lniciobrural.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lniciobrural.webcindario.com/
Submission: On September 06 via api (September 6th 2023, 7:39:01 pm UTC) from US — Scanned from CA

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 51 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is lniciobrural.webcindario.com.
TLS certificate: Issued by R3 on June 24th 2023. Valid for: 3 months.

This is the only time lniciobrural.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banrural (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
10	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
2	104.21.80.217 104.21.80.217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
2	142.251.167.100 142.251.167.100	15169 (GOOGLE) (GOOGLE)
2	192.184.69.201 192.184.69.201	16509 (AMAZON-02) (AMAZON-02)
1	3.162.3.2 3.162.3.2	16509 (AMAZON-02) (AMAZON-02)
2	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
16	142.251.163.139 142.251.163.139	15169 (GOOGLE) (GOOGLE)
2	142.251.167.103 142.251.167.103	15169 (GOOGLE) (GOOGLE)
1	142.250.31.94 142.250.31.94	15169 (GOOGLE) (GOOGLE)
3	172.253.63.132 172.253.63.132	15169 (GOOGLE) (GOOGLE)
51	13

8 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

lniciobrural.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.80.217 (None, )

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.100 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.184.69.201 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-2.yul62.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.163.139 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f139.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.103 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1561 www.google.com — Cisco Umbrella Rank: 2	64 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	265 KB
8	webcindario.com lniciobrural.webcindario.com	572 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	10 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1322 pixel.quantserve.com — Cisco Umbrella Rank: 1108	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
2	miarroba.info hosting.miarroba.info	2 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 8913	408 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180	608 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1255	642 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	64 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 351	11 KB
51	12

	Domain	Requested by
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com lniciobrural.webcindario.com
8	pagead2.googlesyndication.com	lniciobrural.webcindario.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	lniciobrural.webcindario.com	lniciobrural.webcindario.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	lniciobrural.webcindario.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	hosting.miarroba.info	lniciobrural.webcindario.com
1	www.google.ca	lniciobrural.webcindario.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.quantserve.com	lniciobrural.webcindario.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googletagmanager.com	lniciobrural.webcindario.com
1	cdn.jsdelivr.net	lniciobrural.webcindario.com
51	16

This site contains no links.

Subject Issuer	Validity	Valid
*.webcindario.com R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
miarroba.info E1	`2023-08-11` - `2023-11-09`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://lniciobrural.webcindario.com/
Frame ID: 5240057F15706DB584A4B188EF984F1B
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/zrt_lookup.html
Frame ID: 0D36D1AA6060E325AF9E855A6A6B44AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1694054328&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flniciobrural.webcindario.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694029128336&bpp=3&bdt=1203&idt=234&shv=r20230831&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5583853362705&frm=20&pv=2&ga_vid=1790287647.1694029129&ga_sid=1694029129&ga_hid=1701570235&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921&oid=2&pvsid=649733201237774&tmod=312242960&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: 5654BD5B5237C2A56FDC4908065BAD3C
Requests: 1 HTTP requests in this frame

Frame: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 321EAAD309AC320FFA9C6C39C7841239
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EAD713D7AB3D745EE3378013729B26C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F5413A427B67226D684D47532B0B6CA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ban Rural

Detected technologies

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

51
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

16
Subdomains

13
IPs

3
Countries

1019 kB
Transfer

1795 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lniciobrural.webcindario.com/ 6 KB
2 KB 1431ms
125ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 9ec4bbb0d68d676755fd23d83b59596c9eda597e606c8e2820c77aff3279ab16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 06 Sep 2023 19:38:47 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: Webcindario Hosting Service

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 1155ms
60ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Requested by

Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

b18ded8809b651623721eb967b9816da2e58f9810e96e1eb191f086fbc135c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
Origin: https://lniciobrural.webcindario.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50429
x-xss-protection: 0
server: cafe
etag: 15282074149027215136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 19:38:48 GMT

GET
H2 200 logoizquierda.png
lniciobrural.webcindario.com/ 3 KB
3 KB 152ms
152ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lniciobrural.webcindario.com/logoizquierda.png
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: a6fe470e9b113281c6a7288dd3fe1798e02044344844162226c530efc3696bdd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
last-modified: Wed, 06 Sep 2023 13:28:19 GMT
server: nginx
etag: "64f87e73-ab7"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 2743

GET
H2 200 derecha.png
lniciobrural.webcindario.com/ 10 KB
10 KB 572ms
571ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lniciobrural.webcindario.com/derecha.png
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 0763760f370e096602956e45b03af9581c5946adf6b022e703c0f548972e21c6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
last-modified: Wed, 06 Sep 2023 13:28:17 GMT
server: nginx
etag: "64f87e71-28e1"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 10465

GET
H2 200 logo1.png
lniciobrural.webcindario.com/ 15 KB
15 KB 572ms
571ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lniciobrural.webcindario.com/logo1.png
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 1a717b0f7fa42f60869fca0eee8a720542cf657f8fc3459208d96f7400378805

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
last-modified: Wed, 06 Sep 2023 13:28:19 GMT
server: nginx
etag: "64f87e73-3d2c"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 15660

GET
H2 200 usuario.jpg
lniciobrural.webcindario.com/ 9 KB
9 KB 572ms
571ms Image
image/jpeg 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lniciobrural.webcindario.com/usuario.jpg
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: d49169c29e5fb4fee4848ad548905594d99d94870a0babe56a1513165169aae6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
last-modified: Wed, 06 Sep 2023 13:28:22 GMT
server: nginx
etag: "64f87e76-23c2"
x-powered-by: Webcindario Hosting Service
content-type: image/jpeg
accept-ranges: bytes
content-length: 9154

GET
H2 200 boton.JPG
lniciobrural.webcindario.com/ 17 KB
18 KB 573ms
572ms Image
image/jpeg 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lniciobrural.webcindario.com/boton.JPG
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 9e42b2dae3df4833052b4b5a38ee2444176ee58052cdbfa582ecdebf2ff84735

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
last-modified: Wed, 06 Sep 2023 13:28:08 GMT
server: nginx
etag: "64f87e68-457c"
x-powered-by: Webcindario Hosting Service
content-type: image/jpeg
accept-ranges: bytes
content-length: 17788

GET
H2 200 campos.JPG
lniciobrural.webcindario.com/ 43 KB
43 KB 573ms
572ms Image
image/jpeg 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lniciobrural.webcindario.com/campos.JPG
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 2b4012d9b3a69a58f63311ee5b8cad2ad054cb677f595e6781f43f42592c4688

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
last-modified: Wed, 06 Sep 2023 13:28:09 GMT
server: nginx
etag: "64f87e69-ab26"
x-powered-by: Webcindario Hosting Service
content-type: image/jpeg
accept-ranges: bytes
content-length: 43814

GET
H2 200 / Show response
hosting.miarroba.info/ 1 KB
1 KB 7843ms
560ms Script
application/javascript 104.21.80.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=626215145a3c6741fdab494bb717902f2823d372&h=2140967&t=1694029127&k=1bc5f0aa94a4bc0433118d248957a963
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 786049e29f84946133193c21a773253f918963263c028b6162ca405e6524a548

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 19:38:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 06 Sep 2023 19:38:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcR3gnQagomBZSV3x3gU6pcnGHMF4XJius%2BeDGpv66ZU2Vb6vnwtvn5qeuaOSMSk6cF98iaHdKeF%2B%2FIcgED4AgGCt%2BRyuMb1hpioyrePfUSCOvt%2BIJBv7mY4w4qNa6AJY50%2FcxAO7PE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache
cf-ray: 80292cca6b46387e-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios@1.1.2/dist/ 26 KB
11 KB 7314ms
32ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios@1.1.2/dist/axios.min.js

Requested by

Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ffb6e270a7bbb1ea1b797965ae85e35760b38b98744478a4151ddee79a31d215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Sep 2023 19:38:54 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3088430
x-jsd-version: 1.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10349
x-served-by: cache-fra-eddf8230112-FRA, cache-yyz4523-YYZ
x-jsd-version-type: version
etag: W/"67d4-ae22gWc+WteU0z+fBbiwjqlAwTs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 175 KB
64 KB 120ms
49ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

da10eba34f525d05d8ee63bcf6b23f362667c37d5fb5abd26fcf7fb63390c671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65407
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Sep 2023 19:38:47 GMT

GET
H2 200 bg-login-1.jpg
lniciobrural.webcindario.com/ 470 KB
471 KB 572ms
572ms Image
image/jpeg 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lniciobrural.webcindario.com/bg-login-1.jpg
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 356e39b83843058e39836d3242a43f3ecc233e4741df501e7562fae07615d510

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
last-modified: Wed, 06 Sep 2023 13:28:09 GMT
server: nginx
etag: "64f87e69-759e2"
x-powered-by: Webcindario Hosting Service
content-type: image/jpeg
accept-ranges: bytes
content-length: 481762

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7184ms
52ms Script
text/javascript 142.251.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Sep 2023 17:47:16 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6698
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Sep 2023 19:47:16 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 276ms
88ms Script
application/javascript 192.184.69.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.184.69.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:47 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 13 Sep 2023 19:38:47 GMT

GET
H2 200 rules-p-d5x2uDVHd7ALE.js Show response
rules.quantcount.com/ 160 B
642 B 80ms
25ms Script
application/javascript 3.162.3.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-3-2.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 18:45:18 GMT
via: 1.1 764453ad26f42978656c5c159a3b32ce.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 3369
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:55:53 GMT
server: AmazonS3
etag: "ceee564f54e512a948f918e2710eab6e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 8qp5t5KIzv52sP4ZfTfLDkWwlygylN_CA_wgoenwEdJ3OBCV-6bQjA==

GET
H2 200 pixel;r=1806203731;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Flniciobrural.webcindario.com%2F;uht=2;fpan=1;fpa=P0-155890608-1694029127621;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm...
pixel.quantserve.com/ 35 B
325 B 94ms
83ms Image
image/gif 192.184.69.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1806203731;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Flniciobrural.webcindario.com%2F;uht=2;fpan=1;fpa=P0-155890608-1694029127621;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=webcindario.com;dst=1;et=1694029127704;tzo=420;ogl=;ses=79fe3bcd-9cfb-45a9-a539-8c645eeb4d39;mdl=
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.184.69.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
date: Wed, 06 Sep 2023 19:38:47 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ 377 KB
128 KB 147ms
77ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

07bd64aa5019043f7586a3f05dd7033962f9c87998f2531a2a716812aac4e231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131227
x-xss-protection: 0
server: cafe
etag: 3334251156158504839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 19:38:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/ Frame 0D36 10 KB
5 KB 109ms
36ms Document
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

age: 40806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 08:18:42 GMT
etag: 9878862242593084568
expires: Wed, 20 Sep 2023 08:18:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
608 B 116ms
43ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lniciobrural.webcindario.com&callback=_gfp_s_&client=ca-pub-7294310421616689

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

69fac2a3e8d852e59ee2800cf244ad535c0a86217d4eccf8683d64266ce2f92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5654 11 KB
5 KB 341ms
341ms Document
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1694054328&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flniciobrural.webcindario.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694029128336&bpp=3&bdt=1203&idt=234&shv=r20230831&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5583853362705&frm=20&pv=2&ga_vid=1790287647.1694029129&ga_sid=1694029129&ga_hid=1701570235&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921&oid=2&pvsid=649733201237774&tmod=312242960&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

32a00b0cfe3488e447e1fae4772c9ce7cd6b7e9eedc32a21b5b324a06b872ff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4765
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 19:38:48 GMT
expires: Wed, 06 Sep 2023 19:38:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-7294310421616689 Show response
fundingchoicesmessages.google.com/i/ 154 KB
51 KB 167ms
84ms Script
application/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7294310421616689?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

261261966ca8795a5b1b9f3ca8ae430524aae71b51ff55632bf66be9f342b032

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-4h08tXnrYXgZqaieWjiukg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-4h08tXnrYXgZqaieWjiukg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44787782&pos=UNKNOWN_POSITION&vpt=MOBILE&pvc=649733201237774

Requested by

Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 19:38:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUpJQ4NgDFh9ceSmAWqiFELRqLj3ZVTuOSEd_WeAwspsSkkChz67HqMSz2bLhoN9aoTrEg7U_AXEYccsm4jwuJscheQakv5Qfnntv2NQuSM86AW79Q9U2LQGS_wHcU8y8-HCnbl_A== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 95ms
95ms Script
application/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUpJQ4NgDFh9ceSmAWqiFELRqLj3ZVTuOSEd_WeAwspsSkkChz67HqMSz2bLhoN9aoTrEg7U_AXEYccsm4jwuJscheQakv5Qfnntv2NQuSM86AW79Q9U2LQGS_wHcU8y8-HCnbl_A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk0MDI5MTI5LDE3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sbmljaW9icnVyYWwud2ViY2luZGFyaW8uY29tLyIsbnVsbCxbWzgsIjhzZGtOcDB3UXlZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8sdkNp0wQyY.es5.O/d=1/rs=AJlcJMxm-FXjkBulfQ1FVV9ux25ZaT_DOg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

bd763114becdfd1c6b33df18573d730aef86229041e3f088ab6cb16b44e4d121

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-uQ4NPZMSI8IKQ8SCC9fWHQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-uQ4NPZMSI8IKQ8SCC9fWHQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
66 B 58ms
57ms Image
image/gif 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.2889171043855683

Requested by

Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-GlcuWe72vfueZQSJPK1xfA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 19:38:50 GMT
content-security-policy: script-src 'nonce-GlcuWe72vfueZQSJPK1xfA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
66 B 70ms
69ms Image
image/gif 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.6874389795936529

Requested by

Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-dM_OKt4jNCuPNDhSOh4ePg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 19:38:50 GMT
content-security-policy: script-src 'nonce-dM_OKt4jNCuPNDhSOh4ePg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXkO46VdnzrSerVODFFegO3ialUZNG0tnHu5ubrWctDiTeu6c66zV25BvDIpEkCd_t3YdQfCK1jTZeUIhWCfl-spc-qKDn4Smv8mftOJ3ciI1Bg3Ncju_e9xLphxJdG8KchPjvRzQ== Show response
fundingchoicesmessages.google.com/el/ 0
26 B 133ms
62ms XHR
text/html 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkO46VdnzrSerVODFFegO3ialUZNG0tnHu5ubrWctDiTeu6c66zV25BvDIpEkCd_t3YdQfCK1jTZeUIhWCfl-spc-qKDn4Smv8mftOJ3ciI1Bg3Ncju_e9xLphxJdG8KchPjvRzQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-6n5PZp_UBZEoEu60Rlad4w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 06 Sep 2023 19:38:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-6n5PZp_UBZEoEu60Rlad4w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lniciobrural.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 popundr_-600x70. Show response
fundingchoicesmessages.google.com/f/AGSKWxVQOZmYs9ceBCqXdGqz7P4rd3kgZhdyiRiSUSALKy7Txwpx591DaLeQtlAK9YbEVfwLqeVVvgZl2GmFyfeZkBD4lBSbYshktUUZk7jzuoaH4Be3U7mtU_vQwzaY2Z8ubv5YHfBFgRyIz-bFY5yRjH4zS63U1... 54 B
105 B 60ms
59ms Script
application/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVQOZmYs9ceBCqXdGqz7P4rd3kgZhdyiRiSUSALKy7Txwpx591DaLeQtlAK9YbEVfwLqeVVvgZl2GmFyfeZkBD4lBSbYshktUUZk7jzuoaH4Be3U7mtU_vQwzaY2Z8ubv5YHfBFgRyIz-bFY5yRjH4zS63U1id-RXJkBFyZ7txQLSE5m-kjXfV3g0CL/_/popunderking./spc_fi.php/affiliate_link.js/popundr_-600x70.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8sdkNp0wQyY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxm-FXjkBulfQ1FVV9ux25ZaT_DOg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

7aefe2b2954ad986e78db87725bd1ca1d585063d56bf76bf244fca7d618ea3e8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-t-3Ffh7msnbsXpvnvE18Zw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-t-3Ffh7msnbsXpvnvE18Zw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 58ms
57ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.8sdkNp0wQyY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxm-FXjkBulfQ1FVV9ux25ZaT_DOg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

9164a7f4db3ee8b731695d7814722d7121ab86d1444818750583a85089a40156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50406
x-xss-protection: 0
server: cafe
etag: 2168416901934048742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 19:38:50 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkO46VdnzrSerVODFFegO3ialUZNG0tnHu5ubrWctDiTeu6c66zV25BvDIpEkCd_t3YdQfCK1jTZeUIhWCfl-spc-qKDn4Smv8mftOJ3ciI1Bg3Ncju_e9xLphxJdG8KchPjvRzQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-cg_ZjW_R-ICrRCo2sc4xxQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 06 Sep 2023 19:38:50 GMT
content-security-policy: script-src 'nonce-cg_ZjW_R-ICrRCo2sc4xxQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lniciobrural.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkO46VdnzrSerVODFFegO3ialUZNG0tnHu5ubrWctDiTeu6c66zV25BvDIpEkCd_t3YdQfCK1jTZeUIhWCfl-spc-qKDn4Smv8mftOJ3ciI1Bg3Ncju_e9xLphxJdG8KchPjvRzQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-HSOef79VCRWzpPbaAFXvaA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-HSOef79VCRWzpPbaAFXvaA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lniciobrural.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkO46VdnzrSerVODFFegO3ialUZNG0tnHu5ubrWctDiTeu6c66zV25BvDIpEkCd_t3YdQfCK1jTZeUIhWCfl-spc-qKDn4Smv8mftOJ3ciI1Bg3Ncju_e9xLphxJdG8KchPjvRzQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-OV7xec6nYjlbXhgaxioJUQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: script-src 'nonce-OV7xec6nYjlbXhgaxioJUQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lniciobrural.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkO46VdnzrSerVODFFegO3ialUZNG0tnHu5ubrWctDiTeu6c66zV25BvDIpEkCd_t3YdQfCK1jTZeUIhWCfl-spc-qKDn4Smv8mftOJ3ciI1Bg3Ncju_e9xLphxJdG8KchPjvRzQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-VXrHTmwN40R9_VuK4AwekA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-VXrHTmwN40R9_VuK4AwekA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lniciobrural.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXLszbCVfpkPMgpzzkY5C658Hlv1fetViICEMnY-lO7tytvqjGcvPvkDtEjOCReX_Up4crTVdQ7mheLMnpLw6uzTv0e4KbtJ7-Wpbi3C5sdXIn5QByjoQ0Z5BwgadLAICL1CK6lPA== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 73ms
73ms Script
application/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXLszbCVfpkPMgpzzkY5C658Hlv1fetViICEMnY-lO7tytvqjGcvPvkDtEjOCReX_Up4crTVdQ7mheLMnpLw6uzTv0e4KbtJ7-Wpbi3C5sdXIn5QByjoQ0Z5BwgadLAICL1CK6lPA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk0MDI5MTMxLDI4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9sbmljaW9icnVyYWwud2ViY2luZGFyaW8uY29tLyIsbnVsbCxbWzgsIjhzZGtOcDB3UXlZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

9d5e9e6e6c146d842782e7bb39dac9a3082cc5ecee80c9ff2cdcba93562961b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-ZPrBi_86P8oQ03Bk9UOQNA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: script-src 'nonce-ZPrBi_86P8oQ03Bk9UOQNA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkO46VdnzrSerVODFFegO3ialUZNG0tnHu5ubrWctDiTeu6c66zV25BvDIpEkCd_t3YdQfCK1jTZeUIhWCfl-spc-qKDn4Smv8mftOJ3ciI1Bg3Ncju_e9xLphxJdG8KchPjvRzQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-eoonrZdLXAk4WazwsQT7Mg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: script-src 'nonce-eoonrZdLXAk4WazwsQT7Mg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lniciobrural.webcindario.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXGOcYrgq7kU8eqHgkuh9JWY5QgQD6CP5_QUh2m0nK6l0sKCh1D7a5k73ZvTAmoviwcIK07H7BtCB-TKs8t-oB90oqRXlRYnP9h2dfhIr8ImpG3g-9f24JniqkQ4D_1-ZBpEyB63w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 77ms
77ms Script
application/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXGOcYrgq7kU8eqHgkuh9JWY5QgQD6CP5_QUh2m0nK6l0sKCh1D7a5k73ZvTAmoviwcIK07H7BtCB-TKs8t-oB90oqRXlRYnP9h2dfhIr8ImpG3g-9f24JniqkQ4D_1-ZBpEyB63w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk0MDI5MTMxLDEwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbG5pY2lvYnJ1cmFsLndlYmNpbmRhcmlvLmNvbS8iLG51bGwsW1s4LCI4c2RrTnAwd1F5WSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

7d4d32528190f3f29db9bb42192eea2469103d08e8a9b3853e4e5c187844037f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-MlS_pMppkvw407yfpY2HSg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-MlS_pMppkvw407yfpY2HSg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXCYnpz_igTKTod9UNjTGWje0cKhtzAhzpaPckr8BszmZQQmqECBKIX9MyJecQIg1jdu5ywQeYuuvjD8p11s0pKEXePfDOORHj3yu0BTD18Yp7a1cAWIedn2VJ8c4UtWOzEkBWUXg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
71ms Script
application/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXCYnpz_igTKTod9UNjTGWje0cKhtzAhzpaPckr8BszmZQQmqECBKIX9MyJecQIg1jdu5ywQeYuuvjD8p11s0pKEXePfDOORHj3yu0BTD18Yp7a1cAWIedn2VJ8c4UtWOzEkBWUXg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk0MDI5MTMxLDE4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZXMiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9sbmljaW9icnVyYWwud2ViY2luZGFyaW8uY29tLyIsbnVsbCxbWzgsIjhzZGtOcDB3UXlZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

186c43dadaf40310fb74f61219f86a5f72973b729381c9c483aebf850cb4c3f5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-TifMEkBmW6Hpuyn5ClJRRA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-TifMEkBmW6Hpuyn5ClJRRA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX1JvRvYnuOB_K4OAY8JYeyKRmrLSE5q_qZDRrrQAttnWoaz6mGX_sBPgl4Y4_K7bUvyhOBzqIqBu83hzLz23ePq-qhL8avqfoOa_dJ95fTPIbTuxLUAgz4xaQt5eI-zzYPjIS_5A== Show response
fundingchoicesmessages.google.com/el/ 0
26 B 52ms
52ms XHR
text/html 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX1JvRvYnuOB_K4OAY8JYeyKRmrLSE5q_qZDRrrQAttnWoaz6mGX_sBPgl4Y4_K7bUvyhOBzqIqBu83hzLz23ePq-qhL8avqfoOa_dJ95fTPIbTuxLUAgz4xaQt5eI-zzYPjIS_5A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-piHsOUT21zDAIKcYEcdqcQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: script-src 'nonce-piHsOUT21zDAIKcYEcdqcQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lniciobrural.webcindario.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkO46VdnzrSerVODFFegO3ialUZNG0tnHu5ubrWctDiTeu6c66zV25BvDIpEkCd_t3YdQfCK1jTZeUIhWCfl-spc-qKDn4Smv8mftOJ3ciI1Bg3Ncju_e9xLphxJdG8KchPjvRzQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-eyO8QaDEBeDUxGE1Mjtmdg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 06 Sep 2023 19:38:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-eyO8QaDEBeDUxGE1Mjtmdg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://lniciobrural.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
218 B 44ms
43ms XHR
text/plain 142.251.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1701570235&t=pageview&_s=1&dl=https%3A%2F%2Flniciobrural.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Ban%20Rural&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABCAAAAC~&jid=1777752892&gjid=2133279385&cid=1790287647.1694029129&tid=UA-597118-7&_gid=1365408840.1694029135&_r=1&_slc=1&gtm=45He38u0n71T2VG59&z=1040513579

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 19:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lniciobrural.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
358 B 114ms
43ms XHR
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-597118-7&cid=1790287647.1694029129&jid=1777752892&gjid=2133279385&_gid=1365408840.1694029135&_u=YAhAAAAACAAAAC~&z=1899177935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lniciobrural.webcindario.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 06 Sep 2023 19:38:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lniciobrural.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 120ms
48ms Image
image/gif 142.251.167.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=1790287647.1694029129&jid=1777752892&_u=YAhAAAAACAAAAC~&z=343466805

Requested by

Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 19:38:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 372ms
47ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=1790287647.1694029129&jid=1777752892&_u=YAhAAAAACAAAAC~&z=343466805

Requested by

Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 06 Sep 2023 19:38:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 607f6b0b381bbc1f64fa027d62891072_cookie.php Show response
hosting.miarroba.info/ Frame 321E 46 B
460 B 148ms
147ms Document
text/html 104.21.80.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by: Host: lniciobrural.webcindario.com
URL: https://lniciobrural.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://lniciobrural.webcindario.com
Referer: https://lniciobrural.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80292ccdd94f387e-YYZ
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Wed, 06 Sep 2023 19:38:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnaJmhVYguUT3YD%2BtBnsulJhuGhMMTYqaBGCmqc4imtuc2%2Fc68wveX1aZMkrOXVVvQd%2F0dlDgHRVI3Vr2WFFqY2I7htZz1T5S1p9sdTelP88wp9ppeRRkr6eyTXatGEA0k5lMcUzKNE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 52ms
52ms XHR
application/json 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230831&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

cafe /

Resource Hash

70f51eb2d925e37b8d159e8b35a9bc511637630ae4f7e802f66dcaad90977ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11749
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 126ms
51ms Script
text/javascript 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Sep 2023 19:38:55 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EAD7 13 KB
5 KB 35ms
35ms Document
text/html 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lniciobrural.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 516716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 20:06:59 GMT
expires: Fri, 30 Aug 2024 20:06:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8F54 829 B
980 B 53ms
53ms Document
text/html 142.251.167.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f103.1e100.net

Software

GSE /

Resource Hash

9539145a6df93a8fbc0729cff92f2c9cbdaae20e588974775cb51b165610a83f

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce--llL7-mNU0KoqntuvIK9nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lniciobrural.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'nonce--llL7-mNU0KoqntuvIK9nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Sep 2023 19:38:55 GMT
expires: Wed, 06 Sep 2023 19:38:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js Show response
pagead2.googlesyndication.com/bg/ Frame EAD7 37 KB
14 KB 36ms
36ms Script
text/javascript 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

sffe /

Resource Hash

cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 08:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14793
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 08:21:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8F54 0
0 51ms
51ms Image
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230831&jk=649733201237774&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EAD7 0
10 B 35ms
34ms Image
text/plain 172.253.63.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fLxyhw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 06 Sep 2023 19:38:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230831&jk=649733201237774&bg=!MzClMH_NAAYHwnCgJ8I7ADQBe5WfOGiDqPwXps2PLcIfv4DTepJGRYWCX7OQ2dd9Y0kxJtR_0wkEziM1rYL3sFXkbVD0AgAAAERSAAAADGgBB5kCwRe__Ih1WjJa_kcr5CWNMgTA5de3CzOmSta75_5y15HN55D2ZbbLKAoPsSoKuibIXVWZ0Ba-wYpIBEt53GDWyeE5DYC_bsgjzwMpMw1cLCe51NsAOS8Fm_c1qYTn1AC423Y_i8-QtIk0dFAHMXELAPVYgJgxb2U6SyoOS_-Q_K7_Gb6Ux2tqFXjDJ-mnHxALWGA2-SBavHKB2wmznxospkghNJuFxU5T-oFf54fF_f6hSM20nFzvyHw2i7GCW0vI-LlqG6H4ppSPqFsObfNN8PknR8yZ7-3eVzmkYmG38PRQKcgZiMTANvUrXijKA6hBl0cKy352NAFSs6ZFhg6pB8it2QRnTSzVOyt9MW1Ye5zauojNmu3Fz4_AZ-fPZ3m3aHerJBSAYBZAg1qfZmIPh_ked5my8kPvqJKmHCN8AtbAaHfoEk2YHTah4QJznk13pGM7cEOS6ZogqZWHuQdOVkYj2OXPE0DqHPh4pkMsQsqL1raz9zM4KOcckdheXi_LfcmICRp_kWaL846mDpMJCgy0SQcsGHn9C9loTFkIgi3RCIkd2872vkZiovuK4zWAMaqFu2sA6vqObdIDzqJIphwze2d3KvZz-KD1gQ-HeuOAOxNcsiHKgc1npJ5rqFNKeOiIo5X6zyDvu4tznL7aCJxiMRzCOOYdUpYOn9h7UHw03hIFBLyDeXYsxQ3whTVXAmsqprliAG22xjyI3ozie9gNT4Gyn_AI_18-dTo0fG2kVTG4eEin5cqqH3BTaIRq_1BnUi2Brrm6B2ApDQ1egtQUn6OD0Nixi1J-T1A0ADPxHr_6bowWgcSYfaOlnMMEIPnbF1si4ZjuCZAkUOQBYgowuKqESG5GBoywsYaPlTDsWrjhcFLEJdb0KJ7N9e8yxn-WbdswCxVttTdYM9_sN_55hGfVxckPSkBT9Nu6X9fsFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://lniciobrural.webcindario.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banrural (Banking)

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webcindario.com/	1970-01-21 00:09:49	Name: __muid Value: 626215145a3c6741fdab494bb717902f2823d372
.webcindario.com/	1970-01-20 23:58:17	Name: __qca Value: P0-155890608-1694029127621
.webcindario.com/	1970-01-20 23:55:25	Name: __gads Value: ID=feb91f98cc3f0403-2235139fc2e30011:T=1694029128:RT=1694029128:S=ALNI_Mbn6uWUkjUcMbxxnRQx3843lnlniA
.webcindario.com/	1970-01-20 23:55:25	Name: __gpi Value: UID=00000d90735e7bc6:T=1694029128:RT=1694029128:S=ALNI_MZ5csDvT2L6V-KFEpVsD1ErB3MYPw
.doubleclick.net/	1970-01-20 14:33:50	Name: test_cookie Value: CheckForPermission
.webcindario.com/	1970-01-20 23:19:25	Name: FCNEC Value: %5B%5B%22AKsRol-gmJvheo9jvidaR0KadG_BfAvR0fKrcZNJ1V2C4v91NSlXdBec8RSDfFfHv_E8fsoSLGTsROwj8R3fvTqhryb-XH6xsYWo-0ve9-Yt32ol5N-plyj84DWbM_mR0fElJFL9Moeu6WOzfOfOv49gSH2gtTeW1A%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.lniciobrural.webcindario.com/	1970-01-21 00:09:49	Name: _ga Value: GA1.3.1790287647.1694029129
.lniciobrural.webcindario.com/	1970-01-20 14:35:15	Name: _gid Value: GA1.3.1365408840.1694029135
.lniciobrural.webcindario.com/	1970-01-20 14:33:49	Name: _gat_UA-597118-7 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hosting.miarroba.info
lniciobrural.webcindario.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
104.21.80.217
142.250.31.94
142.251.163.139
142.251.167.100
142.251.167.103
151.101.1.229
172.253.62.154
172.253.63.132
172.253.63.155
172.253.63.97
192.184.69.201
3.162.3.2
5.57.226.202
0763760f370e096602956e45b03af9581c5946adf6b022e703c0f548972e21c6
07bd64aa5019043f7586a3f05dd7033962f9c87998f2531a2a716812aac4e231
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
186c43dadaf40310fb74f61219f86a5f72973b729381c9c483aebf850cb4c3f5
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88
1a717b0f7fa42f60869fca0eee8a720542cf657f8fc3459208d96f7400378805
261261966ca8795a5b1b9f3ca8ae430524aae71b51ff55632bf66be9f342b032
2b4012d9b3a69a58f63311ee5b8cad2ad054cb677f595e6781f43f42592c4688
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32a00b0cfe3488e447e1fae4772c9ce7cd6b7e9eedc32a21b5b324a06b872ff1
356e39b83843058e39836d3242a43f3ecc233e4741df501e7562fae07615d510
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69fac2a3e8d852e59ee2800cf244ad535c0a86217d4eccf8683d64266ce2f92b
70f51eb2d925e37b8d159e8b35a9bc511637630ae4f7e802f66dcaad90977ab0
786049e29f84946133193c21a773253f918963263c028b6162ca405e6524a548
7aefe2b2954ad986e78db87725bd1ca1d585063d56bf76bf244fca7d618ea3e8
7d4d32528190f3f29db9bb42192eea2469103d08e8a9b3853e4e5c187844037f
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
9164a7f4db3ee8b731695d7814722d7121ab86d1444818750583a85089a40156
9539145a6df93a8fbc0729cff92f2c9cbdaae20e588974775cb51b165610a83f
9d5e9e6e6c146d842782e7bb39dac9a3082cc5ecee80c9ff2cdcba93562961b1
9e42b2dae3df4833052b4b5a38ee2444176ee58052cdbfa582ecdebf2ff84735
9ec4bbb0d68d676755fd23d83b59596c9eda597e606c8e2820c77aff3279ab16
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a6fe470e9b113281c6a7288dd3fe1798e02044344844162226c530efc3696bdd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b18ded8809b651623721eb967b9816da2e58f9810e96e1eb191f086fbc135c54
bd763114becdfd1c6b33df18573d730aef86229041e3f088ab6cb16b44e4d121
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
d49169c29e5fb4fee4848ad548905594d99d94870a0babe56a1513165169aae6
d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a
da10eba34f525d05d8ee63bcf6b23f362667c37d5fb5abd26fcf7fb63390c671
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffb6e270a7bbb1ea1b797965ae85e35760b38b98744478a4151ddee79a31d215

lniciobrural.webcindario.com Open in urlscan Pro 5.57.226.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

0 %IPv6

12 Domains

16 Subdomains

13 IPs

3 Countries

1019 kBTransfer

1795 kBSize

9 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lniciobrural.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

16
Subdomains

13
IPs

3
Countries

1019 kB
Transfer

1795 kB
Size

9
Cookies

51 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!