aleryemamsig.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Submission: On August 20 via api (August 20th 2023, 9:45:20 am UTC) from US — Scanned from US

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 55 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is aleryemamsig.webcindario.com.
TLS certificate: Issued by R3 on June 24th 2023. Valid for: 3 months.

This is the only time aleryemamsig.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
11	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
13	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::6815:50d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	14618 (AMAZON-AES) (AMAZON-AES)
16	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25f... 2600:9000:25f4:7600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
55	12

11 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

aleryemamsig.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:50d9 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25f4:7600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1693 www.google.com — Cisco Umbrella Rank: 3	64 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	219 KB
11	webcindario.com aleryemamsig.webcindario.com	57 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 122	10 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1412 pixel.quantserve.com — Cisco Umbrella Rank: 1151	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
2	miarroba.info hosting.miarroba.info	2 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1302	642 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244	608 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	64 KB
55	10

	Domain	Requested by
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	pagead2.googlesyndication.com	aleryemamsig.webcindario.com pagead2.googlesyndication.com tpc.googlesyndication.com
11	aleryemamsig.webcindario.com	aleryemamsig.webcindario.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	aleryemamsig.webcindario.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	hosting.miarroba.info	aleryemamsig.webcindario.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.quantserve.com	aleryemamsig.webcindario.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	aleryemamsig.webcindario.com
55	14

This site contains no links.

Subject Issuer	Validity	Valid
*.webcindario.com R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
miarroba.info E1	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
quantserve.com R3	`2023-08-12` - `2023-11-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Frame ID: B77770A91BE2819948C3BE4138AF56F8
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: 60E4CC949E2859EE3B0CFE6BC8B0D5AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1692560714&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Faleryemamsig.webcindario.com%2Fe7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692524714419&bpp=140&bdt=288&idt=487&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8280619783154&frm=20&pv=2&ga_vid=2037222158.1692524715&ga_sid=1692524715&ga_hid=1728515537&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077084%2C31077086%2C31077148%2C44798934%2C44800492%2C31077199%2C44796700%2C44799570&oid=2&pvsid=262966679511228&tmod=139792438&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=518
Frame ID: CE171C6FE56D0547461290C005DF79BD
Requests: 1 HTTP requests in this frame

Frame: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 6E0E85B1BEB839F5D7A63954E9BFFD39
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5E8A4BD6B595494A10CBC4F78885DB5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA74732E4383B5190784FEE07E80E49D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bienvenido

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

447 kB
Transfer

1236 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 12 KB
3 KB 1060ms
138ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 7410ddee0235345ba46b45fa5bd6849716e4dab668654971124c6e3f7b8f2cd8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 20 Aug 2023 09:45:14 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: Webcindario Hosting Service

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 195ms
84ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Requested by

Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

345a39128d3a2a92e3eef985aadd696442a9daef8080bf29597984ff4e55a790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
Origin: https://aleryemamsig.webcindario.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50944
x-xss-protection: 0
server: cafe
etag: 1410178587652906345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:45:14 GMT

GET
H2 200 estilo.css
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 80 KB
15 KB 407ms
406ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/estilo.css
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: fe7b7bb97228ba8513282dcf5bf16314a0b9bd1d575288e84f27d0b733ddceec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
content-encoding: gzip
last-modified: Sun, 08 May 2022 14:37:42 GMT
server: nginx
etag: W/"6277d5b6-14000"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 64 KB
22 KB 407ms
407ms Script
application/javascript 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/jquery.min.js
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 9f567ec6bea5a905d8a9f583b525a0e1866813f3b78b4b9f901f60f4efb2378b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
content-encoding: gzip
last-modified: Sun, 08 May 2022 14:37:44 GMT
server: nginx
etag: W/"6277d5b8-10000"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main_logo.svg
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 4 KB
4 KB 178ms
177ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/main_logo.svg
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
last-modified: Sun, 08 May 2022 14:37:58 GMT
server: nginx
etag: "6277d5c6-e43"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3651

GET
H2 200 tiendalogo.png
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 1 KB
1 KB 178ms
176ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/tiendalogo.png
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 9097dfc3bffc51428e15ba3c1932a9149b99883fff532b757a2076eb99bce777

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
last-modified: Sun, 08 May 2022 14:38:02 GMT
server: nginx
etag: "6277d5ca-512"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 1298

GET
H2 200 ingresotienda.png
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 2 KB
2 KB 178ms
176ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ingresotienda.png
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 9cc3aa540de4f2bd78231eb090869bbf9e226bf3ee6d60aa4903cd1123077b2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
last-modified: Sun, 08 May 2022 14:37:22 GMT
server: nginx
etag: "6277d5a2-7f3"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 2035

GET
H2 200 tienda_opciones.png
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 2 KB
2 KB 179ms
177ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/tienda_opciones.png
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 9bd50d3d3742e9750e9f53fd86071235528b186fa7b2a23a044a229bec168ed0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
last-modified: Sun, 08 May 2022 14:38:03 GMT
server: nginx
etag: "6277d5cb-847"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 2119

GET
H2 200 documento.svg
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 2 KB
2 KB 179ms
178ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/documento.svg
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
last-modified: Sun, 08 May 2022 14:37:16 GMT
server: nginx
etag: "6277d59c-613"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1555

GET
H2 200 llave_tienda.svg
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 2 KB
2 KB 179ms
178ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/llave_tienda.svg
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
last-modified: Sun, 08 May 2022 14:37:54 GMT
server: nginx
etag: "6277d5c2-638"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1592

GET
H2 200 opciones.png
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 2 KB
2 KB 179ms
178ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/opciones.png
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 3c61497d7244edd9cdec098a08bbc38d06c759c40b6225ce0048fc214d40e552

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
last-modified: Sun, 08 May 2022 14:37:58 GMT
server: nginx
etag: "6277d5c6-89c"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 2204

GET
H2 200 / Show response
hosting.miarroba.info/ 1 KB
1 KB 697ms
501ms Script
application/javascript 2606:4700:3032::6815:50d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=388434c8e1df0a22b28e02e391930fe4768bb439&h=2091959&t=1692524714&k=d0d1dfc93403df19cc7c8cc4af4ff84f
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:50d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ec56258c932c58f4660dbdc209a60415820928aed17ea3f4688c2f47aa9abc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:45:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 20 Aug 2023 09:45:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcxPo%2FsOhzow4433M%2FM9bD%2BETlDY9dIx8oik3kEig7WKYSJu2EImus8vDMQOv7fu%2FfaD%2BR6VCvQDfjgS1uP2Xs%2BSFfieH4cul9%2FKtKZ11FS%2BZ2hCSCplryHNZXr8yFm9vi22fWZ9BP3J%2Ba84EFH7OdVpTuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache
cf-ray: 7f99b3cb3d0d2326-ORD
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
64 KB 262ms
75ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e711a3c415b19b8a04ccbf6b6dfb835c4f4c6d281988ef177167bd9d1fc2e167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64969
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Aug 2023 09:45:14 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 392 KB
132 KB 207ms
110ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbd8c2c7400ad37e23b918783333ee97c500e513ac4426010206c4ac7f806693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134779
x-xss-protection: 0
server: cafe
etag: 1244974457282181719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:45:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame 60E4 10 KB
5 KB 276ms
58ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 67020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 15:08:14 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 15:08:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 174ms
77ms Image
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759837%2C44759876%2C44759927%2C31077084%2C31077086%2C31077148%2C44798934%2C44800492%2C31077199%2C44796700%2C44799570

Requested by

Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg.svg
aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/ 2 KB
2 KB 177ms
177ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/bg.svg
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:14 GMT
last-modified: Sun, 08 May 2022 14:37:14 GMT
server: nginx
etag: "6277d59a-748"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1864

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=aleryemamsig.webcindario.com&eid=44759837%2C44759876%2C44759927%2C31077084%2C31077086%2C31077148%2C44798934%2C44800492%2C31077199%2C44796700%2C44799570

Requested by

Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759837%2C44759876%2C44759927%2C31077084%2C31077086%2C31077148%2C44798934%2C44800492%2C31077199%2C44796700%2C44799570

Requested by

Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
608 B 186ms
70ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=aleryemamsig.webcindario.com&callback=_gfp_s_&client=ca-pub-7294310421616689

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56c5891f4a1ccf362b6cb52357e25fb6b31af27a88fbafd8622a22f346a6b361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE17 10 KB
4 KB 143ms
143ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1692560714&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Faleryemamsig.webcindario.com%2Fe7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692524714419&bpp=140&bdt=288&idt=487&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8280619783154&frm=20&pv=2&ga_vid=2037222158.1692524715&ga_sid=1692524715&ga_hid=1728515537&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077084%2C31077086%2C31077148%2C44798934%2C44800492%2C31077199%2C44796700%2C44799570&oid=2&pvsid=262966679511228&tmod=139792438&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=518

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aef46a92534e18244dd5997c085acd0f46c622f0cd8ddb669d9c7178a9ddb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4531
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:45:15 GMT
expires: Sun, 20 Aug 2023 09:45:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
76ms Image
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_loaders&ldr_aa=1&eid=44759837%2C44759876%2C44759927%2C31077084%2C31077086%2C31077148%2C44798934%2C44800492%2C31077199%2C44796700%2C44799570

Requested by

Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 164ms
48ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 09:33:53 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 682
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 20 Aug 2023 11:33:53 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 140ms
46ms Script
application/javascript 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:15 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 27 Aug 2023 09:45:15 GMT

GET
H2 200 ca-pub-7294310421616689 Show response
fundingchoicesmessages.google.com/i/ 150 KB
50 KB 217ms
103ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7294310421616689?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e295874bf6b673d9fe889d5a03cb35a7721ef4e8ea1bd9986e63be2cbaa5ab7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o5N5iImKYG-sVtLVcwCeaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-o5N5iImKYG-sVtLVcwCeaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-d5x2uDVHd7ALE.js Show response
rules.quantcount.com/ 160 B
642 B 124ms
39ms Script
application/javascript 2600:9000:25f4:7600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25f4:7600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:44:50 GMT
via: 1.1 38ed7a81ebf68698e87cb5fd9ad4a3b2.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P4
age: 2809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:55:53 GMT
server: AmazonS3
etag: "ceee564f54e512a948f918e2710eab6e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Cc3UlVD3HUxssSA88usbMVElRI0spCT2Acj9VpZn4AhKQVvoyyUmLA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
218 B 72ms
70ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1728515537&t=pageview&_s=1&dl=https%3A%2F%2Faleryemamsig.webcindario.com%2Fe7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X%2F&ul=en-us&de=UTF-8&dt=Bienvenido&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABCAAAAC~&jid=1706224970&gjid=1167553680&cid=2037222158.1692524715&tid=UA-597118-7&_gid=1614251828.1692524715&_r=1&_slc=1&gtm=45He38g0n71T2VG59&z=147592282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:45:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aleryemamsig.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1916707217;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Faleryemamsig.webcindario.com%2Fe7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X%2F;uht=2;fpan=1;fpa=P0-6773701...
pixel.quantserve.com/ 35 B
371 B 47ms
46ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1916707217;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Faleryemamsig.webcindario.com%2Fe7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X%2F;uht=2;fpan=1;fpa=P0-677370183-1692524715115;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=webcindario.com;dst=0;et=1692524715243;tzo=600;ogl=;ses=0634bafd-f5c4-42eb-a66e-44f986bf65ab;mdl=

Requested by

Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:45:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 607f6b0b381bbc1f64fa027d62891072_cookie.php Show response
hosting.miarroba.info/ Frame 6E0E 46 B
442 B 152ms
151ms Document
text/html 2606:4700:3032::6815:50d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by: Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:50d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://aleryemamsig.webcindario.com
Referer: https://aleryemamsig.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f99b3ce6f972326-ORD
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Sun, 20 Aug 2023 09:45:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQaR9nT7N4szKXnAMlUTVN0p2Wie2OwhSK%2FGZmA4ABPVPyykJIvW0WrOTQgtC28PgGD8DjRbX%2BuIzgKZhLGCpeI8LpeKiTBHJDzvAIHRGlPJFLr9joBkETWtzsUwurmfkvGcpsRNrEQ2zCKJfYDa%2BsZUtlI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
356 B 137ms
50ms XHR
text/plain 2607:f8b0:4004:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-597118-7&cid=2037222158.1692524715&jid=1706224970&gjid=1167553680&_gid=1614251828.1692524715&_u=YAhAAAAACAAAAC~&z=317635173

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 20 Aug 2023 09:45:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aleryemamsig.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXO9Fcg7ZChaD7tN-aXj3RrPyxQtYZ-vpGw6xPJrm55k7mdK28WdDfBSmvXLgoaB96nxX1MSfWS8f7j9vPbJF9-aLEiU9dafkyX4lVk1vKbQCAszn8nJimigtpKFV17JCVka2SSVg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 112ms
111ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXO9Fcg7ZChaD7tN-aXj3RrPyxQtYZ-vpGw6xPJrm55k7mdK28WdDfBSmvXLgoaB96nxX1MSfWS8f7j9vPbJF9-aLEiU9dafkyX4lVk1vKbQCAszn8nJimigtpKFV17JCVka2SSVg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyNTI0NzE1LDQyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbGVyeWVtYW1zaWcud2ViY2luZGFyaW8uY29tL2U3VlNoajJPN2pzb1V6dVZtTmhJUEZnZUE3YnV6ZXBVVkh4YnBIcFJGcW90bUF6dHljYWtlNTR6NkFQTklZOFgvIixudWxsLFtbOCwiTmQ3dm1ZM1FEN0UiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nd7vmY3QD7E.es5.O/d=1/rs=AJlcJMwn7KwaPk-_kVskjMs9Z7qWDDYkcg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

188b2afe35eaf6f24346ab5b2b2921e3b2c00e10928e49f13bec182b27aa30c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_OdKGCjWALKui7Z71rAIqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-_OdKGCjWALKui7Z71rAIqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 188ms
75ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=2037222158.1692524715&jid=1706224970&_u=YAhAAAAACAAAAC~&z=673140990

Requested by

Host: aleryemamsig.webcindario.com
URL: https://aleryemamsig.webcindario.com/e7VShj2O7jsoUzuVmNhIPFgeA7buzepUVHxbpHpRFqotmAztycake54z6APNIY8X/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 09:45:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 88ms
87ms XHR
application/json 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54527729f2d5bfdad13daf491a6902194ec91255ed2082f0b8351808bf5b9bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11583
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 184ms
70ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 09:45:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C5E8 13 KB
5 KB 49ms
48ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 141553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:26:02 GMT
expires: Sat, 17 Aug 2024 18:26:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EA74 829 B
996 B 78ms
77ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7aadbe0a41b886365ba13341e7efcb99f2740949d130fdf5b5b747420e3980fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ANfNIuB_qq3qHKgyUkNMiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aleryemamsig.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-ANfNIuB_qq3qHKgyUkNMiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 09:45:15 GMT
expires: Sun, 20 Aug 2023 09:45:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame C5E8 37 KB
14 KB 48ms
47ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 01:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 01:23:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EA74 0
0 94ms
94ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=262966679511228&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C5E8 0
10 B 48ms
47ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ptpjxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 82ms
81ms Image
image/gif 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.4172038854976927

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6xFPyI26LCe_kvIJQFxY0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-6xFPyI26LCe_kvIJQFxY0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 205ms
204ms Image
image/gif 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.5828723609766

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FSn1c11VocDUwTstPo5abg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FSn1c11VocDUwTstPo5abg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
80ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=262966679511228&bg=!FxSlFEDNAAZGPLJIZjw7ADkAdvg8WsoR7EOnPhBQqxdsXrISh70jpg3LIOheTTNYhLFN07OataBup9kGGketOOBR-rRXkKOTlZ8CAAAAT1IAAAAJaAEHmQLbiJrGJ1MEZVROxNEbK0fna670C-BXim5uIOv_nwWdG6YaDClQOpYj2ZpO2xXDfrFiQxS_OtHud0akMN_yyYhjYWDGsG96okZFmujznu_2BUhrjajQDoSti0HV1kolHOKEL6_6V3AXBuuiDEqh0phn7JM5eoCkoTwXedTnjGgGZTXsdKHfnA-diUlfZbBQKciIsoZZMoUjgmNy_y5WPqnXHIAL0UDcstZKWCkSQ4AIze5kWYfYp_krRRa4PQQ93kAheW86HmXKhgHQBejpw5pi7eId4wWhd5M4TG5OpZ0oGYxgCgbMZ955hns6WQMj8xSOUYy7sOLIgWXvSwtjB2s7uUZtPrsAKYu8PSDVViJ_DhpAMTxez9ES8O8sa-JOm6kKwN965wqZGUf8Mtg_Y2c_lM2KXgEGuERQZcjgKVQj-9tvelQ0rf25_j4Sr-JbL5Fd-fBagdN8gqcl3PBdlx_lV1cx_zXHY_o_phdPczsNeg6k8AivoWPRhyhvGacH2oSZspxUU4G-Hpp73o6RxukRcsdc4NXvRzrpq4MfNgSiszOWCZO4WES78wKPd3TPk4Cg2hIvyz9FW9hb9NmePrW3BlD7zuvKsmjvyEz1ZdCUYjQiy-2nyRejrGSKsvYDQjF7lZi-OEY-eNG9M73kNYhdhnh6-kbzfZQMV6YFsPBm5Ro2A6lKy_yhHQ7Cjon9vVp0xO9jduNW0G97eKPJslfnVGj6hVFb5VGmXTnE9W3hPlSLC6odHEBIbfFMbnbYUUP_PVSM2jNWOSA4NnikRcmTPTsm5xTtVBO14U2tI_DQlE5ZyGFMKqj7kB02mMLSQzM-ph8V-jLSdsye92ecoj_Yvh_oMedgqSfJvXaX7HcjydjF3w8NOZ-a33kZao03ssoAqWxHbeD609hJQ2ZdSTyqxTdBV2SLWmurluIJBMgud8SnEldwdlF9mUPHt04qux_hF2uslG5C4bKzTXg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 204 AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 175ms
79ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JJISlhs14ag4ZVgtWhMoBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 09:45:16 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JJISlhs14ag4ZVgtWhMoBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aleryemamsig.webcindario.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad.300px;) Show response
fundingchoicesmessages.google.com/f/AGSKWxXw7f-nJ3BXve6C675q9mhyHvYFt28DTENetSu5KLhH5U9lGm3sMleAZ1p_KSrU3mfkyX3zzU2hB5WTAtvbKGGjsUvJjX6nTVIrU1U1-axACWaDFxi1YiKjBvbEaJq-a6pS1BOfYVMr56RRD3sXSrytIpTV9... 54 B
109 B 87ms
86ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXw7f-nJ3BXve6C675q9mhyHvYFt28DTENetSu5KLhH5U9lGm3sMleAZ1p_KSrU3mfkyX3zzU2hB5WTAtvbKGGjsUvJjX6nTVIrU1U1-axACWaDFxi1YiKjBvbEaJq-a6pS1BOfYVMr56RRD3sXSrytIpTV9TzaOxTZIvhUritSpRsxhvUDjKJ58YFK/_/ad250./adswrapperintl./deluxe/ad.300px;)?idaffiliation=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nd7vmY3QD7E.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwn7KwaPk-_kVskjMs9Z7qWDDYkcg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48d42d0d695a69858e739ccea2abee6d953db99a7c90cf360a0061008eee8205

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-M_DmTP43G7KNY33AiWvMaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-M_DmTP43G7KNY33AiWvMaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 48ms
47ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nd7vmY3QD7E.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwn7KwaPk-_kVskjMs9Z7qWDDYkcg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 01:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 01:38:58 GMT

POST
H3 204 AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
78ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--XDszwTZDRby9qygfO9ghA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--XDszwTZDRby9qygfO9ghA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aleryemamsig.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 82ms
81ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-W4xtYI_O_3Yzo2h9o9N4Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-W4xtYI_O_3Yzo2h9o9N4Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aleryemamsig.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 81ms
80ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6BwF0J85YkNjrdrhhMytZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6BwF0J85YkNjrdrhhMytZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aleryemamsig.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 78ms
78ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4bYiV0cUWyqEiWZ9dp2jzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4bYiV0cUWyqEiWZ9dp2jzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aleryemamsig.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUOxwZZGqW8espHdnWLRK2r_SSrq5jJZbX_uVeJeo4HVP-fhcRZgoS3BQTOuwgCQZIMGPkZhA6-jj7Du7EIyfc8iw1MbzZxoNFLxAXocuxm6ZY4iIcrmf3w6DtI7q7hiwIq26JHkQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 126ms
126ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUOxwZZGqW8espHdnWLRK2r_SSrq5jJZbX_uVeJeo4HVP-fhcRZgoS3BQTOuwgCQZIMGPkZhA6-jj7Du7EIyfc8iw1MbzZxoNFLxAXocuxm6ZY4iIcrmf3w6DtI7q7hiwIq26JHkQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyNTI0NzE3LDQ0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYWxlcnllbWFtc2lnLndlYmNpbmRhcmlvLmNvbS9lN1ZTaGoyTzdqc29VenVWbU5oSVBGZ2VBN2J1emVwVVZIeGJwSHBSRnFvdG1BenR5Y2FrZTU0ejZBUE5JWThYLyIsbnVsbCxbWzgsIk5kN3ZtWTNRRDdFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90d4eced831c736da52f4df11705f8f0593882e8d70055e31870d8622d97aa8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bRivZQNsOYL-ORZoOiSX9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-bRivZQNsOYL-ORZoOiSX9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 81ms
80ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EuoEACyWklAn5ajzoyA1Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-EuoEACyWklAn5ajzoyA1Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aleryemamsig.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVojyUNf8YugN1UQ0yJTKSeFa8sjWySK1oghl52MXJlvyKuIRefLceqmewSEeza1eB3xhM1idseA7z3J_3lno0tSn4wFg8hhQJmpkEByMFes1P-lrbhk4RU5iILhcW9m2Yx6yIy8A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 96ms
96ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVojyUNf8YugN1UQ0yJTKSeFa8sjWySK1oghl52MXJlvyKuIRefLceqmewSEeza1eB3xhM1idseA7z3J_3lno0tSn4wFg8hhQJmpkEByMFes1P-lrbhk4RU5iILhcW9m2Yx6yIy8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyNTI0NzE3LDU4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYWxlcnllbWFtc2lnLndlYmNpbmRhcmlvLmNvbS9lN1ZTaGoyTzdqc29VenVWbU5oSVBGZ2VBN2J1emVwVVZIeGJwSHBSRnFvdG1BenR5Y2FrZTU0ejZBUE5JWThYLyIsbnVsbCxbWzgsIk5kN3ZtWTNRRDdFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d32dd5669524b1ade90fcf4907be4c737913703d451f34e0059db39e9baf5308

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IoLywWW3ZbukjGObghFSCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-IoLywWW3ZbukjGObghFSCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVuko2ntcNIdSvmxcFfMIlpTt4VjiST1ejaeplDyRmwaMh1c-ltEXFTillM4nHNlcOeQ6OaZPkjw8I0ERabNV0aXdu_QH9C_HIX_AQwGeRr-x1Y1voMXR8MQ3XVSXCbhHF2AXBRvA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 111ms
111ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVuko2ntcNIdSvmxcFfMIlpTt4VjiST1ejaeplDyRmwaMh1c-ltEXFTillM4nHNlcOeQ6OaZPkjw8I0ERabNV0aXdu_QH9C_HIX_AQwGeRr-x1Y1voMXR8MQ3XVSXCbhHF2AXBRvA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyNTI0NzE3LDY4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZXMiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hbGVyeWVtYW1zaWcud2ViY2luZGFyaW8uY29tL2U3VlNoajJPN2pzb1V6dVZtTmhJUEZnZUE3YnV6ZXBVVkh4YnBIcFJGcW90bUF6dHljYWtlNTR6NkFQTklZOFgvIixudWxsLFtbOCwiTmQ3dm1ZM1FEN0UiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99f2db3a6d88235935e720f48cdee064503a2377db690d6def0baed96da38526

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-i0_7Ll09ksgSdndQO4teLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aleryemamsig.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-i0_7Ll09ksgSdndQO4teLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX91vE7z1-kWZ2-ALyHSP-_8axJDPIBJfTcLxrkw37cmvEZH-nbeQpSf_VCBkFz3GdnJvEiEra0HXzOr_u3WERqMPA7VuKwIhWNZ0rjEcA-uCxpJKdFutAKM4aXa4VCReX-EJBO1g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 81ms
81ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX91vE7z1-kWZ2-ALyHSP-_8axJDPIBJfTcLxrkw37cmvEZH-nbeQpSf_VCBkFz3GdnJvEiEra0HXzOr_u3WERqMPA7VuKwIhWNZ0rjEcA-uCxpJKdFutAKM4aXa4VCReX-EJBO1g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d_BD03AjJh5FKOWymDsogg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-d_BD03AjJh5FKOWymDsogg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aleryemamsig.webcindario.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 80ms
79ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU6EqTJe3O7UqJaA6ju9ErftjKGYgrvudOdyp3Vqkuqz2DuRa-I4MHP7amBHMwqrf34y_eDrXmcN0ixjP_8QehpANkv4-uLOJehM_DFEwl1aBpsCYkUfOvtJhF4T8FaaxGJt4kdIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-niFciXCrunv2f44f5068EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aleryemamsig.webcindario.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Aug 2023 09:45:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-niFciXCrunv2f44f5068EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aleryemamsig.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webcindario.com/	1970-01-20 23:44:44	Name: __muid Value: 388434c8e1df0a22b28e02e391930fe4768bb439
.doubleclick.net/	1970-01-20 14:08:45	Name: test_cookie Value: CheckForPermission
.webcindario.com/	1970-01-20 23:30:20	Name: __gads Value: ID=69482060fd87a24c-22922089ade30046:T=1692524715:RT=1692524715:S=ALNI_Maib0fxAl17Pg90n4RDnwG9u-nqpQ
.webcindario.com/	1970-01-20 23:30:20	Name: __gpi Value: UID=00000d8c974a1965:T=1692524715:RT=1692524715:S=ALNI_MZz5QGSRrkdyhTV5MMUpvYzwsO-jw
.aleryemamsig.webcindario.com/	1970-01-20 23:44:44	Name: _ga Value: GA1.3.2037222158.1692524715
.aleryemamsig.webcindario.com/	1970-01-20 14:10:11	Name: _gid Value: GA1.3.1614251828.1692524715
.aleryemamsig.webcindario.com/	1970-01-20 14:08:44	Name: _gat_UA-597118-7 Value: 1
.quantserve.com/	1970-01-20 23:38:59	Name: mc Value: 64e1e0ab-41ada-7747e-703de
.webcindario.com/	1970-01-20 23:33:13	Name: __qca Value: P0-677370183-1692524715115
.webcindario.com/	1970-01-20 22:54:20	Name: FCNEC Value: %5B%5B%22AKsRol8yCAzXYlCto-ukCu6CbKadIyzgAotu-aVzTgxgoHm1ZbR2tOILBJjP_FVDQq9y7Ah5SHljJkFLys0ubzgRIMBW7BP-AGNwpjXUg5lq8aDNMAsLZrGA45vy3mzifVQLusse7LCwAjMFHGhWXKkE-ss6XXB_KA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aleryemamsig.webcindario.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hosting.miarroba.info
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2600:9000:25f4:7600:6:44e3:f8c0:93a1
2606:4700:3032::6815:50d9
2607:f8b0:4004:c0b::9c
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2004
2620:116:800b:21:1456:d0e1:7db4:a56b
5.57.226.202
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
188b2afe35eaf6f24346ab5b2b2921e3b2c00e10928e49f13bec182b27aa30c2
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
345a39128d3a2a92e3eef985aadd696442a9daef8080bf29597984ff4e55a790
3c61497d7244edd9cdec098a08bbc38d06c759c40b6225ce0048fc214d40e552
48d42d0d695a69858e739ccea2abee6d953db99a7c90cf360a0061008eee8205
4aef46a92534e18244dd5997c085acd0f46c622f0cd8ddb669d9c7178a9ddb14
54527729f2d5bfdad13daf491a6902194ec91255ed2082f0b8351808bf5b9bc0
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c5891f4a1ccf362b6cb52357e25fb6b31af27a88fbafd8622a22f346a6b361
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7410ddee0235345ba46b45fa5bd6849716e4dab668654971124c6e3f7b8f2cd8
7aadbe0a41b886365ba13341e7efcb99f2740949d130fdf5b5b747420e3980fa
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
9097dfc3bffc51428e15ba3c1932a9149b99883fff532b757a2076eb99bce777
90d4eced831c736da52f4df11705f8f0593882e8d70055e31870d8622d97aa8e
99f2db3a6d88235935e720f48cdee064503a2377db690d6def0baed96da38526
9bd50d3d3742e9750e9f53fd86071235528b186fa7b2a23a044a229bec168ed0
9cc3aa540de4f2bd78231eb090869bbf9e226bf3ee6d60aa4903cd1123077b2d
9f567ec6bea5a905d8a9f583b525a0e1866813f3b78b4b9f901f60f4efb2378b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
cbd8c2c7400ad37e23b918783333ee97c500e513ac4426010206c4ac7f806693
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d32dd5669524b1ade90fcf4907be4c737913703d451f34e0059db39e9baf5308
d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a
d6ec56258c932c58f4660dbdc209a60415820928aed17ea3f4688c2f47aa9abc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e295874bf6b673d9fe889d5a03cb35a7721ef4e8ea1bd9986e63be2cbaa5ab7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e711a3c415b19b8a04ccbf6b6dfb835c4f4c6d281988ef177167bd9d1fc2e167
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe7b7bb97228ba8513282dcf5bf16314a0b9bd1d575288e84f27d0b733ddceec

aleryemamsig.webcindario.com Open in urlscan Pro 5.57.226.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

92 %IPv6

10 Domains

14 Subdomains

12 IPs

3 Countries

447 kBTransfer

1236 kBSize

10 Cookies

0 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aleryemamsig.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

447 kB
Transfer

1236 kB
Size

10
Cookies

55 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!