqii8SuZIbvgIo6uROPzBdX0SOSnI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://es.jeinzmacias.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| monthFormat string| noThumbnail number| postPerPage boolean| fixedSidebar string| commentsSystem string| disqusShortname function| gtag object| dataLayer object| adsbygoogle object| year object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery number| postResults number| numOfPages object| pageOf undefined| noPage string| currentPage number| currentPageNo undefined| postLabel string| locationUrl string| home_page function| startPagination function| dataFeed function| pageCurrentBlogger function| getPage function| getLabelPage function| findPostDate object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| gaGlobal number| pageNumber number| pageStart number| lastPageNo number| pageEnd function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| jQuery112407744903390388658 function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| FB object| __buffer object| google_llp object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
.jeinzmacias.org/ Name: _ga
Value: GA1.1.1898851947.1691934553
.jeinzmacias.org/ Name: __gads
Value: ID=e2a4f32e4469f9c9-229412494fde00d0:T=1691934553:RT=1691934553:S=ALNI_MaifxmfnUZssNhjOITxqM6hxIF5ig
.jeinzmacias.org/ Name: __gpi
Value: UID=00000c5fc189ad49:T=1691934553:RT=1691934553:S=ALNI_MYRc2jdrwxTV_oI2hJBjswIvVxRFA
.doubleclick.net/ Name: IDE
Value: AHWqTUlr13EILIAXn5qJo5vpaiQWY8LVsVeNHU404STc3HIl_bBLnTXaH9SH9nJdy0M
.doubleclick.net/ Name: DSID
Value: NO_DATA
.jeinzmacias.org/ Name: _ga_GL04XD59T4
Value: GS1.1.1691934553.1.0.1691934555.0.0.0
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
ajax.googleapis.com
blogger.googleusercontent.com
connect.facebook.net
d08wh.elverruca.xyz
d10xsoss226fg9.cloudfront.net
es.jeinzmacias.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.11.207
142.250.184.193
142.250.184.226
142.250.184.234
142.250.185.130
142.250.185.72
142.250.186.162
142.250.186.163
157.240.0.6
172.217.16.132
172.217.18.1
172.217.18.19
172.217.18.98
172.217.23.97
172.67.177.236
216.239.34.36
216.58.206.41
216.58.206.42
216.58.212.130
216.58.212.163
52.222.196.15
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811bc9b3358a9055f1cbbe1889ab60ee5159f52c39959e386fe42c98988a78d
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a9c344439f81488ad6e4cb3368386db72c9371e71bbfb70ab06206d74032ab8
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
265901bd369b083e87c66550238a85e99a877f69e8e388f132f8389a1817a113
29d66372a3c96dcd72388bd1bc1d1e69d704c97b9a35dbf2b231b64a7e0e80d8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
376e3a744b9c7edb8e796eb9e8e2fed3cb14050517a7aea8e587f29b1ef56821
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b0a3559957a5c2e823c0386af5e0df743f9caddedc99b9a05c13ab8fc57479f
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
42ee02e063704179da9375dcdd353e535733c1d8c55bfc7f283bdd38bcc099d5
4802470bac0cb528a302906f7fda18c1c76dc724c3635cb682c990eee939837e
48f8df1fc06eb14b6d55bcc1fcd3c1deb18084a848afbf25c139fef01a64fc9c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585974987ea431fafb87d1c9a74c824e0a27f9edb573de86fda330d14a3b49db
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6146186286eaeebcabbffa10a0dbfa8a98aa91f5c5e7f0fb808c88e2034238ad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7caa3964f00db3778eea2a6cd2296668a6abd828138eeed218b267a1620e8658
834a2b2a73d3b21564f65ff0c2d7aa3ae47e668f149d05450d988ba7edb09e96
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
8eaabdce022a6677bddc8d88c153e63da2d815598d87099fbf6991307577d833
8fa6ad906e34421e84ee7ea4ca6e35b9b0ca89885fd82fd1ca07a29243184000
989be415fcf6ad44495fcb1f5c53939ec941e4fbc769a1edc9eb8dad7bf57074
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab90d7b82c5640c07150607a7ea818559dd77147c8adfa08b1e95390a3743471
c84e29fd94abbaa6ab85ccb575107295c010d697a4c636fb8a52604343cff9ae
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cc682472fc8fc081b53c34dbf8c7dce6988167868ace359cd77b0248e3842a9b
d3339780411c06eb69f566d44653c6281cc07c67cb41b2e018cc61c812326fed
d488970dd238d5c6c0dedfe538d0f0ff2ed1d17e9c4f38697bec40e5e05f55d6
d5b2e8385447633d74aca1a712aa1bd64c226aaf845b1d1cd1c64868d75ea619
d8fb880dc4fe6594608dd288073512539f795867592cc1ee27203ef10cbce22e
e0ed6fb859cb3f5717155a163435f97d0c689d4eec6b5ce5515e6f4fe1ae9def
e12be770f50e4e19b2e2e78f2ce54d343e641d243b5c70fb741204805b2c1ab3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68c94ce7b6eb9c3b05658e7d8f7b073f2b673c7b185c2690c3ecb4fc846c514
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd7739e2674c5fe13e0a51140a51189b82c5bbaf087c18a04d30b62fad9648a8