urlscan.io logo urlscan.io
SecurityTrails logo

portalbeneficios.click Open in urlscan Pro
45.133.18.32  Public Scan

Go To Rescan Add Verdict Report
URL: https://portalbeneficios.click/
Submission: On June 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 10 countries across 39 domains to perform 208 HTTP transactions. The main IP is 45.133.18.32, located in Moscow, Russian Federation and belongs to AS-ITGLOBALCOM ITGLOBAL.COM, NL. The main domain is portalbeneficios.click.
TLS certificate: Issued by R11 on June 10th 2024. Valid for: 3 months.
This is the only time portalbeneficios.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 45.133.18.32 208951 (AS-ITGLOB...)
23 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 95.101.149.35 16625 (AKAMAI-AS)
3 142.250.186.130 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:6ea0:ca3... 60068 (CDN77 _)
1 2600:9000:211... 16509 (AMAZON-02)
3 104.16.160.145 13335 (CLOUDFLAR...)
1 34.120.149.35 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 172.67.159.162 13335 (CLOUDFLAR...)
1 172.67.8.244 13335 (CLOUDFLAR...)
16 151.101.1.44 54113 (FASTLY)
2 2620:1ec:bdf::67 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.66.132 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 104.18.15.5 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 18.244.18.32 16509 (AMAZON-02)
2 23.32.185.35 16625 (AKAMAI-AS)
1 151.101.131.52 54113 (FASTLY)
1 142.250.186.98 15169 (GOOGLE)
1 142.250.186.132 15169 (GOOGLE)
2 172.217.18.3 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 35.214.149.91 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 34.36.216.150 396982 (GOOGLE-CL...)
1 1 54.220.158.112 16509 (AMAZON-02)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
7 212.36.83.245 15699 (AS_ADAM A...)
2 8 2607:ae80:4::51 26558 (FREEWHEEL)
2 54.188.69.90 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
3 162.19.96.35 16276 (OVH)
1 2600:9000:211... 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
3 151.101.65.44 54113 (FASTLY)
2 44.196.76.126 14618 (AMAZON-AES)
11 199.232.197.91 54113 (FASTLY)
2 207.244.71.146 30633 (LEASEWEB-...)
3 4.227.249.197 8075 (MICROSOFT...)
3 212.36.83.215 15699 (AS_ADAM A...)
11 141.226.228.48 200478 (TABOOLA-AS)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 151.101.193.44 54113 (FASTLY)
10 184.28.88.244 16625 (AKAMAI-AS)
3 18.158.70.98 16509 (AMAZON-02)
3 7 154.54.250.80 26558 (FREEWHEEL)
1 23.82.15.162 30633 (LEASEWEB-...)
3 35.244.159.8 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
2 185.64.190.75 62713 (AS-PUBMATIC)
4 185.64.190.89 62713 (AS-PUBMATIC)
2 2600:9000:223... ()
1 1 18.134.84.19 ()
1 15.197.193.217 ()
1 142.250.185.226 ()
1 52.46.143.56 ()
208 61
4    45.133.18.32 (Moscow, Russian Federation)

ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL)
portalbeneficios.click
23    2606:4700::6812:e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ambito.com
usuarios.ambito.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6812:13e4 (United States)

ASN13335 (CLOUDFLARENET, US)
s-adzone.com
1    2a02:6ea0:ca3a::4 (London, United Kingdom)

ASN60068 (CDN77 _, GB)
ads.vidoomy.com
1    2600:9000:211e:c800:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.unblockia.com
3    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    34.120.149.35 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 35.149.120.34.bc.googleusercontent.com
media.ambito.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    172.67.8.244 (United States)

ASN13335 (CLOUDFLARENET, US)
api.retargetly.com
16    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
15.taboola.com
2    2620:1ec:bdf::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2606:4700::6812:1299 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.thinkindot.com
2    151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
player.ex.co
1    2606:4700::6812:f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ambito.com
19    104.18.15.5 (None, )

ASN13335 (CLOUDFLARENET, US)
www.ambito.com
usuarios.ambito.com
2    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    18.244.18.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net
sb.scorecardresearch.com
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
at.teads.tv
1    151.101.131.52 (San Francisco, United States)

ASN54113 (FASTLY, US)
s1.adzonestatic.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net
www.google.de
1    2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
vpaid.vidoomy.com
1    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
1    54.220.158.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-158-112.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
7    212.36.83.245 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es
a.vidoomy.com
8    2607:ae80:4::51 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    54.188.69.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-69-90.us-west-2.compute.amazonaws.com
tracker.thinkindot.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
3    162.19.96.35 (Paris, France)

ASN16276 (OVH, FR)
PTR: haproxy03.cl13.ovh.mrf.io
events.newsroom.bi
1    2600:9000:211e:f400:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
loader.unblockia.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
vidstat.taboola.com
pips.taboola.com
2    44.196.76.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-76-126.compute-1.amazonaws.com
collector-1.ex.co
11    199.232.197.91 (United States)

ASN54113 (FASTLY, US)
mcd.ex.co
cdn.ex.co
2    207.244.71.146 (New Castle, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
p.channelexco.com
s-01.channelexco.com
3    4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
u.clarity.ms
3    212.36.83.215 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: w3.vdmy.dtic.es
ad.vidoomy.com
11    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
imprammp.taboola.com
10    184.28.88.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-88-244.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
3    18.158.70.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-70-98.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
7    154.54.250.80 (Saint-Denis, France)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    23.82.15.162 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
e.channelexco.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
vidoomy-d.openx.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
4    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
2    2600:9000:223d:8800:19:c363:bec0:93a1 (None, )

ASN- ()
cdn.stickyadstv.com
1    18.134.84.19 (None, )

ASN- ()
1f2e7.v.fwmrm.net
1    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
1    142.250.185.226 (None, )

ASN- ()
cm.g.doubleclick.net
1    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
44 ambito.com
www.ambito.com — Cisco Umbrella Rank: 194350
media.ambito.com — Cisco Umbrella Rank: 302440
usuarios.ambito.com — Cisco Umbrella Rank: 752276
333 KB
32 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 905
pm-widget.taboola.com — Cisco Umbrella Rank: 3371
trc.taboola.com — Cisco Umbrella Rank: 699
15.taboola.com — Cisco Umbrella Rank: 8376
am-trc-events.taboola.com — Cisco Umbrella Rank: 18713
vidstat.taboola.com — Cisco Umbrella Rank: 3781
imprammp.taboola.com — Cisco Umbrella Rank: 23341
am-match.taboola.com — Cisco Umbrella Rank: 23690
am-vid-events.taboola.com — Cisco Umbrella Rank: 22209
pips.taboola.com — Cisco Umbrella Rank: 1733
cds.taboola.com — Cisco Umbrella Rank: 1834
342 KB
17 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 653
cdn.stickyadstv.com
141 KB
16 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 10242
ads.pubmatic.com — Cisco Umbrella Rank: 598
vid.pubmatic.com — Cisco Umbrella Rank: 16142
st.pubmatic.com — Cisco Umbrella Rank: 1385
94 KB
15 ex.co
player.ex.co — Cisco Umbrella Rank: 11345
collector-1.ex.co — Cisco Umbrella Rank: 11674
mcd.ex.co — Cisco Umbrella Rank: 21124
cdn.ex.co — Cisco Umbrella Rank: 12138
685 KB
12 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 33597
vpaid.vidoomy.com — Cisco Umbrella Rank: 3809
a.vidoomy.com — Cisco Umbrella Rank: 3298
ad.vidoomy.com — Cisco Umbrella Rank: 29470
123 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 783
u.clarity.ms — Cisco Umbrella Rank: 7176
c.clarity.ms — Cisco Umbrella Rank: 1541
28 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
cm.g.doubleclick.net Failed
175 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2406
21 KB
4 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 421
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 7900
2 KB
4 portalbeneficios.click
portalbeneficios.click
113 KB
3 openx.net
vidoomy-d.openx.net — Cisco Umbrella Rank: 48660
234 B
3 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 12981
s-01.channelexco.com — Cisco Umbrella Rank: 111955
e.channelexco.com — Cisco Umbrella Rank: 12273
2 KB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 6835
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 3163
108 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 194
3 KB
3 thinkindot.com
cdn.thinkindot.com — Cisco Umbrella Rank: 196529
tracker.thinkindot.com — Cisco Umbrella Rank: 171327
1 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4931
onesignal.com — Cisco Umbrella Rank: 1605
66 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1811
at.teads.tv — Cisco Umbrella Rank: 6493
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
287 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
3 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 522
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 751
1 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8139
126 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
2 unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 21227
loader.unblockia.com — Cisco Umbrella Rank: 21305
35 KB
1 amazon-adsystem.com
s.amazon-adsystem.com
479 B
1 adsrvr.org
match.adsrvr.org
149 B
1 fwmrm.net
1f2e7.v.fwmrm.net
599 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
762 B
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 499
431 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 922
359 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 389
235 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
51 KB
1 adzonestatic.com
s1.adzonestatic.com — Cisco Umbrella Rank: 109032
26 KB
1 retargetly.com
api.retargetly.com — Cisco Umbrella Rank: 6567
588 B
1 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 8928
47 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1009
7 KB
1 s-adzone.com
s-adzone.com — Cisco Umbrella Rank: 159679
11 KB
208 39
Domain Requested by
41 www.ambito.com portalbeneficios.click
www.ambito.com
15 ads.stickyadstv.com 5 redirects portalbeneficios.click
vpaid.vidoomy.com
cdn.stickyadstv.com
12 cdn.taboola.com portalbeneficios.click
cdn.taboola.com
9 am-trc-events.taboola.com portalbeneficios.click
cdn.taboola.com
7 mcd.ex.co portalbeneficios.click
vpaid.vidoomy.com
player.ex.co
7 a.vidoomy.com portalbeneficios.click
vpaid.vidoomy.com
6 vpaid.pubmatic.com vpaid.vidoomy.com
4 st.pubmatic.com portalbeneficios.click
4 ads.pubmatic.com vpaid.pubmatic.com
4 cdn.ex.co portalbeneficios.click
player.ex.co
cdn.ex.co
4 www.google-analytics.com portalbeneficios.click
www.google-analytics.com
4 portalbeneficios.click portalbeneficios.click
vpaid.vidoomy.com
3 vidoomy-d.openx.net vpaid.vidoomy.com
3 optimized-by.rubiconproject.com vpaid.vidoomy.com
3 ad.vidoomy.com vpaid.vidoomy.com
3 u.clarity.ms vpaid.vidoomy.com
3 events.newsroom.bi sdk.mrf.io
vpaid.vidoomy.com
3 sb.scorecardresearch.com 1 redirects portalbeneficios.click
3 securepubads.g.doubleclick.net portalbeneficios.click
securepubads.g.doubleclick.net
3 www.googletagmanager.com portalbeneficios.click
www.google-analytics.com
2 cdn.stickyadstv.com vpaid.vidoomy.com
cdn.stickyadstv.com
2 vid.pubmatic.com vpaid.pubmatic.com
2 c.clarity.ms 1 redirects
2 usuarios.ambito.com www.ambito.com
2 collector-1.ex.co player.ex.co
vpaid.vidoomy.com
2 trc.taboola.com cdn.taboola.com
vpaid.vidoomy.com
2 www.facebook.com portalbeneficios.click
2 region1.analytics.google.com www.googletagmanager.com
vpaid.vidoomy.com
2 tracker.thinkindot.com cdn.thinkindot.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 pixel.tapad.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 www.google.de portalbeneficios.click
2 at.teads.tv a.teads.tv
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 player.ex.co portalbeneficios.click
player.ex.co
2 www.clarity.ms portalbeneficios.click
www.clarity.ms
2 connect.facebook.net portalbeneficios.click
connect.facebook.net
2 cdn.onesignal.com portalbeneficios.click
cdn.onesignal.com
1 s.amazon-adsystem.com
1 match.adsrvr.org
1 1f2e7.v.fwmrm.net 1 redirects
1 cds.taboola.com vpaid.vidoomy.com
1 pips.taboola.com vpaid.vidoomy.com
1 e.channelexco.com cdn.ex.co
1 cm.g.doubleclick.net
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 c.bing.com 1 redirects
1 s-01.channelexco.com portalbeneficios.click
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com vpaid.vidoomy.com
1 p.channelexco.com vpaid.vidoomy.com
1 gum.criteo.com cdn.taboola.com
1 onesignal.com cdn.onesignal.com
1 loader.unblockia.com cdn.unblockia.com
1 region1.google-analytics.com www.googletagmanager.com
1 sync.crwdcntrl.net 1 redirects
1 pixel.rubiconproject.com portalbeneficios.click
1 x.bidswitch.net portalbeneficios.click
1 vpaid.vidoomy.com ads.vidoomy.com
1 www.google.com portalbeneficios.click
1 pagead2.googlesyndication.com cdn.unblockia.com
1 s1.adzonestatic.com s-adzone.com
1 cdn.thinkindot.com portalbeneficios.click
1 api.retargetly.com portalbeneficios.click
1 sdk.mrf.io portalbeneficios.click
1 static.cloudflareinsights.com portalbeneficios.click
1 media.ambito.com portalbeneficios.click
1 cdn.unblockia.com portalbeneficios.click
1 ads.vidoomy.com portalbeneficios.click
1 s-adzone.com portalbeneficios.click
1 a.teads.tv portalbeneficios.click
208 74
Subject Issuer Validity Valid
portalbeneficios.click
R11		 2024-06-10 -
2024-09-08		 3 months crt.sh
*.ambito.com
AlphaSSL CA - SHA256 - G4		 2023-11-23 -
2024-12-24		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
teads.tv
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
s-adzone.com
Cloudflare Inc ECC CA-3		 2024-01-14 -
2024-12-31		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
*.unblockia.com
Amazon RSA 2048 M03		 2024-01-23 -
2025-02-20		 a year crt.sh
onesignal.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
media.ambito.com
WR3		 2024-05-29 -
2024-08-27		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-20 -
2024-06-18		 3 months crt.sh
sdk.mrf.io
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
retargetly.com
E5		 2024-06-10 -
2024-09-08		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.thinkindot.com
ZeroSSL ECC Domain Secure Site CA		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2024-06-09 -
2025-07-11		 a year crt.sh
s1.adzonestatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-26 -
2024-12-25		 a year crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.de
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-15 -
2024-08-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-04-03		 a year crt.sh
*.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-09 -
2025-02-08		 a year crt.sh
*.tracker.thinkindot.com
Amazon RSA 2048 M03		 2024-05-12 -
2025-06-10		 a year crt.sh
ssl03.cert.cl13.k8s.mrf.io
R3		 2024-04-18 -
2024-07-17		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-15 -
2024-07-10		 3 months crt.sh
*.channelexco.com
R11		 2024-06-09 -
2024-09-07		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh

This page contains 10 frames:

Primary Page: https://portalbeneficios.click/
Frame ID: AE9976EBC8F437FE869B5926CBD22D3C
Requests: 188 HTTP requests in this frame

Frame: https://www.ambito.com/_post/viewerpdfjs.php?file=https://www.ambito.com/adjuntos/239/documentos/041/572/0041572544.pdf
Frame ID: 25200124FFA3D661FAAAC8CE6F2FA278
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ex.co/sync/0.0.1-7abf705/cookie_sync.html?network=368531133%2C693668433&gdpr=0&gdpr_consent=
Frame ID: CE0B608E478400E794775602AB82CAD7
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66261475&crid=5367395&dast=V9FeoCABYDAARljxYNB6QdBAAEZY8WDQekHQUAAAAABgYA9AcAJLdcbTa-3W6tW-4Ga9Fst3ELF4bNWrNZDHfLjctkGdmGAEBSo5VpMHKZ1hLDyrUWLVfDtcQ4GLklnolvtNiYRraRbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAvNB0Onyue73u97sr3Ban6W_X-N1-lcdv97udDr_EYff43Rqn6-QwuTWvi8NzergVrtPf81b7TX_PW_mW-p0Pz1vjd_vdCo_HZXJZ3nLbYDFZLSZzAAAAAAB4AACIMh-DAPgBBACIAAAAAACQAAAAAACgAAioAPi3ABC4AAAAAADAAAA4CArWAACA4gAwCIfH6LL7AwAA4CECBAAAQACDBACAIDK5BABAo_D3BAAAAAAAAAAAgAXg____PwZgYD5iXAYAAAShrwcA4MEHAOCBCACgAEayCIARAAAAAEDUVwHJEcAkgE4AqAAsqgAAAAjSrQAArgAAAAIgD7JRE8MAAAAABMYAFuhh8fvNDrvG73YZAAAAAAAAAACAGcD_GcA_GoDQkgduGgCQcDiSGsAvIADAGsAvIAAAG4C6AQAAvAEIwAEEHQBBKwaD1QEoxG44W-xGo9VudgAAAAAAdwD_____egAg5rK5jMPVaLOcDRaezWzhmDg3NtPMNlmsZibHyHsA5eMBDRxYMwp9ACHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD-ACVuMVpPJZjmcLReTwXA0HI32BzAQk9UAASZisFxOJovJbjVajTbD3Wg2WCCAQAwmCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgxGTbzTa7mVu5WK3cosnK41b4Vra1yDNaeFwu22hjGK1Fr4_pZFusXK6VFwECTfciuEgnOsvr8He4LU7T361wW5ymv0Us0Zws0olELBGcLtKJ6GU8XcQSydMinagms8XK5fFYRhaPxzZcjTzOmWnjm7gmG5Nvt5lYxBKl6SKd6FUev93vdjr8Eofd43drnK6Tw-TWvC4Oz-nhVrhOf89b7Tf9PW_lW-p3Pjxvjd_tdys8HpfJZXnLbYPFZLWYTNR_BFDAxVy5mqvmmtkqAQAAAAAAAAAALAFsAgAAAABwAhjIcjmarZYLABCx-6YL8OMoO415X5-xC7DkyPcN2EL6dQwgcZbX4e9wW5ymv1vhtjhNfysDAETsrjEDbAbwDEAQa7Va1gAAAAAC2AAAAAAB3AC6AXgDCDiv4wD_____-wBAUZUeuFHrhfwABbEbzYb7BwAQoBBrtVo-X6zVagkE_P___xMEAAAAAAAAEPEUBAAAAAAAAAx9GgQAAAAAAAD0yCUEVAgwGKLl73Z5ISA!&cmcv=&pix=undefined&cb=1718118623965&uv=3406&tms=1718118623965&abt=adxsub-out_vA!adxsub-out_vB!esv_vC!moatsmpl_vA!pl157290-537_vA!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7953c777-7970-467c-8a03-331879ced2d6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: CD9E2D280674DE11CD8D4AD5E33A1FAB
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V9FeoCABYDAARljxYNB6QdBAAEZY8WDQekHQUAAAAABgYA9AcAJLdcbTa-3W6tW-4Ga9Fst3ELF4bNWrNZDHfLjctkGdmGAEBSo5VpMHKZ1hLDyrUWLVfDtcQ4GLklnolvtNiYRraRbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAvNB0Onyue73u97sr3Ban6W_X-N1-lcdv97udDr_EYff43Rqn6-QwuTWvi8NzergVrtPf81b7TX_PW_mW-p0Pz1vjd_vdCo_HZXJZ3nLbYDFZLSZzAAAAAAB4AACIMh-DAPgBBACIAAAAAACQAAAAAACgAAioAPi3ABC4AAAAAADAAAA4CArWAACA4gAwCIfH6LL7AwAA4CECBAAAQACDBACAIDK5BABAo_D3BAAAAAAAAAAAgAXg____PwZgYD5iXAYAAAShrwcA4MEHAOCBCACgAEayCIARAAAAAEDUVwHJEcAkgE4AqAAsqgAAAAjSrQAArgAAAAIgD7JRE8MAAAAABMYAFuhh8fvNDrvG73YZAAAAAAAAAACAGcD_GcA_GoDQkgduGgCQcDiSGsAvIADAGsAvIAAAG4C6AQAAvAEIwAEEHQBBKwaD1QEoxG44W-xGo9VudgAAAAAAdwD_____egAg5rK5jMPVaLOcDRaezWzhmDg3NtPMNlmsZibHyHsA5eMBDRxYMwp9ACHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD-ACVuMVpPJZjmcLReTwXA0HI32BzAQk9UAASZisFxOJovJbjVajTbD3Wg2WCCAQAwmCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgxGTbzTa7mVu5WK3cosnK41b4Vra1yDNaeFwu22hjGK1Fr4_pZFusXK6VFwECTfciuEgnOsvr8He4LU7T361wW5ymv0Us0Zws0olELBGcLtKJ6GU8XcQSydMinagms8XK5fFYRhaPxzZcjTzOmWnjm7gmG5Nvt5lYxBKl6SKd6FUev93vdjr8Eofd43drnK6Tw-TWvC4Oz-nhVrhOf89b7Tf9PW_lW-p3Pjxvjd_tdys8HpfJZXnLbYPFZLWYTNR_BFDAxVy5mqvmmtkqAQAAAAAAAAAALAFsAgAAAABwAhjIcjmarZYLABCx-6YL8OMoO415X5-xC7DkyPcN2EL6dQwgcZbX4e9wW5ymv1vhtjhNfysDAETsrjEDbAbwDEAQa7Va1gAAAAAC2AAAAAAB3AC6AXgDCDiv4wD_____-wBAUZUeuFHrhfwABbEbzYb7BwAQoBBrtVo-X6zVagkE_P___xMEAAAAAAAAEPEUBAAAAAAAAAx9GgQAAAAAAAD0yCUEVAgwGKLl73Z5ISA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 4777BAFA56B3488A63F0AB8263703C12
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=912739&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Frame ID: 0C870039FE5B9D8E93C72DC246A846C2
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE8B30B08476D3CCC92F5103A3C9C71C
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=201577&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Frame ID: 5CDD96021B6744340218D09F297B2709
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BE2BD2022B3FECCAF1523A99E602B9E9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 7630AA04A7461744E1F672E93397B208
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Banco Ciudad subasta autos, motos y joyas: ¿cómo acceder?

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

208
Requests

93 %
HTTPS

31 %
IPv6

39
Domains

74
Subdomains

61
IPs

10
Countries

2672 kB
Transfer

8330 kB
Size

50
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://sb.scorecardresearch.com/cs/14587093/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 66
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dbc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253Dbc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Dbc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Dbc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553
Request Chain 109
  • https://ads.stickyadstv.com/user-matching?id=3474&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=60b97b8ca548c68686e0e92ee627382&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 138
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7250B1E33B954C32B0115E4E86BDD86C&RedC=c.clarity.ms&MXFR=2964087BA111607D00E61CE0A5116E76 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7250B1E33B954C32B0115E4E86BDD86C&MUID=01484B3AA393677B292F5FA1A23F66A9
Request Chain 150
  • https://vidoomy-d.openx.net/v/1.0/av?auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=140560&vwd=400&vht=225&gdpr=0&gdpr_consent=& HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=140560&vwd=400&vht=225&gdpr=0&gdpr_consent=& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl
Request Chain 155
  • https://vidoomy-d.openx.net/v/1.0/av?auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=492874&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=& HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=492874&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 163
  • https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=668291&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent= HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=559614560&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=668291&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl
Request Chain 195
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=null&gpp_sid=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=60b97b8ca548c68686e0e92ee627382&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml147b_7380972077803659419&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 198
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjBiOTdiOGNhNTQ4YzY4Njg2ZTBlOTJlZTYyNzM4Mg==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=
Request Chain 199
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=60b97b8ca548c68686e0e92ee627382&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=

208 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portalbeneficios.click/ 		112 KB
112 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portalbeneficios.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.133.18.32 Moscow, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
Apache /
Resource Hash
f66036a0eda442cc13a7226cf7a8c1d4264b4da8daae5985c989c12dff353c80

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 11 Jun 2024 15:10:20 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
red-hat-display-v14-latin-700.woff2
www.ambito.com/css-custom/239/v3/fonts/red-hat-display/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/red-hat-display/red-hat-display-v14-latin-700.woff2
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7765ac7593e681f14425fd76491f25b19b788d26baacfd3b5f9cf294276daf3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
2217314
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
content-length
12952
x-vc-ttl-r
30815717.206
x-vc
86057500 3047759
last-modified
Mon, 06 May 2024 04:06:07 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6638572f-3298"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 04:55:40 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
89228706c9bb9253-FRA
work-sans-v17-latin-regular.woff2
www.ambito.com/css-custom/239/v3/fonts/work-sans/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/work-sans/work-sans-v17-latin-regular.woff2
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbfd192961150faaa5762d0bf7a6fc352ae6db0e0bc505b815804a026016079
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
2213446
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
17996
x-vc-ttl-r
30819585.718
x-vc
89985964 9481996
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6645864d-464c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 06:00:08 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
89228706c9bf9253-FRA
work-sans-v17-latin-500.woff2
www.ambito.com/css-custom/239/v3/fonts/work-sans/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/work-sans/work-sans-v17-latin-500.woff2
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b600df8455648023dfbccd3ccae357062aafd584c4b5c3aa24a6054874a7c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
2217314
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
content-length
18868
x-vc-ttl-r
30815717.213
x-vc
85622563 10092852
last-modified
Thu, 16 May 2024 04:06:36 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6645864c-49b4"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 04:55:40 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
89228706c9c99253-FRA
work-sans-v17-latin-600.woff2
www.ambito.com/css-custom/239/v3/fonts/work-sans/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/work-sans/work-sans-v17-latin-600.woff2
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e4b5e80414907bfc785f4b1403a0c74f46ea9099cb96f6450e3da7bd9f6b7f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
2217314
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
content-length
18976
x-vc-ttl-r
30815717.210
x-vc
88975354 9864399
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6645864d-4a20"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 04:55:40 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
89228706c9ca9253-FRA
work-sans-v17-latin-700.woff2
www.ambito.com/css-custom/239/v3/fonts/work-sans/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/work-sans/work-sans-v17-latin-700.woff2
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f630ed4887414ba3efcb59aec6e70da814430713f4b13d4960720e6e9e01de50
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
2180630
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
18892
x-vc-ttl-r
30852401.972
x-vc
88753022 3940403
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6645864d-49cc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 15:07:04 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
89228706c9c79253-FRA
nota-version-1717301125.css
www.ambito.com/css-custom/239/v3/ 		208 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6ab75846a00293cda4064b817e06bea3274373a57f059c6e05bd98cc3e8dd6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
748800
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
27844
x-vc-ttl-r
32284231.170
x-vc
89360583 832708748
last-modified
Sat, 01 Jun 2024 04:06:16 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"665a9e38-3405f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-vc-d-date
Sun, 02 Jun 2024 04:50:53 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
89228706c9b79253-FRA
js
www.googletagmanager.com/gtag/ 		257 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7S8VLCSZ03
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85f175f02bf0675979c1231b4dd7f2ef09f17b0b329ddcf79d37e0b9339157a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92241
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 15:10:21 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
IwRCxZF1T4gMT4TMeNkDrOCkruVfKfAe
date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
br
last-modified
Wed, 28 Feb 2024 14:26:38 GMT
x-amz-request-id
HGBZJM9R3P9F2FZS
etag
"d86492df4bad2a485597bfa437c78ad2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3393
x-amz-id-2
RfKQPGsIOfNW0/HBqoM2w7i3CPVvrnCnUONTJFAVH00Ucl2NzMAqWeTH37dXsXdrbwJD0WJZqrg=
js
www.googletagmanager.com/gtag/ 		314 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R2YG5ZTEZ7
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11f4823b7919e2bb5626a0f1f470d1679017a1b023a3773d17822ccb4e511734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106475
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 15:10:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3ff90b7ee8fdad8204c821cd1906ebd4f8eed9712ccf784907638b8f9b7beeb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30784
x-xss-protection
0
server
cafe
etag
333 / 19885 / m202406060101 / config-hash: 1190714935581508286
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 11 Jun 2024 15:10:21 GMT
10010_ambito-2023-01.js
s-adzone.com/c/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-adzone.com/c/10010_ambito-2023-01.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df5116c05568ffa259656329334fd14fcd78606d8a6a0bbfd8e6cbe9ad8ea3e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:21 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 21 Mar 2024 20:11:11 GMT
Server
cloudflare
Age
3085
ETag
W/"d8ac069709377f27a6a70e777b06288c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=1200
Connection
keep-alive
CF-RAY
89228708cbf39072-FRA
Expires
Tue, 11 Jun 2024 15:30:21 GMT
ambito_3089.js
ads.vidoomy.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/ambito_3089.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:ca3a::4 London, United Kingdom, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
/
Resource Hash
010e654c71e3357fd776ac8dbe29c2885b38fc68148d50c8a8a5f5ebf27f345f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 13:19:14 GMT
content-encoding
gzip
tp-cache
hit
age
6666
vary
, Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
accept-ranges
bytes
h.js
cdn.unblockia.com/ 		164 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c800:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 09:44:13 GMT
x-amz-version-id
m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
content-encoding
br
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
19569
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
fb4d4b7b1d35720e2d2481016ef4369b
last-modified
Tue, 20 Jun 2023 10:06:46 GMT
server
AmazonS3
etag
W/"bc5af0220c4116294c4e9c72ae4e244c"
vary
Accept-Encoding, Origin
x-amz-meta-codebuild-content-sha256
02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
content-type
application/x-javascript
x-amz-cf-id
q3XDQB7FkhD5fMGhshEa3a1vlBwVxt3y6PyfylOIBhRfwS-vZEkPHQ==
TdWebPushv16-min-version-1717301099.js
www.ambito.com/libs/OneSignalSDKFiles/ 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/libs/OneSignalSDKFiles/TdWebPushv16-min-version-1717301099.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f2f5b344e54ccfdcc3355f7abb2b9e947db74411cdab7547941a09f19f4cddd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814113
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0de7fff37a5b09e02
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.964
x-vc
950632832
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:50:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:50:55 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
89228708687a377c-FRA
OneSignalSDK.page.js
cdn.onesignal.com/sdks/web/v16/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1cc8e2214a41a9230081c383912319694ad158fac9483a22ec3f6230af88826
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
191
etag
W/"e97acd0bc7104d45af67c0c1d883418e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
89228708cbbe4d50-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 14 Jun 2024 15:10:21 GMT
lazyLoad-observer-td4-min-version-1717301221.js
www.ambito.com/vendor/lazyLoad/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f5f23f115914d5f51cd794a4621fdf747df12358d96d2d4325a055d73611d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814113
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0f4b2890e63892837
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.944
x-vc
950567535
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:50:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:50:51 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
89228708687e377c-FRA
header_desktop-min-version-1717301131.js
www.ambito.com/js-custom/239/v3/ 		2 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/v3/header_desktop-min-version-1717301131.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0242e200bfa0b9df4be4e2c6ce636f9d6843ee6b4cf3381631e3b92a4be68f31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814113
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0071a2e9f6ff6fb6b
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.965
x-vc
950175535
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:50:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:50:55 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287086882377c-FRA
lazy.svg
www.ambito.com/css-custom/239/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/lazy.svg
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62bd1543d9a8c144a1082c503a2e06ccbe151fafd0ee5e725049de2e74dabeb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
7765708
x-vc-age
874009
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
1073
x-vc
244662182 4778486
last-modified
Sun, 19 Nov 2023 04:05:35 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6559898f-845"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Mon, 20 Nov 2023 12:38:56 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287082806377c-FRA
email-decode.min.js
portalbeneficios.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://portalbeneficios.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.133.18.32 Moscow, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:21 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
banco-ciudadjpg.jpg
media.ambito.com/p/f4a0b54fa8d28a6f22f24a2be28d4f8e/adjuntos/239/imagenes/041/556/0041556452/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.ambito.com/p/f4a0b54fa8d28a6f22f24a2be28d4f8e/adjuntos/239/imagenes/041/556/0041556452/banco-ciudadjpg.jpg
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.149.35 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.149.120.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
7f17fbc6f5cc60175ecb8e5b9c5f80f5bac51b3bc8529c99319b0cd865934f58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15552000
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
860
date
Mon, 10 Jun 2024 11:04:09 GMT
age
101172
cdn-cachedat
06/10/2024 10:59:08
cdn-pullzone
132919
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24318
t-s-path
Path adjuntos/239/imagenes/041/556/0041556452/banco-ciudadjpg.jpg
t-via
TDImages
last-modified
Mon, 10 Jun 2024 10:59:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
x-thinkindot-l3
TDImages-ECS
server
cloudflare
vary
Accept, Accept-Encoding
content-type
image/webp
cdn-cache
MISS
access-control-allow-origin
*
cdn-uid
5269bb51-2f9a-4530-bb44-6b6ca00c470a
cache-control
public,max-age=31536000
cdn-requestid
e82be59874cdaf3ab55ce230939cbcbb
accept-ranges
bytes
t-path
adjuntos/239/imagenes/041/556/0041556452.jpg
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8918e101cd35bba1-FRA
cdn-requestpullsuccess
True
current-min-version-1717301100.js
www.ambito.com/libs/comscore-videometrix/ 		209 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/libs/comscore-videometrix/current-min-version-1717301100.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d73362d88d5a368f7f157fbcc983c84cba5b13e310207b88a4c0a581189445
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814112
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0f92ae87b8f848593
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.912
x-vc
929501760
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:50:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:50:55 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287087884377c-FRA
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
89228708cef437cb-FRA
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 13:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5358
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 11 Jun 2024 15:41:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jun 2024 15:10:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
fxJ7+Sc9itrauT3tELnZ2sE44OOt6RUkxqfHi+DCp8Nu4fnzsYxLIUVwjLUML4o3x/jrcZiB8kR/hTuosaz/Yg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
1
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=2541
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e1e06c2f3427fe7af44fe0bd0f815377b06d9fdfe10bad97f4479efe85c0fb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
1ms
date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 15:10:21 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
16
accept-ranges
bytes
cf-ray
89228708bd28692b-FRA
alt-svc
h3=":443"; ma=86400
content-length
47987
loader
api.retargetly.com/ 		0
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/loader?id=227
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xug5a60xoM%2FIpdJdkJjmb0EnmA%2Bu6ANdKak1EvkD%2BZ%2F8SfXG346eNPhE38MfmkdqaEBJvx6KxxEaLVmBIm%2BGXgaSNWrxlPsoL9fCH91%2Fr0%2FYlug6KwrEnirbYLeW084OK0yEa3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
892287092b0fa043-FRA
alt-svc
h3=":443"; ma=86400
expires
0
loader.js
cdn.taboola.com/libtrc/grupoambito-ambito/ 		353 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afa9ab114550ee9fdd581c3fbc7805cf623159d2cbf586bb7810fcc8cbc3be4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
AvlGoSxRuzTw1nS1ubH6sZq9EKD4gVRD
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:21 GMT
x-amz-request-id
0RXSXAA8DYNS2JD6
age
164
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
52962
x-amz-id-2
oAakrtwCzyQKig1+BdG4UiiP3p3ozL8vbTWJf80QYK+HFoUMSMvO43mgjp1k+gXlXqRGEe/2AYs=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 04 Jun 2024 09:02:51 GMT
server
AmazonS3
x-timer
S1718118622.647563,VS0,VE2
etag
"e91cf0b3808e0c69acb137e009ccfd17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
b98rim6bca
www.clarity.ms/tag/ 		637 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/b98rim6bca
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4bd27ea95d587b3842483c5822d8aaca1459d9193a013789604070e74421844c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Tue, 11 Jun 2024 15:10:22 GMT
x-azure-ref
20240611T151021Z-16577d9575d7f6xb79un0dwtsw0000000crg000000006da9
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
tracker-1.4.min.js
cdn.thinkindot.com/tracker/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thinkindot.com/tracker/tracker-1.4.min.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1299 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a18c48183be4d58974125c0252755f24c9d8127567fde624755afe7d21c1422

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 18:25:34 GMT
server
cloudflare
x-amz-request-id
PZSAKDJPZ4RGM79E
age
5454
etag
W/"9d772371a943aa2156c157575d65a32f"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8922870959eca040-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wjwg4RgHS97+aszYPwvsode7XP3WHlIruMYTHgyw0cBu8R2U5dDXsbTl4qw8kVCK+sZU9uwNjow=
394c8479-8534-4988-9fef-2cb91839b0ef
player.ex.co/player/ 		531 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/394c8479-8534-4988-9fef-2cb91839b0ef
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3af129907c63948d355137d252e6629956bfddd5fe911a12d079d11b475569b0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
18668
x-cache
HIT, HIT
content-length
173840
x-served-by
cache-iad-kjyo7100060-IAD, cache-fra-etou8220079-FRA
server
nginx
x-timer
S1718118622.672523,VS0,VE2
etag
W/"84c25-qbimPgGCy0yE/Z7V30jqP6j7ExU"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 1
viewerpdfjs.php
www.ambito.com/_post/ Frame 2520 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/_post/viewerpdfjs.php?file=https://www.ambito.com/adjuntos/239/documentos/041/572/0041572544.pdf
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89228708aaff918c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Jun 2024 15:10:21 GMT
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-td-cacheable
NO:Not Cacheable
x-td-control
CC:; CCT:; TOUCH:
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0de7fff37a5b09e02
x-vc
106567983
x-vc-age
0
x-vc-cache
pass uncacheable
x-vc-d-date
Tue, 11 Jun 2024 15:10:21 GMT
x-vc-ttl
0.000
x-vc-ttl-r
-0.000
email-decode.min.js
portalbeneficios.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://portalbeneficios.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.133.18.32 Moscow, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:21 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
search.svg
www.ambito.com/css-custom/239/v3/icons/ 		545 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/search.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ccd623d8f06089da825c4e36a0aae8cd1ef68ffc0661b758801a6f7c67bd24d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2213446
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
345
x-vc-ttl-r
30819585.371
x-vc
86499293 10297131
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6645864d-221"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 06:00:08 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287094cc59253-FRA
twitter.svg
www.ambito.com/css-custom/239/v3/icons/ 		336 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/twitter.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a1923cf97cf48944ce7d438774a31a7196bd0fa420d08567ef02277fd8c234
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2213446
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
260
x-vc-ttl-r
30819585.193
x-vc
86057506 10297125
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6645864d-150"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 06:00:08 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287094cc89253-FRA
facebook-f.svg
www.ambito.com/css-custom/239/v3/icons/ 		430 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/facebook-f.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c794f4950481a5699b82d303098ab9cb9ae5e47634e81b516711e703f5b6dc7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2213393
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
270
x-vc-ttl-r
30819638.890
x-vc
89360587 8432951
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6645864d-1ae"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 06:01:01 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287094cca9253-FRA
instagram.svg
www.ambito.com/css-custom/239/v3/icons/ 		586 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/instagram.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec84fcc76e87a61418fb86c06589df6a0316a1258b8e9e8de013bddbd14a561c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-vc-age
1019749
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
32013282.959
x-vc
86598133 544276504
last-modified
Wed, 29 May 2024 04:06:13 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6656a9b5-24a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 30 May 2024 01:35:06 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287095cd89253-FRA
linkedin.svg
www.ambito.com/css-custom/239/v3/icons/ 		388 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/linkedin.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a2f6884816dd87300f1678f0d55cb382bdabf45f4181a81a6a609b15aace43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2217313
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
268
x-vc-ttl-r
30815718.007
x-vc
87335544 10715377
last-modified
Mon, 06 May 2024 04:06:08 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"66385730-184"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 04:55:41 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287095cd99253-FRA
youtube.svg
www.ambito.com/css-custom/239/v3/icons/ 		528 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/youtube.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8637449e669fb7718f7aa4b64e461e8029bc673fe08a0b63e89267c26986cd3a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2213444
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
300
x-vc-ttl-r
30819587.517
x-vc
87248905 11567500
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6645864d-210"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 06:00:10 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287095cda9253-FRA
user.svg
www.ambito.com/css-custom/239/v3/icons/ 		642 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/user.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0064b31095030329871fb8c7749eb8c31893d166174a1b533ced7259ebfcd77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-vc-age
1019749
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
32013282.962
x-vc
89495818 507674685
last-modified
Wed, 29 May 2024 04:06:13 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6656a9b5-282"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 30 May 2024 01:35:06 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287095cdc9253-FRA
whatsapp.svg
www.ambito.com/css-custom/239/v3/icons/ 		1 KB
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/whatsapp.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679f515c44d1a9aa8795203dc6247ce01b14b6b9cd3b6ba9da88cad6b30dbe72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2180630
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
641
x-vc-ttl-r
30852401.750
x-vc
88554650 20845505
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6645864d-462"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 15:07:04 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287095cde9253-FRA
facebook-circle.svg
www.ambito.com/css-custom/239/v3/icons/ 		345 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/facebook-circle.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3226fe1e77a4d987a5a69594483838a1041a2f56b946ffd4a4413ae278b5b9d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2217314
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
content-length
254
x-vc-ttl-r
30815717.778
x-vc
89985968 10125780
last-modified
Tue, 07 May 2024 04:06:54 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6639a8de-159"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 04:55:41 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287095cdf9253-FRA
linkedin-square.svg
www.ambito.com/css-custom/239/v3/icons/ 		672 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/linkedin-square.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b2c8448a793e82a8d69cdb629fcda66b2dc9e2aa6656a35c6f63e5ecb01c87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2213446
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
421
x-vc-ttl-r
30819585.189
x-vc
89010699 7637285
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6645864d-2a0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 06:00:08 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287095ce09253-FRA
telegram-circle.svg
www.ambito.com/css-custom/239/v3/icons/ 		435 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/telegram-circle.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b1e642052553a85b8618ab767a7408084731872f98509530fdec0f5ce79bff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2217314
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
content-length
298
x-vc-ttl-r
30815717.784
x-vc
86598137 11043720
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6645864d-1b3"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 04:55:41 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287095ce29253-FRA
red-hat-display-v14-latin-500.woff2
www.ambito.com/css-custom/239/v3/fonts/red-hat-display/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/red-hat-display/red-hat-display-v14-latin-500.woff2
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa0b1b54d44ee47fb611209721f9b9cd318f7366c1371928cea35092238a785
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
2207586
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
12928
x-vc-ttl-r
30825445.919
x-vc
89395048 9497763
last-modified
Thu, 16 May 2024 04:06:36 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6645864c-3280"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 07:37:49 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
8922870a3d031e53-FRA
work-sans-v17-latin-300.woff2
www.ambito.com/css-custom/239/v3/fonts/work-sans/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/work-sans/work-sans-v17-latin-300.woff2
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9492cba6b410e194e36176c36a8f9f32a1a49849b3f5500c473028c9e8db0f44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
2213444
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
18740
x-vc-ttl-r
30819587.559
x-vc
88619820 10365154
last-modified
Thu, 16 May 2024 04:06:36 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6645864c-4934"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 06:00:10 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
8922870a3d0b1e53-FRA
red-hat-display-v14-latin-regular.woff2
www.ambito.com/css-custom/239/v3/fonts/red-hat-display/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/red-hat-display/red-hat-display-v14-latin-regular.woff2
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46411efde7c039cbba581507a1d1ced57d0a6aad4291483ea29b2eebeee0520d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
1019749
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
content-length
12320
x-vc-ttl-r
32013282.757
x-vc
85622565 377748115
last-modified
Wed, 29 May 2024 04:06:13 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6656a9b5-3020"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 30 May 2024 01:35:06 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
8922870a4d411e53-FRA
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=82042811&t=pageview&_s=1&dl=https%3A%2F%2Fportalbeneficios.click%2F&ul=de-de&de=UTF-8&dt=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%C2%BFc%C3%B3mo%20acceder%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1591271583&gjid=744284652&cid=1112003937.1718118622&tid=UA-489926-44&_gid=453419362.1718118622&_r=1&_slc=1&cd1=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%26iquest%3Bc%26oacute%3Bmo%20acceder%3F&cd2=&cd3=Nota&cd4=Econom%26iacute%3Ba&cd5=&cd6=&cd7=Banco%20Ciudad&cd8=subasta&cd9=Bolet%26iacute%3Bn%20Oficial&z=1698772671
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
641ddf79d229c01501c5ca0096528f6a881a4f400494694cd91220327b5acf9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=82042811&t=pageview&_s=1&dl=https%3A%2F%2Fportalbeneficios.click%2F&ul=de-de&de=UTF-8&dt=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%C2%BFc%C3%B3mo%20acceder%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAACAAI~&jid=1332544078&gjid=1779965512&cid=1112003937.1718118622&uid=&tid=UA-9245898-1&_gid=453419362.1718118622&_slc=1&cd1=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%26iquest%3Bc%26oacute%3Bmo%20acceder%3F&cd2=&cd3=Nota&cd4=Econom%26iacute%3Ba&cd5=&cd6=&cd7=Banco%20Ciudad&cd8=subasta&cd9=Bolet%26iacute%3Bn%20Oficial&cd10=&z=1590593716
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9245898-1&cid=1112003937.1718118622&jid=1332544078&gjid=1779965512&_gid=453419362.1718118622&_u=YGDAgEABAAAAAGAAI~&z=1937417387
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jun 2024 15:10:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=82042811&t=pageview&_s=2&dl=https%3A%2F%2Fportalbeneficios.click%2F&ul=de-de&de=UTF-8&dt=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%C2%BFc%C3%B3mo%20acceder%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAGAAI~&jid=&gjid=&cid=1112003937.1718118622&uid=&tid=UA-9245898-1&_gid=453419362.1718118622&cd1=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%26iquest%3Bc%26oacute%3Bmo%20acceder%3F&cd2=&cd3=Nota&cd4=Econom%26iacute%3Ba&cd5=&cd6=&cd7=Banco%20Ciudad&cd8=subasta&cd9=Bolet%26iacute%3Bn%20Oficial&cd10=&z=1827036077
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 11:24:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
13558
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/14587093/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 11 Jun 2024 04:06:59 GMT
content-encoding
gzip
via
1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
39803
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
eeCsaKFC8aACfjBL-vvzWPljE6yRj5S7ZpgVjda_42cApiCZqBBUPg==

Redirect headers

date
Tue, 11 Jun 2024 15:10:21 GMT
via
1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
IYFx24FU37FP1sAaqIeLcHAmMpqnaGGyfKHBE531wVqbPGgb4z2xZQ==
whatsapp-inv.svg
www.ambito.com/css-custom/239/v3/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/icons/whatsapp-inv.svg
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68087ae70291b95d32d26ee4f8805dfd829768e85dd7b730561cfe281a8980d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-vc-age
2215405
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
1003
x-vc-ttl-r
30817626.863
x-vc
86988001 9247350
last-modified
Thu, 16 May 2024 04:06:37 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"6645864d-844"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Thu, 16 May 2024 05:27:30 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
8922870a5d601e53-FRA
red-hat-display-v14-latin-600.woff2
www.ambito.com/css-custom/239/v3/fonts/red-hat-display/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/fonts/red-hat-display/red-hat-display-v14-latin-600.woff2
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36f9f9deafe1caa7265df74d8b4cfd96f28c26c47a504a0e3cbb6133f16c76e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.ambito.com/css-custom/239/v3/nota-version-1717301125.css
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
x-vc-age
1019749
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
vha6-origin
oregon-varnish-cache-node
alt-svc
h3=":443"; ma=86400
content-length
12856
x-vc-ttl-r
32013282.623
x-vc
88099571 539459611
last-modified
Wed, 29 May 2024 04:06:13 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"6656a9b5-3238"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-vc-d-date
Thu, 30 May 2024 01:35:06 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
8922870afe6d1e53-FRA
js
www.googletagmanager.com/gtag/ 		262 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7S8VLCSZ03&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae2d955068f6cee3d81b3c941a7c9843096e957ede5847f19b4daadff14c1b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94136
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 15:10:21 GMT
OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 		258 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160201
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7dd280e791355b7f6e369682a827331ac63a72f9464667a5f02e77a6c5bff63
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
191
etag
W/"8d9626ae2ebb9d6fa774cc728c36861f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8922870a9e5b4d50-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 14 Jun 2024 15:10:21 GMT
fpc
at.teads.tv/ 		0
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_10168&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=90769f5&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:22 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 11 Jun 2024 15:10:22 GMT
fpc
at.teads.tv/ 		0
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_10168&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=90769f5&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:22 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 11 Jun 2024 15:10:22 GMT
10003_adzone.23.22.js
s1.adzonestatic.com/c/ 		107 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adzonestatic.com/c/10003_adzone.23.22.js?b3022841
Requested by
Host: s-adzone.com
URL: https://s-adzone.com/c/10010_ambito-2023-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cce6b7e5c575481b656773ef7e5dc0506f72dc3c0dc314cf26a2d71a80ded3d1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 10 Jun 2024 20:19:31 GMT
date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
1639
x-guploader-uploadid
ABPtcPqObWwElAKxbdGtU0DpnTRNdG4ZJJVgt2Nfsxg5aTAXZaJEXAQK_ut7qjb9S5w9DX8f74HMskFtyQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25762
x-served-by
cache-sjc10022-SJC, cache-fra-etou8220086-FRA
last-modified
Mon, 10 Jun 2024 18:47:26 GMT
server
UploadServer
x-timer
S1718118622.089337,VS0,VE1
etag
"bc47d7e96ac248ea83a642b55445dc0c"
vary
Accept-Encoding
x-goog-generation
1718045246504637
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Mrbn5A==, md5=vEfX6WrCSOqDpkK1VEXcDA==
cache-control
public, max-age=3600
x-goog-stored-content-length
109965
accept-ranges
bytes
x-cache-hits
9, 0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
57c776b7a16603b5f6f4ef1727b1f9cc56c9688a571b017764b7da940f75954c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51913
x-xss-protection
0
server
cafe
etag
8004765802055280497
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 11 Jun 2024 15:10:21 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9245898-1&cid=1112003937.1718118622&jid=1332544078&_u=YGDAgEABAAAAAGAAI~&z=1011460682
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-9245898-1&cid=1112003937.1718118622&jid=1332544078&_u=YGDAgEABAAAAAGAAI~&z=1011460682
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406060101/ 		464 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
d5987bb602d77513b1f5c3a0f44ddaac8bf4e37e40010d58a08d49d775ef1edb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 10:16:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
17611
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147529
x-xss-protection
0
server
cafe
etag
16488185517777241390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Jun 2025 10:16:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		76 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portalbeneficios.click
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6558fc74bc6ee007e965b5b21f66d5d072ee0208dfbe37bd2a01d45f4ba16362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60
x-xss-protection
0
expires
Tue, 11 Jun 2024 15:10:21 GMT
vidoomy-player.js
vpaid.vidoomy.com/player/latest/ 		388 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Requested by
Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/ambito_3089.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5cb02d595757505062328ba3f97953e1571a762c77fec75668b5b82af11a2d24

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-amz-request-id
tx00000544c9cdc126b48a8-0066606e76-623bcf0-prg
x-accel-date-max
1717595767
x-77-cache
HIT
x-cache
HIT
x-amz-storage-class
STANDARD
x-age
522855
x-accel-date
1717595767
alt-svc
h3=":443"; ma=86400
x-77-nzt
A9RmOLQ3Nzf/Z/oHACUTwjQ3Nzf/AAAAAFm7vKYEqZ0A
x-accel-expires
@1718632567
x-77-age
522855
last-modified
Wed, 05 Jun 2024 13:55:59 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
atime:1717595755/ctime:1717595755/gid:116/gname:jenkins-exec/md5:4237c108fc46dc675056efbdbd6b3f8d/mode:33188/mtime:1717595755/uid:116/uname:jenkins-exec
etag
W/"4237c108fc46dc675056efbdbd6b3f8d"
x-77-nzt-ray
6d204d1197ae9dd8de6868668cbdda05
vary
Accept-Encoding
content-type
application/javascript
x-rgw-object-type
Normal
access-control-allow-credentials
true
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=vidoomy
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0c26bf0e0878be6b26493f33577d6373
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&gdpr=&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553
43 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
HTTP/1.1
Server
212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Tue, 11 Jun 2024 15:10:23 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

date
Tue, 11 Jun 2024 15:10:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=bc70e604-a849-4734-a04a-1dfe1b8c6852-666868de-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
auto-user-sync
ads.stickyadstv.com/ 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:22 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118622085058-577
2047048335588113
connect.facebook.net/signals/config/ 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2047048335588113?v=2.9.157&r=stable&domain=portalbeneficios.click&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
edc4aa8800cf83bdcf0fab2dd0f176cf5f37fd300dcda861bf3c0ebc92b50cd2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jun 2024 15:10:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=65, mss=1297, tbw=63512, tp=-1, tpl=-1, uplat=59, ullat=1
pragma
public
x-fb-debug
+f9lLabYnuWuxpvl1qVhLbG+zc0Vy8gKxoNSgJvAU/EtcpiyyMA74xIIyIyAUf4C31S3XNOXOALsxGoHKR4UYg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
load.js
pm-widget.taboola.com/grupoambito-ambito/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/grupoambito-ambito/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
277a2920eb2684d4205f54ba0d444a508ec4ee2f4d839a896163f6515a76fd3a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
YYjBMv5uwf05K0BMtkQlT5556epyI47L
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:22 GMT
x-amz-request-id
08CXK4NA0RHD06SC
age
2551
x-cache
HIT
content-length
1128
x-amz-id-2
uVkaWOn6yfAxrmJCnFxMhyA6pz3kGp8799aJKbtntDKlvaFUEkvyWaUI+3ptrsdaaAghigxN1Ec=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 05 Mar 2024 06:01:00 GMT
server
AmazonS3
x-timer
S1718118622.189611,VS0,VE2
etag
"48baf46912a858e9b22ec6a4c423b961"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
impl.20240604-4-RELEASE.js
cdn.taboola.com/libtrc/ 		896 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b206e457a3afb3c34f989018276af92d522aad5e46e445dcea675fbfe2ce042e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
v22jn3tKXWJ8OUG8MefqtxgJM_OmKEUn
content-encoding
br
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:22 GMT
x-amz-request-id
DSWGXVYG3M93AS3G
age
22734
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
185947
x-amz-id-2
zGRIm/JZx0fcs2pCTj0lsdqQS13ITosBNmBZEAadqDP7w7k4vDhz2lB/AOa26J0lskMP7DNMsic=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 04 Jun 2024 08:51:24 GMT
server
AmazonS3-br
x-timer
S1718118622.001547,VS0,VE0
etag
"4c698741f9f32e52fe747d15882bf0e5"
vary
Accept-Encoding
content-type
application/javascript
abp
66
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
46158
event
tracker.thinkindot.com/ingest/ 		21 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracker.thinkindot.com/ingest/event
Requested by
Host: cdn.thinkindot.com
URL: https://cdn.thinkindot.com/tracker/tracker-1.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.69.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-69-90.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
0ec14c19bec9cdd6d6863682b6a23b4e9d816546eef9a0b2d48949bbd36bac16

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 11 Jun 2024 15:10:22 GMT
x-powered-by
Express
content-length
21
etag
W/"15-uFFjCr0SbbbFb/CsC0M2sF++swo"
content-type
application/json; charset=utf-8
event
tracker.thinkindot.com/ingest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracker.thinkindot.com/ingest/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.69.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-69-90.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://portalbeneficios.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Tue, 11 Jun 2024 15:10:22 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
config
player.ex.co/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/config?sfid=0016M00002SWePhQAL&nid=693668433
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/394c8479-8534-4988-9fef-2cb91839b0ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1abe174fdc1733ebd595171ffc5e837778a6a21cb073490b7d424c08602a9927

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6810
x-cache
HIT, HIT
content-length
2354
x-served-by
cache-iad-kcgs7200107-IAD, cache-fra-etou8220147-FRA
server
nginx
x-timer
S1718118622.126450,VS0,VE1
etag
W/"a9d-BBSOVfSFHgd5y0tRemaaq+N+1qQ"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
x-pb-domain
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
4, 0
main-logo.svg
www.ambito.com/css-custom/239/v3/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ambito.com/css-custom/239/v3/images/main-logo.svg
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4609c91c6e30d1c3fed2e60f53a227b3408b02b0f1194c044eb344b3676e61a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
7774558
x-vc-age
863310
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
1063
x-vc
239223758 5068276
last-modified
Mon, 20 Nov 2023 04:06:09 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"655adb31-81e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-vc-d-date
Mon, 20 Nov 2023 12:38:56 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
8922870bcbdd9295-FRA
x-scroll-min-version-1717301131.js
www.ambito.com/js-custom/239/v3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/v3/x-scroll-min-version-1717301131.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276659c80dc8bbdf9a0224e196b8aabe1fc82ba043253da377f349eee5dcbdb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814014
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0071a2e9f6ff6fb6b
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.976
x-vc
948514283
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:31 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
8922870bcbe69295-FRA
jquery-3.6.0.min-min-version-1717301132.js
www.ambito.com/js-custom/vendor/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/vendor/jquery-3.6.0.min-min-version-1717301132.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60471374e38cfc922a82cdb4117a27e109a1914e97bb9f98078ce1d9be4393ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814014
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0b95ec1f147d50e03
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.903
x-vc
934180865
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:29 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
8922870bcbec9295-FRA
function-embeds-min-version-1717301221.js
www.ambito.com/td/modulos/encuestas/js/ 		423 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/td/modulos/encuestas/js/function-embeds-min-version-1717301221.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3680ed6d0ac607636536373887c341af3d58deaaa6347e2a75ca18daafd41f7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
813992
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0f92ae87b8f848593
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.974
x-vc
945771788
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:56:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:56:54 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
8922870bcbf09295-FRA
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7S8VLCSZ03&gtm=45je4650v9123080102za200&_p=1718118621484&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1112003937.1718118622&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1718118622&sct=1&seg=0&dl=https%3A%2F%2Fportalbeneficios.click%2F&dt=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%C2%BFc%C3%B3mo%20acceder%3F&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1944
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7S8VLCSZ03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-R2YG5ZTEZ7&gtm=45je4650v873938664za200&_p=1718118621484&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1112003937.1718118622&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718118622&sct=1&seg=0&dl=https%3A%2F%2Fportalbeneficios.click%2F&dt=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%C2%BFc%C3%B3mo%20acceder%3F&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1988&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2YG5ZTEZ7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R2YG5ZTEZ7&cid=1112003937.1718118622&gtm=45je4650v873938664za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2YG5ZTEZ7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R2YG5ZTEZ7&cid=1112003937.1718118622&gtm=45je4650v873938664za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=2066583744
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest.php
events.newsroom.bi/ 		50 B
858 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2541
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.35 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy03.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://portalbeneficios.click
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
id.json
loader.unblockia.com/c/portalbeneficios.click/ 		243 B
531 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader.unblockia.com/c/portalbeneficios.click/id.json
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f400:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6649b654468ee308bad22bcf9eb0a83e9f912af5d373c84902b8cd63a8ce75b0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:21 GMT
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-expose-headers
*
x-amz-cf-id
5J1JnZCmdurEQma0IxL7oRwMXIkYymnVlYy26HUu8ZGIy6H4qmkuiw==
web
onesignal.com/api/v1/sync/b95679a9-99e7-4fbf-8051-cd6cf7699318/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/b95679a9-99e7-4fbf-8051-cd6cf7699318/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2921b1187811a62b8a9fc194f7591986be57300bb5cf4d1a5c89966e38ca2041
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1471
cf-polished
origSize=4350
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
77a10708-9bd5-4b1d-83c5-eec57e903a23
x-runtime
0.032489
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"f5f547a07cd2226d66bddc289cfa051c"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8922870f3d3a4d50-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 11 Jun 2024 16:10:22 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14587093&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1718118622594&ns_c=UTF-8&c7=https%3A%2F%2Fportalbeneficios.click%2F&c8=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%C2%BFc%C3%B3mo%20acceder%3F&c9=
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
via
1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-amz-cf-id
EQAirH0a2Pg6x5xZmtUngy8UZzBLuH7LLxsX4bM3TQNnX50F5jodtQ==
x-cache
Miss from cloudfront
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2047048335588113&ev=PageView&dl=https%3A%2F%2Fportalbeneficios.click%2F&rl=&if=false&ts=1718118622662&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718118622652.568994478909571517&ler=empty&cdl=API_unavailable&it=1718118621959&coo=false&rqm=GET
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=2813, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jun 2024 15:10:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2047048335588113&ev=PageView&dl=https%3A%2F%2Fportalbeneficios.click%2F&rl=&if=false&ts=1718118622662&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718118622652.568994478909571517&ler=empty&cdl=API_unavailable&it=1718118621959&coo=false&rqm=FGET
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x41e763e91543349b","source_keys":["1","2"]},{"key_piece":"0x0327df56aba1497a","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 11 Jun 2024 15:10:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=17, mss=1297, tbw=3130, tp=-1, tpl=-1, uplat=171, ullat=0
pragma
no-cache
x-fb-debug
g7uFdtYC5g1dJ0SCOn4uts0PZ1JYl3pFngnEwRHZG12fODdFUhtCvCO97esPBaeq5cMcDjtsC9skrnnFMwggJg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
342703
expires
60
json
trc.taboola.com/grupoambito-ambito/trc/3/ 		35 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/grupoambito-ambito/trc/3/json?tim=17%3A10%3A22.677&lti=deflated&data=%7B%22id%22%3A459%2C%22ii%22%3A%22%2Feconomia%2Fbanco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1717491768490%2C%22vi%22%3A1718118622676%2C%22cv%22%3A%2220240604-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ambito.com%2Feconomia%2Fbanco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22125.0.6422.141%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fportalbeneficios.click%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5189%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2994.09375%2C%22mw%22%3A655%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Feconomia%2Fbanco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9eff0334abca944eba81025b36ff6f167582143a071417ccfbc4c2cd4eaaa6c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
579
date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
via
1.1 varnish
x-datadome
protected
cpu
1.1235416666666667
x-fastly-to-nlb-rtt
7436
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-fra-etou8220085-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1718118623.708876,VS0,VS0,VE579
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://portalbeneficios.click
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pmk-20220605.4.js
pm-widget.taboola.com/grupoambito-ambito/ 		84 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/grupoambito-ambito/pmk-20220605.4.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/grupoambito-ambito/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
036360512cd8a6d5ceb883865765a31bf126ff7e11507f021f452cedb584f49f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
H.yKuNqCCLUQjgcw8ZGLkgCSm4d1Bgph
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:22 GMT
x-amz-request-id
BVFW92BGBZYFS408
age
1263936
x-cache
HIT
content-length
24216
x-amz-id-2
KtwUuMoejh5amf4HJYFxIXuYCNIsR/+tHgbkeEVK3ItL3NL9hPivwhzQsmbsLkVP9ch0VOnHXkc=
x-served-by
cache-fra-etou8220128-FRA
last-modified
Tue, 05 Mar 2024 06:00:59 GMT
server
AmazonS3
x-timer
S1718118623.748299,VS0,VE0
etag
"50d82d22af03f003c4faf7c27abd75e2"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
2
events
collector-1.ex.co/main/ 		17 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-1.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/394c8479-8534-4988-9fef-2cb91839b0ef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.76.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-76-126.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 11 Jun 2024 15:10:22 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
jquery.cookie.min-min-version-1717301131.js
www.ambito.com/js-custom/239/ 		839 B
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/jquery.cookie.min-min-version-1717301131.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50953be41f5a613ff867cc44321337d01ebcb0c41121e048135855b4cbd43776
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814014
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0b95ec1f147d50e03
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.915
x-vc
913691267
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:30 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287102a899295-FRA
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/b98rim6bca
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240611T151022Z-16577d9575d7f6xb79un0dwtsw0000000crg000000006dd9
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6c728f9f-801e-0015-2192-b53968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
rfv.php
events.newsroom.bi/data/ 		27 B
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/data/rfv.php
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.35 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy03.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryGrBTuhAy0C5VFSBo

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://portalbeneficios.click
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
landscapef7041a21-7629-5050-bb3d-4427dc05bbef.webp
mcd.ex.co/video/upload/w_600,so_4/v1490095101/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/w_600,so_4/v1490095101/landscapef7041a21-7629-5050-bb3d-4427dc05bbef.webp
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7842065cd69db4d7389158150bd4b036a8e637eae938b47cf01f8db108f29d35
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
via
1.1 e7e7f392b3d444a9690697e824d644ec.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
29881
edge-cache-tag
272303959908932599284320899466460164508,292457254693976081825495367142597547843,c8ca5d8e4a43f8ef61d39b48fd5ffa31
cache-tag
272303959908932599284320899466460164508,292457254693976081825495367142597547843,c8ca5d8e4a43f8ef61d39b48fd5ffa31
x-exco-cdn
fastly
x-cache
Miss from cloudfront, MISS, HIT
content-disposition
inline; filename="landscapef7041a21-7629-5050-bb3d-4427dc05bbef.webp"
content-length
16770
x-served-by
cache-fra-eddf8230090-FRA, cache-fra-etou8220065-FRA
last-modified
Tue, 11 Jun 2024 03:13:00 GMT
server
cloudinary
surrogate-reporting
width=600,height=338,bytes=16770,owidth=1280,oheight=720,obytes=54005,ef=(18,63)
x-timer
S1718118623.843616,VS0,VE1
etag
"e86d6d6b8c2adeaca397d3626b787fbc"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
394c8479-8534-4988-9fef-2cb91839b0ef_null__1679490359084.png
cdn.ex.co/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/logos/394c8479-8534-4988-9fef-2cb91839b0ef_null__1679490359084.png
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c379e5a6ab77113e755e1f98c67ef7fad45e83195534ed23edfbca3664f0b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
age
25231
x-cache
HIT
x-exco-cdn
fastly
content-length
4334
x-served-by
cache-fra-etou8220154-FRA
last-modified
Wed, 22 Mar 2023 13:06:00 GMT
server
AmazonS3
x-timer
S1718118623.843588,VS0,VE2
etag
"57069ee8edecb0810586bf4819abb4d0"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
player.js
cdn.ex.co/player/ap/p/4.49.1-20eb487/ 		372 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/ap/p/4.49.1-20eb487/player.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/394c8479-8534-4988-9fef-2cb91839b0ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e328346db804706f1980535ccc0471594ff1f0f9b8d8881ace7bde7b4116ce2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
age
895696
x-cache
HIT
x-exco-cdn
fastly
content-length
102647
x-served-by
cache-fra-etou8220154-FRA
last-modified
Wed, 29 May 2024 07:16:52 GMT
server
AmazonS3
x-timer
S1718118623.843633,VS0,VE2
etag
"49a413a9e4906398a5a1d3535a0acd19"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
TDUser-version-42.js
usuarios.ambito.com/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usuarios.ambito.com/js/TDUser-version-42.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4955dc7b9cad696f38fb13070f12cdccef6da966a4b572d656b655bcdd92658
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
7770388
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-08fad26b078e1f7dc
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc
217974596
last-modified
Tue, 28 Nov 2023 04:04:44 GMT
x-vc-cache
miss cacheable
server
cloudflare
etag
W/"656566dc-4570"
vary
Accept-Encoding
content-type
application/x-javascript
x-vc-d-date
Wed, 29 Nov 2023 13:25:13 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287121f84377c-FRA
cookie_sync.html
cdn.ex.co/sync/0.0.1-7abf705/ Frame CE0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-7abf705/cookie_sync.html?network=368531133%2C693668433&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/4.49.1-20eb487/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
age
2361390
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
content-encoding
gzip
content-length
275
content-type
text/html;charset=utf-8
date
Tue, 11 Jun 2024 15:10:23 GMT
etag
"07dd85d1d0ababd70ae97ea4d60bb6de"
last-modified
Fri, 26 Jan 2024 17:08:03 GMT
server
AmazonS3
strict-transport-security
max-age=31557600
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-exco-cdn
fastly
x-served-by
cache-fra-etou8220082-FRA
x-timer
S1718118623.079175,VS0,VE1
events
collector-1.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-1.ex.co/main/events
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.76.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-76-126.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 11 Jun 2024 15:10:23 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
player.js
p.channelexco.com/player/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.59&p=125395055&cb=96da4718-07d8-4eb6-9504-5d30d6d0d547&d=https%3A%2F%2Fportalbeneficios.click&schain=1.0%2C1%21playbuzz.com%2C0016M00002SWePhQAL%2C1%2C%2C%2Cportalbeneficios.click%21babelmedia.global%2C5227135114%2C1%2C%2C%2C&w=655&h=368.4&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&rv=true&sid=&sid2=default&sid4=p%2F4.49.1-20eb487&pub=1&pageLoadUid=b7c4d274-d772-41d0-9f83-817940594b7d&hu=true&ijsn=true&b64e=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.244.71.146 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
235472808d33107d05468c779c96c56283b6f561b7804b83015eff8ebabbaac4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 11 Jun 2024 15:10:22 GMT
collect
u.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://portalbeneficios.click
Date
Tue, 11 Jun 2024 15:10:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
suscription-2023-min-version-1717301131.js
www.ambito.com/js-custom/239/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/suscription-2023-min-version-1717301131.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fdb00c6932177b574a576368156d2f11f56a6f3ace799aa50531f637c6526fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814014
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0f4b2890e63892837
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.900
x-vc
949002352
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:31 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287126dc19295-FRA
TDUser.css
usuarios.ambito.com/css/ 		653 B
709 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usuarios.ambito.com/css/TDUser.css
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/js-custom/vendor/jquery-3.6.0.min-min-version-1717301132.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c917dea1bb91502444fa3e9b7143571e752f62db48a42902ce643a59ce944bd8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-shield-cache-expires
30
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
7765766
x-vc-age
7647554
x-td-host
california-varnish-cache-node, california-front3
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
297
x-vc
980164791 728749
last-modified
Tue, 22 Dec 2020 16:45:29 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"5fe222a9-28d"
vary
Accept-Encoding
content-type
text/css
x-vc-d-date
Mon, 21 Aug 2023 06:19:15 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
89228712ae179295-FRA
bootstrap.min-min-version-1717301131.js
www.ambito.com/js-custom/239/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/bootstrap.min-min-version-1717301131.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
289c8e604981c9478b8ebdf9f643707044964efd0431c36d1f8eaa883574ea69
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814014
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-01472bae6f33a2c25
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.975
x-vc
933362060
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:31 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
89228712be2d9295-FRA
bootstrap-datepicker.min-min-version-1717301131.js
www.ambito.com/js-custom/239/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/bootstrap-datepicker.min-min-version-1717301131.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ce62cdb7e23b564aa6f0e0084a974f1dc3c9bec5fcbf11d63b9cf5050d7e61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814014
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0f840831bb0151dfe
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.935
x-vc
945122569
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:31 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287132ed29295-FRA
truncated
/ 		477 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
get
ad.vidoomy.com/api/adserver/ad/ 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPXBvcnRhbGJlbmVmaWNpb3MuY2xpY2smZm9ybWF0PTEmdT0zOTk0NmFlZC00OWJmLTQ2MzUtODRlYi01NmYwODRhNzY0NGQmem9uZUlkPTIzNzg2Jmxvb3A9MCZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGcG9ydGFsYmVuZWZpY2lvcy5jbGljayUyRiZrZXl3b3Jkcz0mcHZlcnNpb249My4xNS40JnRpbWVFbGFwc2VkPTAtMS45OQ==
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.215 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
w3.vdmy.dtic.es
Software
nginx /
Resource Hash
1fcccde66453b638a1c4315f7eb468b6e7bb9612ea00afe93725048ac0f77f9f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://portalbeneficios.click/
Content-Transfer-Encoding
base64
vidoomy-brandlift
W10=
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://portalbeneficios.click
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Content-Transfer-Encoding
base64
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
8272
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3474&_fw_gdpr=0&_fw_gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=60b97b8ca548c68686e0e92ee627382&_fw_gdpr=0&_fw_gdpr_consent=
43 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=60b97b8ca548c68686e0e92ee627382&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
HTTP/1.1
Server
212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Tue, 11 Jun 2024 15:10:23 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:23 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://a.vidoomy.com/api/rtbserver/cookie?i=FW&uid=60b97b8ca548c68686e0e92ee627382&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1718118623217064-508
get
ad.vidoomy.com/api/adserver/ad/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad.vidoomy.com/api/adserver/ad/get?data=ZG9tYWluPXBvcnRhbGJlbmVmaWNpb3MuY2xpY2smZm9ybWF0PTEmdT0zOTk0NmFlZC00OWJmLTQ2MzUtODRlYi01NmYwODRhNzY0NGQmem9uZUlkPTIzNzg2Jmxvb3A9MCZjU3RyaW5nU3RhdHVzPW5vdC1mb3VuZCZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGcG9ydGFsYmVuZWZpY2lvcy5jbGljayUyRiZrZXl3b3Jkcz0mcHZlcnNpb249My4xNS40JnRpbWVFbGFwc2VkPTAtMS45OQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.215 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
w3.vdmy.dtic.es
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-transfer-encoding,vidoomy-brandlift
Access-Control-Request-Method
GET
Origin
https://portalbeneficios.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-transfer-encoding,vidoomy-brandlift
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://portalbeneficios.click
Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Content-Length
0
Date
Tue, 11 Jun 2024 15:10:23 GMT
Server
nginx
bootstrap-datepicker.es.min-min-version-1717301131.js
www.ambito.com/js-custom/239/ 		512 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/bootstrap-datepicker.es.min-min-version-1717301131.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a695c3769308f5af8bdf2c8582f8fffec1eb5eadf37a6e082c9c5d881061b0b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814014
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0f92ae87b8f848593
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.916
x-vc
922123275
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:32 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287139f629295-FRA
tb
15.taboola.com/ 		31 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=grupoambito-ambito&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.ambito.com%2Feconomia%2Fbanco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&encoded=1&uid=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&variant=-100|1786174457&callback=TRC.videoTagCallbacks.videoCallback1&cb=1718118623327&tagid=&cntry=DE&platform=1&sesid=fefe88543960a336a1b9cf4f6215fd1d&itemid=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&viewid=1718118622676&geolat=&geoing=&deviceifa=&appid=&sd=&ri=5261eecc2dbcc685dc9f4c7b52cd773b&appname=&cdb=&gdprApplies=true&rid=&sii=5444426298907534431&oee=true&tpubid=1162095&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=NW&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1162091&prcnt=&layer=&normp=1&gvv=17468&gvv50=17468&gvv61=17311&gvv62=15730
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f9a8d8e4fe96532b11b0555400aaabbe871c5a25a39077996aeb6ba51c87f413

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
via
1.1 varnish
machineid
340114
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra-etou8220085-FRA
pragma
no-cache
server
nginx
x-timer
S1718118623.363496,VS0,VE28
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9757e1a5d5a10f5a3ce54859c83fc28ec20771f0cfdb93befaccc446206db06a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9Zp1O1kONZAMEkoLycrGDiiM5y9h8e8F
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:23 GMT
x-amz-request-id
TT2BXYHVK059FPWK
age
22023
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
dGWeeyYYTwLy1WNgMCYKqF/lTIaM2I2cL4M8eCFQzoNLjKHmJgCYCzCKcXeiHsN5tJ9G/63kOZw=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 11 Jun 2024 09:03:21 GMT
server
AmazonS3
x-timer
S1718118623.358569,VS0,VE0
etag
"570f7df5350556e1fdfa318b125b52ea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
25295
distance-from-article.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
950c63f60fa751017cd669c982fb139e975b18cf7b12fce382ae3ce83217b205

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nScZlhzgCBjuRNlsJRcLTuV6yefOL12l
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:23 GMT
x-amz-request-id
WBXYARHZSM63VN4Q
age
22029
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1523
x-amz-id-2
HfIHR6NcbRL+a5MPn5J2IGVdiwpT3lCvUtb1G9lN7iyVbyM1MalGxlGQ+dZARUtB+IvI6watQ2A=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 11 Jun 2024 09:03:14 GMT
server
AmazonS3
x-timer
S1718118623.358727,VS0,VE0
etag
"cdcf29ec759043cf17463677d3505796"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
26164
article-detection.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e520dd6d7e0cbd42b401db4b71b799f13c0060ef00d285ce23ddddbde789efc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
XrCy0Gvtoww5tU_IGrY3p.SN2xxe4_g1
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:23 GMT
x-amz-request-id
TTBQ51109X45KDT7
age
22039
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
rK0lSkPPqVRcuzlM1EFwJY4LcTOupq640PkIawi7DBUmmyHCs+rEnQSbr1hJP27voWAlbvMFWXmeC9eEz3P7CUHW7VplcBIk
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 11 Jun 2024 09:03:04 GMT
server
AmazonS3
x-timer
S1718118623.359486,VS0,VE0
etag
"f42ccc06ee550b8fc289fe8e3447242d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
26094
article-and-feed-area-scanner.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e79d1cea2a6d8a87d7e8b30576fbd4948b97b70b6110725a2da383a6450bd035

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
puV8GPH8BSXmmtu6P.TlyTU706bt53RX
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:23 GMT
x-amz-request-id
C01YQYHCS944ZENN
age
22041
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1148
x-amz-id-2
tt5FyzyazKLK0wlb+9Sprwzgh8aSRtuTFp63/2Cjyhr0sjiV12B1C6qtBvvhO0MS7XrPlM97cvs=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 11 Jun 2024 09:03:02 GMT
server
AmazonS3
x-timer
S1718118623.358885,VS0,VE0
etag
"6cfc324a036f08627a96960789983dfa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9291
userx.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4256713aa795a127c34d7b065dc0e624565692ccdef83e3cb96ad2402f0aeeec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
swsJ8ZedWMFDnZpADOJpUQWERai7O_PD
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:23 GMT
x-amz-request-id
GKS9AXKWE040T9MV
age
21980
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5568
x-amz-id-2
wCHiGGdS0FUy3P2f/y3P4H/3LmpXe1fveNRBiBQCf6DFq946eoyQREM/wHFxEClFvAkjdwokkNI=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 11 Jun 2024 09:04:03 GMT
server
AmazonS3
x-timer
S1718118623.372692,VS0,VE0
etag
"2d47eedf3ef437ba130853cd6d0c1517"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7028
explore-more.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dafbaaa09ec584d5a18405e8d60c34d0912c987a4eace9b7679bbf1d3f2dbb0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BA7_OoVnvme2eTfFLJesTWbZrlbXk7V1
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:23 GMT
x-amz-request-id
KPPQ0RYGAGCH62DZ
age
22025
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7618
x-amz-id-2
7CVECTcq17QwXJYEP95t6YJjrczzyXm82Niq+cKOV8S7pgR0kLc/ihd4vnw2XEUyI0n47BbmYg8=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 11 Jun 2024 09:03:19 GMT
server
AmazonS3
x-timer
S1718118623.372757,VS0,VE0
etag
"d67148d3a827e63f0c161886e5a8d1ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
6
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13764
abtests
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/abtests?route=AM:AM:V&tvi50=17468&lti=deflated&ri=5261eecc2dbcc685dc9f4c7b52cd773b&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1718118623355%7D&tim=17%3A10%3A23.355&id=1770&llvl=2&cv=20240604-4-RELEASE&
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/supply-feature?route=AM:AM:V&tvi50=17468&lti=deflated&ri=5261eecc2dbcc685dc9f4c7b52cd773b&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A10%3A23.362&id=2727&llvl=2&cv=20240604-4-RELEASE&
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:23 GMT
x-amz-request-id
MG9Q0Y7QHRMZ46VV
age
4
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
lb6E0SgvaNGEosGJyrgapzFR3ul/7Cgz6prQq3aJFC7FcLs31EkgK1NjykIt0lknCpqLMFyqyDc=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1718118624.502530,VS0,VE1
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
61
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
social
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/social?route=AM:AM:V&tvi50=17468&lti=deflated&ri=5261eecc2dbcc685dc9f4c7b52cd773b&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fportalbeneficios.click%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%C2%BFc%C3%B3mo%20acceder%3F%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Por%20Juli%C3%A1n%20Guarino%22%5D%2C%22img%22%3A%22https%3A%2F%2Fmedia.ambito.com%2Fp%2Fc80df3105981001c801cba82acdc7951%2Fadjuntos%2F239%2Fimagenes%2F041%2F556%2F0041556456%2Fbanco-ciudadjpg.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A10%3A23.543&id=9721&llvl=2&cv=20240604-4-RELEASE&
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/pubs-generic?route=AM:AM:V&tvi50=17468&lti=deflated&d=%7B%22data%22%3A%22%7B%7D%22%2C%22type%22%3A%22recReel-available%22%2C%22eventTime%22%3A1718118623556%7D&tim=17%3A10%3A23.556&id=3107&llvl=2&ri=a8b7ffd98237553840101535e24a9213&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://portalbeneficios.click
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.9.6/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.9.6/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
336b818d1e24fd3353db49a4358fe03a8ec7cd8ce1e364ba947fd78f3d6b5cbb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Origin
https://portalbeneficios.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
via
1.1 4da7673e847e4fe66842083693a9c2e0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
BOM78-P8
age
886142
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34354
x-served-by
cache-fra-etou8220128-FRA
last-modified
Sat, 01 Jun 2024 09:01:09 GMT
server
AmazonS3
x-timer
S1718118624.580821,VS0,VE0
etag
"baa3c52e53c9a98ab28000e870aff288"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
pFbs2zOullw7OdGg3_D3-uWnTB15eP1ZrF2KV7-mWuq1mViarPhW4A==
x-cache-hits
65954
validateUser-min-version-1717301131.js
www.ambito.com/js-custom/239/ 		273 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/validateUser-min-version-1717301131.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e94b4c36e6c866ec451c16c7452c5c259720ce5ac2c33439f3a61ce2876ef32c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814014
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0b95ec1f147d50e03
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.904
x-vc
929277709
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:33 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
89228715ea959295-FRA
hls.min.js
cdn.ex.co/player/hls/1.4.10-exco/ 		285 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/hls/1.4.10-exco/hls.min.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/4.49.1-20eb487/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64f289189523a38054e3214b1bef7b711fe83e1223af9c0b0ffec5134312f0d6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31557600
age
535125
x-cache
HIT
x-exco-cdn
fastly
content-length
86803
x-served-by
cache-fra-etou8220154-FRA
last-modified
Wed, 05 Jun 2024 10:27:10 GMT
server
AmazonS3
x-timer
S1718118624.670413,VS0,VE0
etag
"a9642ec59aab3970df7bfdcad710d30a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
2747
starti
s-01.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-01.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fportalbeneficios.click&se=104588e4-6647-4335-88e9-f3bc17fd193d&pv=117.59&dd=portalbeneficios.click&gpvck=v022863531__655x368______DEF__nil__400&sa=shd&s=0.0&p=125395055&cb=1718118623634
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.244.71.146 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
supply-feature
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/supply-feature?route=AM:AM:V&tvi50=17468&lti=deflated&ri=5261eecc2dbcc685dc9f4c7b52cd773b&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22243%22%2C%22event_msg%22%3A%220%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A10%3A23.668&id=3999&llvl=2&cv=20240604-4-RELEASE&
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
spa-detector.20240604-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20240604-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/grupoambito-ambito/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87a50fb24393024bdde09068bdf5da53d30e4d03a6c9173a59d61f85fc6e4f30

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yuPJ1cc8X0JQa68wgjJnmQgkDEDv6QNa
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:23 GMT
x-amz-request-id
VCYTAAPS0AK0STYW
age
21999
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
39UQA5khHDH0/XkiYkwCTTsMUyXlbi0ii+xObrMKFmFjzoD6AC7NfxUbwdz8VShopOuuPpxA5wg=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Tue, 11 Jun 2024 09:03:45 GMT
server
AmazonS3
x-timer
S1718118624.716031,VS0,VE0
etag
"404f359cdcdf4b503d26d7997e521f5d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
5
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13955
supply-feature
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/supply-feature?route=AM:AM:V&tvi50=17468&lti=deflated&ri=5261eecc2dbcc685dc9f4c7b52cd773b&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A10%3A23.676&id=127&llvl=2&cv=20240604-4-RELEASE&
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/abtests?route=AM:AM:V&tvi50=17468&lti=deflated&ri=5261eecc2dbcc685dc9f4c7b52cd773b&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1718118623677%7D&tim=17%3A10%3A23.678&id=0&llvl=2&cv=20240604-4-RELEASE&
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/supply-feature?route=AM:AM:V&tvi50=17468&lti=deflated&ri=5261eecc2dbcc685dc9f4c7b52cd773b&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A10%3A23.679&id=768&llvl=2&cv=20240604-4-RELEASE&
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/grupoambito-ambito/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/grupoambito-ambito/log/3/abtests?route=AM:AM:V&tvi50=17468&lti=deflated&ri=5261eecc2dbcc685dc9f4c7b52cd773b&sd=v2_fefe88543960a336a1b9cf4f6215fd1d_bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e_1718118622_1718118622_CNawjgYQ7_ZGGNTL5r6AMiABKAEwODib4wlAiIoQSNLY2ANQ____________AVgAYABoppvJ7d37u7UDcAA&ui=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&pi=/economia/banco-ciudad-subasta-autos-motos-y-joyas-como-acceder-n6012512&wi=5444426298907534431&pt=text&vi=1718118622676&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1718118623691%7D&tim=17%3A10%3A23.692&id=902&llvl=2&cv=20240604-4-RELEASE&
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
suscripcion-digital-min-version-1717301131.js
www.ambito.com/js-custom/239/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/js-custom/239/suscripcion-digital-min-version-1717301131.js
Requested by
Host: www.ambito.com
URL: https://www.ambito.com/vendor/lazyLoad/lazyLoad-observer-td4-min-version-1717301221.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
effafa8949e63168bd0ad6dbdc6ae7817a10b8c3fc55c8db0276e8ca4a323e51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
814013
x-vc-age
0
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0f92ae87b8f848593
x-vc-ttl
31968000.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
x-vc-ttl-r
31967999.960
x-vc
875870845
x-vc-cache
miss cacheable
last-modified
Sun, 02 Jun 2024 04:51:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-vc-d-date
Sun, 02 Jun 2024 04:51:33 GMT
cache-control
public, max-age=31968000
x-td-control
CC:; CCT:; TOUCH:
cf-ray
892287166b389295-FRA
landscapef7041a21-7629-5050-bb3d-4427dc05bbef.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1007 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscapef7041a21-7629-5050-bb3d-4427dc05bbef.m3u8
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
8088b034452215f28b23db5f2c7122966209354d30da702b4f186d4daf4a110a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
via
1.1 469dc5bcdade6fbc3eb82a70fb41aeea.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
27096
edge-cache-tag
272303959908932599284320899466460164508,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
cache-tag
272303959908932599284320899466460164508,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
x-exco-cdn
fastly
x-cache
Miss from cloudfront, MISS, HIT
content-length
1007
x-served-by
cache-fra-eddf8230070-FRA, cache-fra-etou8220121-FRA
last-modified
Tue, 11 Jun 2024 03:13:05 GMT
server
cloudinary
x-timer
S1718118624.795379,VS0,VE2
etag
"dc6bc03053aae9f4e9ef7cb21c1d9d61"
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
landscapef7041a21-7629-5050-bb3d-4427dc05bbef.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1718075574/ 		401 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1718075574/landscapef7041a21-7629-5050-bb3d-4427dc05bbef.m3u8
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
575bd52d5c4d8fb4e5178d7a25be594a93ad182deb44dbb1ae079144220f6c32
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
via
1.1 4f02e80a6fa43c1c48cfe770bb183bc0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
43000
edge-cache-tag
272303959908932599284320899466460164508,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
cache-tag
272303959908932599284320899466460164508,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
x-exco-cdn
fastly
x-cache
Miss from cloudfront, MISS, HIT
content-length
401
x-served-by
cache-fra-eddf8230091-FRA, cache-fra-etou8220121-FRA
last-modified
Tue, 11 Jun 2024 03:13:00 GMT
server
cloudinary
x-timer
S1718118624.827731,VS0,VE1
etag
"d83b31c2b4b729fac33b3a3b4c85a017"
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
landscapef7041a21-7629-5050-bb3d-4427dc05bbef.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1718075574/ 		117 KB
118 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1718075574/landscapef7041a21-7629-5050-bb3d-4427dc05bbef.ts
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b3d0deaac8505292e27a61ebb0f11dd4c0613dd73e65b79bea7b9f75815a90ef
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Range
bytes=0-119943
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
via
1.1 9eea50524ba9fbd8bbcad3e7048d3dac.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
42879
edge-cache-tag
272303959908932599284320899466460164508,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
cache-tag
272303959908932599284320899466460164508,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
x-exco-cdn
fastly
x-cache
Miss from cloudfront, MISS, HIT
Content-Range
bytes 0-119943/308508
Content-Length
119944
x-served-by
cache-fra-eddf8230052-FRA, cache-fra-etou8220121-FRA
last-modified
Tue, 11 Jun 2024 03:12:59 GMT
server
cloudinary
surrogate-reporting
width=640,height=360,abps=30851,fps=25.0,du=10.0,vc="h264",bytes=308508,owidth=1280,oheight=720,oabps=70192,ofps=25.0,odu=10.0,ovc="h264",obytes=701916,oformat="mp4",abr="c",ef=(18,41,61,99)
x-timer
S1718118624.852922,VS0,VE1
etag
"391e9cfc60403f75b187fc820779bc45"
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7250B1E33B954C32B0115E4E86BDD86C&RedC=c.clarity.ms&MXFR=2964087BA111607D00E61CE0A5116E76
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7250B1E33B954C32B0115E4E86BDD86C&MUID=01484B3AA393677B292F5FA1A23F66A9
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7250B1E33B954C32B0115E4E86BDD86C&MUID=01484B3AA393677B292F5FA1A23F66A9
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4265B47528C04123842CB29F5CE0E354 Ref B: FRA31EDGE0706 Ref C: 2024-06-11T15:10:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7250B1E33B954C32B0115E4E86BDD86C&MUID=01484B3AA393677B292F5FA1A23F66A9
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ingest.php
events.newsroom.bi/ 		2 B
786 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.35 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy03.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://portalbeneficios.click
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
1c47ae43-f3c8-449b-a076-525f21de84eb
https://portalbeneficios.click/ 		285 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://portalbeneficios.click/1c47ae43-f3c8-449b-a076-525f21de84eb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27f8cd24f85ead54cce80c41ee99a59efed6ffa63fac22fb66fca9a9daafcf7b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
291441
Content-Type
text/javascript
rum
portalbeneficios.click/cdn-cgi/ 		315 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portalbeneficios.click/cdn-cgi/rum?
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.133.18.32 Moscow, Russian Federation, ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 11 Jun 2024 15:10:23 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
favicon.ico
www.ambito.com/css-custom/239/v3/favicons/ 		1 KB
970 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/favicons/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2794ed49bb6c93760067f9a530e0a0f17e4941b23dcb9bee778091bd5f429f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
5716
x-vc-age
38
x-td-host
california-varnish-cache-node, california-thinkindot-front-i-0f4b2890e63892837
x-vc-ttl
120.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
556
x-vc-ttl-r
81.190
x-vc
95374928 95864956
last-modified
Sat, 01 Jun 2024 04:06:15 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
W/"665a9e37-47e"
vary
Accept-Encoding
content-type
image/x-icon
x-vc-d-date
Tue, 11 Jun 2024 04:24:23 GMT
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
89228717ad389295-FRA
landscapef7041a21-7629-5050-bb3d-4427dc05bbef.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1718075574/ 		120 KB
120 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1718075574/landscapef7041a21-7629-5050-bb3d-4427dc05bbef.ts
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
30c230975d4eff5a03d7de9132ba3e7e8bf57b9ab30941e057faa9d63363eb7e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Range
bytes=119944-242707
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:23 GMT
via
1.1 9eea50524ba9fbd8bbcad3e7048d3dac.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
42879
edge-cache-tag
272303959908932599284320899466460164508,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
cache-tag
272303959908932599284320899466460164508,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
x-exco-cdn
fastly
x-cache
Miss from cloudfront, MISS, HIT
Content-Range
bytes 119944-242707/308508
Content-Length
122764
x-served-by
cache-fra-eddf8230052-FRA, cache-fra-etou8220121-FRA
last-modified
Tue, 11 Jun 2024 03:12:59 GMT
server
cloudinary
surrogate-reporting
width=640,height=360,abps=30851,fps=25.0,du=10.0,vc="h264",bytes=308508,owidth=1280,oheight=720,oabps=70192,ofps=25.0,odu=10.0,ovc="h264",obytes=701916,oformat="mp4",abr="c",ef=(18,41,61,99)
x-timer
S1718118624.960133,VS0,VE1
etag
"391e9cfc60403f75b187fc820779bc45"
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
st
imprammp.taboola.com/ Frame CD9E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66261475&crid=5367395&dast=V9FeoCABYDAARljxYNB6QdBAAEZY8WDQekHQUAAAAABgYA9AcAJLdcbTa-3W6tW-4Ga9Fst3ELF4bNWrNZDHfLjctkGdmGAEBSo5VpMHKZ1hLDyrUWLVfDtcQ4GLklnolvtNiYRraRbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAvNB0Onyue73u97sr3Ban6W_X-N1-lcdv97udDr_EYff43Rqn6-QwuTWvi8NzergVrtPf81b7TX_PW_mW-p0Pz1vjd_vdCo_HZXJZ3nLbYDFZLSZzAAAAAAB4AACIMh-DAPgBBACIAAAAAACQAAAAAACgAAioAPi3ABC4AAAAAADAAAA4CArWAACA4gAwCIfH6LL7AwAA4CECBAAAQACDBACAIDK5BABAo_D3BAAAAAAAAAAAgAXg____PwZgYD5iXAYAAAShrwcA4MEHAOCBCACgAEayCIARAAAAAEDUVwHJEcAkgE4AqAAsqgAAAAjSrQAArgAAAAIgD7JRE8MAAAAABMYAFuhh8fvNDrvG73YZAAAAAAAAAACAGcD_GcA_GoDQkgduGgCQcDiSGsAvIADAGsAvIAAAG4C6AQAAvAEIwAEEHQBBKwaD1QEoxG44W-xGo9VudgAAAAAAdwD_____egAg5rK5jMPVaLOcDRaezWzhmDg3NtPMNlmsZibHyHsA5eMBDRxYMwp9ACHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD-ACVuMVpPJZjmcLReTwXA0HI32BzAQk9UAASZisFxOJovJbjVajTbD3Wg2WCCAQAwmCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgxGTbzTa7mVu5WK3cosnK41b4Vra1yDNaeFwu22hjGK1Fr4_pZFusXK6VFwECTfciuEgnOsvr8He4LU7T361wW5ymv0Us0Zws0olELBGcLtKJ6GU8XcQSydMinagms8XK5fFYRhaPxzZcjTzOmWnjm7gmG5Nvt5lYxBKl6SKd6FUev93vdjr8Eofd43drnK6Tw-TWvC4Oz-nhVrhOf89b7Tf9PW_lW-p3Pjxvjd_tdys8HpfJZXnLbYPFZLWYTNR_BFDAxVy5mqvmmtkqAQAAAAAAAAAALAFsAgAAAABwAhjIcjmarZYLABCx-6YL8OMoO415X5-xC7DkyPcN2EL6dQwgcZbX4e9wW5ymv1vhtjhNfysDAETsrjEDbAbwDEAQa7Va1gAAAAAC2AAAAAAB3AC6AXgDCDiv4wD_____-wBAUZUeuFHrhfwABbEbzYb7BwAQoBBrtVo-X6zVagkE_P___xMEAAAAAAAAEPEUBAAAAAAAAAx9GgQAAAAAAAD0yCUEVAgwGKLl73Z5ISA!&cmcv=&pix=undefined&cb=1718118623965&uv=3406&tms=1718118623965&abt=adxsub-out_vA!adxsub-out_vB!esv_vC!moatsmpl_vA!pl157290-537_vA!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7953c777-7970-467c-8a03-331879ced2d6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.9.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 11 Jun 2024 15:10:24 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220038-FRA
x-timer
S1718118624.449444,VS0,VE10
sync
am-match.taboola.com/ Frame 4777 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V9FeoCABYDAARljxYNB6QdBAAEZY8WDQekHQUAAAAABgYA9AcAJLdcbTa-3W6tW-4Ga9Fst3ELF4bNWrNZDHfLjctkGdmGAEBSo5VpMHKZ1hLDyrUWLVfDtcQ4GLklnolvtNiYRraRbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAvNB0Onyue73u97sr3Ban6W_X-N1-lcdv97udDr_EYff43Rqn6-QwuTWvi8NzergVrtPf81b7TX_PW_mW-p0Pz1vjd_vdCo_HZXJZ3nLbYDFZLSZzAAAAAAB4AACIMh-DAPgBBACIAAAAAACQAAAAAACgAAioAPi3ABC4AAAAAADAAAA4CArWAACA4gAwCIfH6LL7AwAA4CECBAAAQACDBACAIDK5BABAo_D3BAAAAAAAAAAAgAXg____PwZgYD5iXAYAAAShrwcA4MEHAOCBCACgAEayCIARAAAAAEDUVwHJEcAkgE4AqAAsqgAAAAjSrQAArgAAAAIgD7JRE8MAAAAABMYAFuhh8fvNDrvG73YZAAAAAAAAAACAGcD_GcA_GoDQkgduGgCQcDiSGsAvIADAGsAvIAAAG4C6AQAAvAEIwAEEHQBBKwaD1QEoxG44W-xGo9VudgAAAAAAdwD_____egAg5rK5jMPVaLOcDRaezWzhmDg3NtPMNlmsZibHyHsA5eMBDRxYMwp9ACHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD-ACVuMVpPJZjmcLReTwXA0HI32BzAQk9UAASZisFxOJovJbjVajTbD3Wg2WCCAQAwmCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgxGTbzTa7mVu5WK3cosnK41b4Vra1yDNaeFwu22hjGK1Fr4_pZFusXK6VFwECTfciuEgnOsvr8He4LU7T361wW5ymv0Us0Zws0olELBGcLtKJ6GU8XcQSydMinagms8XK5fFYRhaPxzZcjTzOmWnjm7gmG5Nvt5lYxBKl6SKd6FUev93vdjr8Eofd43drnK6Tw-TWvC4Oz-nhVrhOf89b7Tf9PW_lW-p3Pjxvjd_tdys8HpfJZXnLbYPFZLWYTNR_BFDAxVy5mqvmmtkqAQAAAAAAAAAALAFsAgAAAABwAhjIcjmarZYLABCx-6YL8OMoO415X5-xC7DkyPcN2EL6dQwgcZbX4e9wW5ymv1vhtjhNfysDAETsrjEDbAbwDEAQa7Va1gAAAAAC2AAAAAAB3AC6AXgDCDiv4wD_____-wBAUZUeuFHrhfwABbEbzYb7BwAQoBBrtVo-X6zVagkE_P___xMEAAAAAAAAEPEUBAAAAAAAAAx9GgQAAAAAAAD0yCUEVAgwGKLl73Z5ISA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.9.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 11 Jun 2024 15:10:24 GMT
machineid
440102
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66261475&crid=5367395&dast=V9FeoCABYDAARljxYNB6QdBAAEZY8WDQekHQUAAAAABgYA9AcAJLdcbTa-3W6tW-4Ga9Fst3ELF4bNWrNZDHfLjctkGdmGAEBSo5VpMHKZ1hLDyrUWLVfDtcQ4GLklnolvtNiYRraRbwoAH8ZymQxqgYRl9vsOCsrp6TG7DKKi622xO5xmzxsAvNB0Onyue73u97sr3Ban6W_X-N1-lcdv97udDr_EYff43Rqn6-QwuTWvi8NzergVrtPf81b7TX_PW_mW-p0Pz1vjd_vdCo_HZXJZ3nLbYDFZLSZzAAAAAAB4AACIMh-DAPgBBACIAAAAAACQAAAAAACgAAioAPi3ABC4AAAAAADAAAA4CArWAACA4gAwCIfH6LL7AwAA4CECBAAAQACDBACAIDK5BABAo_D3BAAAAAAAAAAAgAXg____PwZgYD5iXAYAAAShrwcA4MEHAOCBCACgAEayCIARAAAAAEDUVwHJEcAkgE4AqAAsqgAAAAjSrQAArgAAAAIgD7JRE8MAAAAABMYAFuhh8fvNDrvG73YZAAAAAAAAAACAGcD_GcA_GoDQkgduGgCQcDiSGsAvIADAGsAvIAAAG4C6AQAAvAEIwAEEHQBBKwaD1QEoxG44W-xGo9VudgAAAAAAdwD_____egAg5rK5jMPVaLOcDRaezWzhmDg3NtPMNlmsZibHyHsA5eMBDRxYMwp9ACHCMvt9BwXl9PSYXQZR0fW22B1Os-cgPmgYlpNBMD-ACVuMVpPJZjmcLReTwXA0HI32BzAQk9UAASZisFxOJovJbjVajTbD3Wg2WCCAQAwmCEDRosFkNRpNFpPhajRZzZaL3W6DABStWs1Gm8FwNZvMdrvVcDBcjkYIMGGL0Woy2SyHs-ViMhiOhqPREAFgxGTbzTa7mVu5WK3cosnK41b4Vra1yDNaeFwu22hjGK1Fr4_pZFusXK6VFwECTfciuEgnOsvr8He4LU7T361wW5ymv0Us0Zws0olELBGcLtKJ6GU8XcQSydMinagms8XK5fFYRhaPxzZcjTzOmWnjm7gmG5Nvt5lYxBKl6SKd6FUev93vdjr8Eofd43drnK6Tw-TWvC4Oz-nhVrhOf89b7Tf9PW_lW-p3Pjxvjd_tdys8HpfJZXnLbYPFZLWYTNR_BFDAxVy5mqvmmtkqAQAAAAAAAAAALAFsAgAAAABwAhjIcjmarZYLABCx-6YL8OMoO415X5-xC7DkyPcN2EL6dQwgcZbX4e9wW5ymv1vhtjhNfysDAETsrjEDbAbwDEAQa7Va1gAAAAAC2AAAAAAB3AC6AXgDCDiv4wD_____-wBAUZUeuFHrhfwABbEbzYb7BwAQoBBrtVo-X6zVagkE_P___xMEAAAAAAAAEPEUBAAAAAAAAAx9GgQAAAAAAAD0yCUEVAgwGKLl73Z5ISA!&cmcv=&pix=31589837&cb=1718118623964&uv=3406&tms=1718118623964&abt=adxsub-out_vA!adxsub-out_vB!esv_vC!moatsmpl_vA!pl157290-537_vA!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1718118620137.8!ts:1718118623964&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:24 GMT
content-length
0
server
nginx
landscapef7041a21-7629-5050-bb3d-4427dc05bbef.webp
mcd.ex.co/video/upload/w_600,so_4/v1490095101/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/w_600,so_4/v1490095101/landscapef7041a21-7629-5050-bb3d-4427dc05bbef.webp
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/394c8479-8534-4988-9fef-2cb91839b0ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7842065cd69db4d7389158150bd4b036a8e637eae938b47cf01f8db108f29d35

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:22 GMT
via
1.1 e7e7f392b3d444a9690697e824d644ec.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
age
29881
edge-cache-tag
272303959908932599284320899466460164508,292457254693976081825495367142597547843,c8ca5d8e4a43f8ef61d39b48fd5ffa31
cache-tag
272303959908932599284320899466460164508,292457254693976081825495367142597547843,c8ca5d8e4a43f8ef61d39b48fd5ffa31
x-exco-cdn
fastly
x-cache
Miss from cloudfront, MISS, HIT
content-disposition
inline; filename="landscapef7041a21-7629-5050-bb3d-4427dc05bbef.webp"
content-length
16770
x-served-by
cache-fra-eddf8230090-FRA, cache-fra-etou8220065-FRA
last-modified
Tue, 11 Jun 2024 03:13:00 GMT
server
cloudinary
surrogate-reporting
width=600,height=338,bytes=16770,owidth=1280,oheight=720,obytes=54005,ef=(18,63)
x-timer
S1718118623.843616,VS0,VE1
etag
"e86d6d6b8c2adeaca397d3626b787fbc"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
landscapef7041a21-7629-5050-bb3d-4427dc05bbef.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1718075574/ 		64 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1718075574/landscapef7041a21-7629-5050-bb3d-4427dc05bbef.ts
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.197.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5030fa331fbf77ce9335407a6321ac4d709f98735e632356f3d32e22e91fefcc
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Range
bytes=242708-308507
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:24 GMT
via
1.1 9eea50524ba9fbd8bbcad3e7048d3dac.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
42879
edge-cache-tag
272303959908932599284320899466460164508,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
cache-tag
272303959908932599284320899466460164508,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
x-exco-cdn
fastly
x-cache
Miss from cloudfront, MISS, HIT
Content-Range
bytes 242708-308507/308508
Content-Length
65800
x-served-by
cache-fra-eddf8230052-FRA, cache-fra-etou8220121-FRA
last-modified
Tue, 11 Jun 2024 03:12:59 GMT
server
cloudinary
surrogate-reporting
width=640,height=360,abps=30851,fps=25.0,du=10.0,vc="h264",bytes=308508,owidth=1280,oheight=720,oabps=70192,ofps=25.0,odu=10.0,ovc="h264",obytes=701916,oformat="mp4",abr="c",ef=(18,41,61,99)
x-timer
S1718118624.085156,VS0,VE3
etag
"391e9cfc60403f75b187fc820779bc45"
content-type
video/mp2t
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
favicon-32x32.png
www.ambito.com/css-custom/239/v3/favicons/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ambito.com/css-custom/239/v3/favicons/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2577dfd27f88eab2fb99ee9b49b1d1106a2e7f4b468b52468f9fdbd8c0692e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:24 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
HIT
age
7769837
x-vc-age
4743127
x-td-host
california-varnish-cache-node,
x-vc-ttl
33033032.000
x-td-cacheable
YES
alt-svc
h3=":443"; ma=86400
content-length
1677
x-vc
137557102 29360255
last-modified
Tue, 16 Jan 2024 04:06:11 GMT
x-vc-cache
hit cacheable
server
cloudflare
etag
"65a600b3-68d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-vc-d-date
Tue, 16 Jan 2024 19:55:27 GMT
cache-control
max-age=33033033
x-td-control
CC:; CCT:; TOUCH:
accept-ranges
bytes
cf-ray
892287188e7a9295-FRA
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=140560&vwd=400&vht=225&gdpr=0&gdpr_consent=&
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=140560&vwd=400&vht=225&gdpr=0&gdpr_consent=&
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl
0
0
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=912739&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b47353b1d318e48f3b0ce13f3db793b3ab869153759f3a74e22ef597f4bf7d59

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://portalbeneficios.click
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
639
expires
Tue, 11 Jun 2024 15:10:24 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
f9966fdde3fd2ee6857cfc0bc2195f6e4a2ae9548b195fc546da6b8c8532a854

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118624079060-588
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.70.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-70-98.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
9083
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=&playerSize=400x225&loc=https%3A%2F%2Fportalbeneficios.click%2F
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118624331084-563
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=492874&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2...
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=492874&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.70.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-70-98.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
7305
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2965016&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.70.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-70-98.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
1171
rtb
a.vidoomy.com/api/rtbserver/ 		0
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=161494&w=400&h=225&skip=1&req_type=1&ip=81.95.5.36&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=53383&sid=23786&sname=portalbeneficios.click_23786&d=portalbeneficios.click&sp=https%3A%2F%2Fportalbeneficios.click%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://portalbeneficios.click
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
33730154
ads.stickyadstv.com/vast/vpaid-adapter/ 		833 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33730154?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
278fabaa393e19b8296ea1a347379ffac0fabe3964874684656142d0f29f6d3b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118624376096-506
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=201577&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c4bc7c6aa4a2a775ecf645d36a00504518c2bf45b3467f692c762b3be1802cea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://portalbeneficios.click
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
640
expires
Tue, 11 Jun 2024 15:10:24 GMT
33787225
ads.stickyadstv.com/vast/vpaid-adapter/ 		833 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/33787225?_fw_gdpr=0&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
6273c82b04262da0c7e55157a83ffd19927d67a565b47c33dea1865ff11e2b7d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118624492012-526
rtb
a.vidoomy.com/api/rtbserver/ 		0
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=780395&w=400&h=225&skip=1&req_type=1&ip=81.95.5.36&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=53383&sid=23786&sname=portalbeneficios.click_23786&d=portalbeneficios.click&sp=https%3A%2F%2Fportalbeneficios.click%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://portalbeneficios.click
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=668291&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2...
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=559614560&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=668291&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl
0
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.54.250.80 Saint-Denis, France, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118624513004-403
collect
u.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://portalbeneficios.click
Date
Tue, 11 Jun 2024 15:10:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
events
e.channelexco.com/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/p/4.49.1-20eb487/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
rtb
a.vidoomy.com/api/rtbserver/ 		0
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=161494&w=400&h=225&skip=1&req_type=1&ip=81.95.5.36&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=53383&sid=23786&sname=portalbeneficios.click_23786&d=portalbeneficios.click&sp=https%3A%2F%2Fportalbeneficios.click%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://portalbeneficios.click
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
rtb
a.vidoomy.com/api/rtbserver/ 		0
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=161494&w=400&h=225&skip=1&req_type=1&ip=81.95.5.36&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=53383&sid=23786&sname=portalbeneficios.click_23786&d=portalbeneficios.click&sp=https%3A%2F%2Fportalbeneficios.click%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:24 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://portalbeneficios.click
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
bulk
trc.taboola.com/grupoambito-ambito/log/3/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/grupoambito-ambito/log/3/bulk?tvi50=17468&route=AM%3AAM%3AV&lti=deflated&bulkSize=8
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Tue, 11 Jun 2024 15:10:24 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7356
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220085-FRA
pragma
no-cache
server
nginx
x-timer
S1718118625.577258,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
av
vidoomy-d.openx.net/v/1.0/ 		48 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=492874&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=&
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://portalbeneficios.click
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
vidoomy-d.openx.net/v/1.0/ 		48 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=668291&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://portalbeneficios.click
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
av
vidoomy-d.openx.net/v/1.0/ 		48 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=140560&vwd=400&vht=225&gdpr=0&gdpr_consent=&
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://portalbeneficios.click
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 11 Jun 2024 15:10:24 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
19635
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1718118625.685335,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
19
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
7730
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 0C87 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=912739&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:25 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame CE8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=912739&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=90391
content-encoding
gzip
content-length
14331
content-type
text/html
date
Tue, 11 Jun 2024 15:10:25 GMT
expires
Wed, 12 Jun 2024 16:16:56 GMT
last-modified
Wed, 05 Jun 2024 06:37:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0C87 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=912739&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
351e903753c5f1256e3afdd5b3d66a1091e65507f1ee879737c81bdb4f2d2b9e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:25 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2024 06:37:25 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90391
accept-ranges
bytes
content-length
14331
expires
Wed, 12 Jun 2024 16:16:56 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240604-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jun 2024 15:10:25 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
1730
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220085-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1718118625.368217,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
15
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
7013
/
pips.taboola.com/ 		4 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-etou8220128-FRA
date
Tue, 11 Jun 2024 15:10:25 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=bd67637f-915e-42ec-a7e6-d34acee64c04-tuctd61ee5e&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTI1LjAuNjQyMi4xNDE=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTI1&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTI1&mbl=ZmFsc2U=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 11 Jun 2024 15:10:25 GMT
cache-control
no-store
server
nginx
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 0C87 		27 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=1718118625097&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1&us_privacy=&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fportalbeneficios.click%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fportalbeneficios.click%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-6-11%2017:10:25&ranreq=0.06819900382001864&timezone=2&sua_arch=x86&sua_bit=64&sua_br=[{%22brand%22:%22Google%20Chrome%22,%22version%22:[%22125%22,%220%22,%226422%22,%22141%22]},{%22brand%22:%22Chromium%22,%22version%22:[%22125%22,%220%22,%226422%22,%22141%22]},{%22brand%22:%22Not.A/Brand%22,%22version%22:[%2224%22,%220%22,%220%22,%220%22]}]&sua_mob=0&sua_pf_br=Win32&sua_pf_vr=10,0,0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=912739&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:25 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://portalbeneficios.click
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 0C87 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1718118626&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
st.pubmatic.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1718118624&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=912739&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e3355e4e47216214ccf0e04754c360c84d00b06f02002c01f43447c3b1dccff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:26 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://portalbeneficios.click
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
639
expires
Tue, 11 Jun 2024 15:10:26 GMT
collect
u.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://portalbeneficios.click
Date
Tue, 11 Jun 2024 15:10:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 5CDD 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=201577&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:26 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 05:15:25 GMT
server
Apache
etag
"27bcd-5f762218e8e3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38303
showad.js
ads.pubmatic.com/AdServer/js/ Frame BE2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=201577&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=90391
content-encoding
gzip
content-length
14331
content-type
text/html
date
Tue, 11 Jun 2024 15:10:25 GMT
expires
Wed, 12 Jun 2024 16:16:56 GMT
last-modified
Wed, 05 Jun 2024 06:37:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5CDD 		39 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=201577&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
351e903753c5f1256e3afdd5b3d66a1091e65507f1ee879737c81bdb4f2d2b9e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:25 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2024 06:37:25 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=90391
accept-ranges
bytes
content-length
14331
expires
Wed, 12 Jun 2024 16:16:56 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-R2YG5ZTEZ7&gtm=45je4650v873938664za200&_p=1718118621484&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1112003937.1718118622&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1718118622&sct=1&seg=1&dl=https%3A%2F%2Fportalbeneficios.click%2F&dt=Banco%20Ciudad%20subasta%20autos%2C%20motos%20y%20joyas%3A%20%C2%BFc%C3%B3mo%20acceder%3F&en=page_view&_ee=1&_et=2&tfd=7030&_z=fetch
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portalbeneficios.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 5CDD 		27 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=1718118626934&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1&us_privacy=&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fportalbeneficios.click%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fportalbeneficios.click%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2024-6-11%2017:10:27&ranreq=0.7614592757570364&timezone=2&sua_arch=x86&sua_bit=64&sua_br=[{%22brand%22:%22Google%20Chrome%22,%22version%22:[%22125%22,%220%22,%226422%22,%22141%22]},{%22brand%22:%22Chromium%22,%22version%22:[%22125%22,%220%22,%226422%22,%22141%22]},{%22brand%22:%22Not.A/Brand%22,%22version%22:[%2224%22,%220%22,%220%22,%220%22]}]&sua_mob=0&sua_pf_br=Win32&sua_pf_vr=10,0,0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=201577&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 15:10:27 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://portalbeneficios.click
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 5CDD 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=5285205&ts=1718118628&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by
Host: portalbeneficios.click
URL: https://portalbeneficios.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
st.pubmatic.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=5285205&ts=1718118624&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 11 Jun 2024 15:10:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=5285205&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fportalbeneficios.click%2F&cb=201577&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&plcmt=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1a62108e180a937f22781461aacaf78e79786428a6615d123b065f26ef4d2b2a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:27 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://portalbeneficios.click
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
640
expires
Tue, 11 Jun 2024 15:10:27 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 7630 		452 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8800:19:c363:bec0:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
02a1fa23cef6bb651ed91745728d846a6f7d0d019c83839db6974bfb698cacc2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 07:31:40 GMT
content-encoding
br
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache-status
MISS
x-cache
Hit from cloudfront
last-modified
Tue, 28 May 2024 07:25:24 GMT
server
CloudFront
etag
W/"665586e4-70e53"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
x-amz-cf-id
r5yAmOiqU0iTst5e2f2VfntoIZATkaDQgsAJuYPw4HoZnFGEJwodMg==
expires
Wed, 12 Jun 2024 07:31:40 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 7630 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1718118628709
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8800:19:c363:bec0:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 15:57:12 GMT
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
content-length
25600
last-modified
Tue, 28 May 2024 07:25:24 GMT
server
CloudFront
etag
"665586e4-6400"
content-type
application/octet-stream
access-control-allow-origin
https://portalbeneficios.click
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
SB2DLyQi9r2lUBFyzCpsHVu-jaEbvPk4akIQgR9FE_C6zdaVrei0mA==
expires
Tue, 11 Jun 2024 15:57:12 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=null&gpp_sid=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=60b97b8ca548c68686e0e92ee627382&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml147b_7380972077803659419&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Protocol
H2
Server
15.197.193.217 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 11 Jun 2024 15:10:29 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:29 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1718118629002043-426
/
ads.stickyadstv.com/additional-scripts/ Frame 7630 		299 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fportalbeneficios.click%2F&gpp_string=null&gpp_sid=null
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
5712f37730c67b2e68e6c31d91cff957178336d99aff208ada0422bdbe81be2e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/xml, text/xml
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:28 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118628726036-592
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 7630 		67 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&_fw_gdpr_consent=&vav=56f710d902f597c1f8fa309cc309ff0d&vaviv=396df2ee187306b6fd0f4f1180ef6356&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.10.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fportalbeneficios.click%2F&locDebug=LOC-ERRJS001%20-%20top%20window%20location%3A%20https%3A%2F%2Fportalbeneficios.click%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.54.250.80 Saint-Denis, France, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/xml, text/xml
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:28 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118628767008-399
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjBiOTdiOGNhNTQ4YzY4Njg2ZTBlOTJlZTYyNzM4Mg==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjBiOTdiOGNhNTQ4YzY4Njg2ZTBlOTJlZTYyNzM4Mg==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 15:10:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:28 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NjBiOTdiOGNhNTQ4YzY4Njg2ZTBlOTJlZTYyNzM4Mg==&gdpr=&gdpr_consent=&_fw_gdpr=&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1718118628763056-539
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=60b97b8ca548c68686e0e92ee627382&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=60b97b8ca548c68686e0e92ee627382&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://portalbeneficios.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H0EAJA1Q2MW32F9W17MX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:28 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=60b97b8ca548c68686e0e92ee627382&ex=freewheel.tv&gdpr=&gdpr_consent=&userId=&_fw_gdpr=&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1718118628762058-425
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ 		832 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.54.250.80 Saint-Denis, France, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
34a51c9349496a4c0dcee8fe520fcf7b2423ec9ff0585589518f7f5f13f43edc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:28 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118628847082-361
rtb
a.vidoomy.com/api/rtbserver/ 		0
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/rtb?id=161494&w=400&h=225&skip=1&req_type=1&ip=81.95.5.36&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=53383&sid=23786&sname=portalbeneficios.click_23786&d=portalbeneficios.click&sp=https%3A%2F%2Fportalbeneficios.click%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb1.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 11 Jun 2024 15:10:29 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://portalbeneficios.click
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
rtb
a.vidoomy.com/api/rtbserver/ 		0
0
e
ad.vidoomy.com/api/adserver/tracking/ 		0
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=&playerSize=400x225&loc=https%3A%2F%2Fportalbeneficios.click%2F
Requested by
Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.54.250.80 Saint-Denis, France, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://portalbeneficios.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 11 Jun 2024 15:10:29 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://portalbeneficios.click
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1718118629144037-428
rtb
a.vidoomy.com/api/rtbserver/ 		0
0
e
ad.vidoomy.com/api/adserver/tracking/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49cG9ydGFsYmVuZWZpY2lvcy5jbGljayZ1PTM5OTQ2YWVkLTQ5YmYtNDYzNS04NGViLTU2ZjA4NGE3NjQ0ZCZ6b25lSWQ9MjM3ODYmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9ZGVmYXVsdExvb3BWYWx1ZSZwdmVyc2lvbj0zLjE1LjQmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE4MTE4NjIzNzM1JmNvdW50cnk9REUmc2RrPSZjaXR5PTI5MDU4ODEmcmVnaW9uPTI5NTE4MzkmdGltZUVsYXBzZWQ9JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGcG9ydGFsYmVuZWZpY2lvcy5jbGljayUyRg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.215 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
w3.vdmy.dtic.es
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-transfer-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://portalbeneficios.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-transfer-encoding,content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
https://portalbeneficios.click
Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Content-Length
0
Date
Tue, 11 Jun 2024 15:10:29 GMT
Server
nginx
collect
u.clarity.ms/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl
Domain
a.vidoomy.com
URL
https://a.vidoomy.com/api/rtbserver/rtb?id=161494&w=400&h=225&skip=1&req_type=1&ip=81.95.5.36&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=53383&sid=23786&sname=portalbeneficios.click_23786&d=portalbeneficios.click&sp=https%3A%2F%2Fportalbeneficios.click%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Domain
ad.vidoomy.com
URL
https://ad.vidoomy.com/api/adserver/tracking/e?data=ZXZlbnQ9QWRUYWdSZXF1ZXN0JmZvcm1hdD0xJmlkPSZkb21haW49cG9ydGFsYmVuZWZpY2lvcy5jbGljayZ1PTM5OTQ2YWVkLTQ5YmYtNDYzNS04NGViLTU2ZjA4NGE3NjQ0ZCZ6b25lSWQ9MjM3ODYmZXhlY3V0aW9uPSZkdXJhdGlvbj0mcmVxdWVzdFN0YXR1cz0mcmVxdWVzdFNpemU9JmNTdHJpbmdTdGF0dXM9bm90LWZvdW5kJnZpZXdhYmlsaXR5TWV0aG9kPUlOVEVSU0VDVElPTk9CU0VSVkVSJnI9Jmxvb3A9ZGVmYXVsdExvb3BWYWx1ZSZwdmVyc2lvbj0zLjE1LjQmZGF0YVNvdXJjZT1hZGdldCZ0cz0xNzE4MTE4NjIzNzM1JmNvdW50cnk9REUmc2RrPSZjaXR5PTI5MDU4ODEmcmVnaW9uPTI5NTE4MzkmdGltZUVsYXBzZWQ9JnRpbWVzQ2FsbGVkPSZwYWdlVXJsPWh0dHBzJTNBJTJGJTJGcG9ydGFsYmVuZWZpY2lvcy5jbGljayUyRg==
Domain
a.vidoomy.com
URL
https://a.vidoomy.com/api/rtbserver/rtb?id=780395&w=400&h=225&skip=1&req_type=1&ip=81.95.5.36&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&l=de-DE&dt=2&c=DE&pid=53383&sid=23786&sname=portalbeneficios.click_23786&d=portalbeneficios.click&sp=https%3A%2F%2Fportalbeneficios.click%2F&coppa=&gdpr=0&gdprcs=&vpaid=1
Domain
u.clarity.ms
URL
https://u.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer string| userEmailCookie string| udata function| fbq function| _fbq object| teads_analytics object| marfeel number| _rl_cn string| _rl_ptc object| _rl_ids object| _rely object| _taboola function| clarity number| organization_id string| application_id string| objectType object| TdOneSingalSetup object| arrCMSRegions function| lazyLoadObserverResetScripts function| addScriptToBody function| lazyLoadObserver object| oLocalScript function| promptNotifications function| clickEventListener function| OneSignalDeferred object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| vastPreRoll object| videoMetrixJSON object| _comscore function| loadTdDefererJs object| defererList object| replacement function| raf undefined| time object| adzone object| googletag object| ns_ function| a0_0x5142 function| a0_0x5b32 object| __cfBeacon object| ggeac object| google_js_reporting_queue object| google_tag_manager object| s function| _typeof object| TRC object| _tblConsole string| pm_pgtp undefined| msg function| guid function| getCookie function| createCookie function| getDefaultUrl function| getObjectId function| tracker_event function| getUserRelatedContent function| getSession function| getUniqueUserId object| STREAM_CONFIGS string| STREAM_ID object| __EXCO string| __EXCO_INTEGRATION_TYPE object| wpJsonpExCoStreamSdk function| setImmediate function| clearImmediate object| regeneratorRuntime object| IntersectionObserverEntryDaC function| onYouTubeIframeAPIReady object| webpackChunk_marfeel_marfeel_sdk object| tp function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __mrfCompass number| __oneSignalSdkLoadCount function| OneSignal function| __jp0 object| COMSCORE object| ns_p undefined| google_measure_js_timing object| google_reactive_ads_global_state function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter string| pbPageIdentifier object| elasticApm object| vidoomy function| $ function| jQuery function| jq function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| bg object| image object| wpJsonpExCoAdPlayer object| CEDATO_API function| TDUserClass object| TDUser object| bootstrap string| nam object| placementData object| cmTag function| validateUser function| Hls object| _cm_wfCounters object| tbopt

50 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: 10VytFipPYR1h_yIQRpPwaS_Tz0iN5Z6zmfi0eMkF1c-1718118621-1.0.1.1-zcZ3xz2R7x5sWbG1lHQ30S9G6rvwBYU2jMgLm_IccRBoucg9I_84OYOW0Fj5sRHB8A1XH2AFjP_g2rjKJxOKOA
.portalbeneficios.click/ Name: _gid
Value: GA1.2.453419362.1718118622
.portalbeneficios.click/ Name: _gat_tdGA
Value: 1
.portalbeneficios.click/ Name: _gat
Value: 1
.portalbeneficios.click/ Name: _ga_7S8VLCSZ03
Value: GS1.1.1718118622.1.0.1718118622.0.0.0
.portalbeneficios.click/ Name: _ga
Value: GA1.1.1112003937.1718118622
.sitescout.com/ Name: ssi
Value: bc70e604-a849-4734-a04a-1dfe1b8c6852#1718118622103
.ads.stickyadstv.com/ Name: UID
Value: 60b97b8ca548c68686e0e92ee627382
.portalbeneficios.click/ Name: _ga_R2YG5ZTEZ7
Value: GS1.1.1718118622.1.1.1718118622.60.0.0
.portalbeneficios.click/ Name: ___nrbic
Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1718118622%2C%22currentVisitStarted%22%3A1718118622%2C%22sessionId%22%3A%226fa6870a-f051-479b-a1ef-18a0f01ce4ed%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//portalbeneficios.click/%22%2C%22referrer%22%3A%22%22%7D
.portalbeneficios.click/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1718118622%2C%22userId%22%3A%220e54685f-ddd3-421a-9f50-1b8f970c06bc%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1718118622%2C%22timesVisited%22%3A1%7D
.portalbeneficios.click/ Name: compass_uid
Value: 0e54685f-ddd3-421a-9f50-1b8f970c06bc
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTcxODExODYyMjI0MywiNyI6MTcxODExODYyMjI0M30
www.clarity.ms/ Name: CLID
Value: 43ea52d244984e1fb2c1e1f3c280e747.20240611.20250611
.portalbeneficios.click/ Name: _fbp
Value: fb.1.1718118622652.568994478909571517
.tapad.com/ Name: TapAd_TS
Value: 1718118622660
.tapad.com/ Name: TapAd_DID
Value: b2b4d82a-2cab-4722-bfea-efcaa1ead579
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
portalbeneficios.click/ Name: exco-uid
Value: x43q3kf5qci0hjm9
.portalbeneficios.click/ Name: _clck
Value: 9ckxuk%7C2%7Cfmj%7C0%7C1623
portalbeneficios.click/ Name: TDEmailHash
Value: empty
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJiYzcwZTYwNC1hODQ5LTQ3MzQtYTA0YS0xZGZlMWI4YzY4NTItNjY2ODY4ZGUtNTU1MyIsImV4cGlyZXMiOjE3MjA3MTA2MjN9LCJGVyI6eyJ1aWQiOiI2MGI5N2I4Y2E1NDhjNjg2ODZlMGU5MmVlNjI3MzgyIiwiZXhwaXJlcyI6MTcyMDcxMDYyM319fQ==
.ex.co/ Name: exco-uid
Value: 2e3631372e313439
.portalbeneficios.click/ Name: _clsk
Value: 1mn07r%7C1718118623608%7C1%7C1%7Cu.clarity.ms%2Fcollect
portalbeneficios.click/ Name: idCMSPortal
Value: 239
.smartadserver.com/ Name: pid
Value: 6925265441160752788
.openx.net/ Name: i
Value: aeca1778-243c-0d23-0fcb-0ec91d56bd63|1718118624
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1718118624|gu
.rubiconproject.com/ Name: khaos
Value: LXAJGV7H-O-KYSR
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpyiGYBfuDZiQrDf4jKkIRTBYD/ktLUtU+jiFKMy2T2iYTQqPoKgoSD9kKCcNuHRCm0Ft2LEbMCvik5KOc6754O6OXUvYKIZjMijy0RC4Zd8RuybVyVU0yt
.bing.com/ Name: MUID
Value: 01484B3AA393677B292F5FA1A23F66A9
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 01484B3AA393677B292F5FA1A23F66A9
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 01484B3AA393677B292F5FA1A23F66A9
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7535262192154023489
.smartadserver.com/ Name: csync
Value: 22:7535262192154023489
.casalemedia.com/ Name: CMID
Value: Zmho4bmqPa8AAASzAL7mkgAA
.casalemedia.com/ Name: CMPS
Value: 3274
.casalemedia.com/ Name: CMPRO
Value: 3274
.csync.loopme.me/ Name: viewer_token
Value: c81d0d1f-98c6-4f6e-9830-d184f0ca70e9
.amazon-adsystem.com/ Name: ad-id
Value: A4X6QvRTjUNmjTiDF3ozl7w
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ex.co/ Name: exco-uids
Value: {"freewheel":{"UID":"60b97b8ca548c68686e0e92ee627382","Expire":"2024-06-18T15:10:26.646381193Z"},"ix":{"UID":"Zmho4bmqPa8AAASzAL7mkgAA\u00263274","Expire":"2024-06-18T15:10:25.266282323Z"},"openx":{"UID":"3dc0f750-e281-0b70-26d9-00cb9140cd09","Expire":"2024-06-18T15:10:26.288490785Z"},"smartadserver":{"UID":"6925265441160752788","Expire":"2024-06-18T15:10:24.323997488Z"}}
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1

202 Console Messages

Source Level URL
Text
network error URL: https://portalbeneficios.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://portalbeneficios.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://loader.unblockia.com/c/portalbeneficios.click/id.json
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://portalbeneficios.click/cdn-cgi/rum?
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://portalbeneficios.click/
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=492874&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=&') from origin 'https://portalbeneficios.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://portalbeneficios.click/
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=668291&vwd=400&vht=225&schain=1.0%2C1!vidoomy.com%2C53383%2C1%2C07779120119804316436328408443%2C%2C&gdpr=0&gdpr_consent=') from origin 'https://portalbeneficios.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://portalbeneficios.click/
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=560725301&url=https%3A%2F%2Fportalbeneficios.click%2F&cb=140560&vwd=400&vht=225&gdpr=0&gdpr_consent=&') from origin 'https://portalbeneficios.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTEwOWZiZWItNDRjYy02YzcwLTQwZmQtOWM5OGIzOTM0MGZl
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://portalbeneficios.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
1f2e7.v.fwmrm.net
a.teads.tv
a.vidoomy.com
ad.vidoomy.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.retargetly.com
at.teads.tv
c.bing.com
c.clarity.ms
cdn.ex.co
cdn.onesignal.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.thinkindot.com
cdn.unblockia.com
cds.taboola.com
cm.g.doubleclick.net
collector-1.ex.co
connect.facebook.net
e.channelexco.com
events.newsroom.bi
gum.criteo.com
imprammp.taboola.com
loader.unblockia.com
match.adsrvr.org
mcd.ex.co
media.ambito.com
onesignal.com
optimized-by.rubiconproject.com
p.channelexco.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
player.ex.co
pm-widget.taboola.com
portalbeneficios.click
region1.analytics.google.com
region1.google-analytics.com
s-01.channelexco.com
s-adzone.com
s.amazon-adsystem.com
s1.adzonestatic.com
sb.scorecardresearch.com
sdk.mrf.io
securepubads.g.doubleclick.net
st.pubmatic.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tracker.thinkindot.com
trc.taboola.com
u.clarity.ms
usuarios.ambito.com
vid.pubmatic.com
vidoomy-d.openx.net
vidstat.taboola.com
vpaid.pubmatic.com
vpaid.vidoomy.com
www.ambito.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
a.vidoomy.com
ad.vidoomy.com
cm.g.doubleclick.net
u.clarity.ms
104.16.160.145
104.18.15.5
141.226.224.32
141.226.228.48
142.250.185.226
142.250.186.130
142.250.186.132
142.250.186.98
15.197.193.217
151.101.1.44
151.101.131.52
151.101.193.44
151.101.65.44
151.101.66.132
154.54.250.80
162.19.96.35
172.217.18.3
172.67.159.162
172.67.8.244
18.134.84.19
18.158.70.98
18.244.18.32
184.28.88.244
185.64.190.75
185.64.190.89
199.232.197.91
2001:4860:4802:32::36
207.244.71.146
212.36.83.215
212.36.83.245
23.32.185.35
23.82.15.162
2600:9000:211e:c800:12:abfb:9280:93a1
2600:9000:211e:f400:12:abfb:9280:93a1
2600:9000:223d:8800:19:c363:bec0:93a1
2606:4700::6810:4f49
2606:4700::6812:1299
2606:4700::6812:13e4
2606:4700::6812:e05
2606:4700::6812:f05
2607:ae80:4::51
2620:1ec:bdf::67
2620:1ec:c11::237
2a00:1450:4001:806::200e
2a00:1450:4001:812::2008
2a00:1450:400c:c0d::9a
2a02:2638:3::c
2a02:6ea0:c700::22
2a02:6ea0:ca3a::4
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.111.113.62
34.120.149.35
34.36.216.150
35.214.149.91
35.244.159.8
4.227.249.197
44.196.76.126
45.133.18.32
52.46.143.56
54.188.69.90
54.220.158.112
68.219.88.97
69.173.144.139
95.101.149.35
010e654c71e3357fd776ac8dbe29c2885b38fc68148d50c8a8a5f5ebf27f345f
0242e200bfa0b9df4be4e2c6ce636f9d6843ee6b4cf3381631e3b92a4be68f31
02a1fa23cef6bb651ed91745728d846a6f7d0d019c83839db6974bfb698cacc2
036360512cd8a6d5ceb883865765a31bf126ff7e11507f021f452cedb584f49f
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833
08b600df8455648023dfbccd3ccae357062aafd584c4b5c3aa24a6054874a7c8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c379e5a6ab77113e755e1f98c67ef7fad45e83195534ed23edfbca3664f0b4c
0ec14c19bec9cdd6d6863682b6a23b4e9d816546eef9a0b2d48949bbd36bac16
0fdb00c6932177b574a576368156d2f11f56a6f3ace799aa50531f637c6526fb
11f4823b7919e2bb5626a0f1f470d1679017a1b023a3773d17822ccb4e511734
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a18c48183be4d58974125c0252755f24c9d8127567fde624755afe7d21c1422
1a62108e180a937f22781461aacaf78e79786428a6615d123b065f26ef4d2b2a
1abe174fdc1733ebd595171ffc5e837778a6a21cb073490b7d424c08602a9927
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fcccde66453b638a1c4315f7eb468b6e7bb9612ea00afe93725048ac0f77f9f
235472808d33107d05468c779c96c56283b6f561b7804b83015eff8ebabbaac4
2577dfd27f88eab2fb99ee9b49b1d1106a2e7f4b468b52468f9fdbd8c0692e8a
276659c80dc8bbdf9a0224e196b8aabe1fc82ba043253da377f349eee5dcbdb3
277a2920eb2684d4205f54ba0d444a508ec4ee2f4d839a896163f6515a76fd3a
278fabaa393e19b8296ea1a347379ffac0fabe3964874684656142d0f29f6d3b
27f8cd24f85ead54cce80c41ee99a59efed6ffa63fac22fb66fca9a9daafcf7b
289c8e604981c9478b8ebdf9f643707044964efd0431c36d1f8eaa883574ea69
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2921b1187811a62b8a9fc194f7591986be57300bb5cf4d1a5c89966e38ca2041
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2dafbaaa09ec584d5a18405e8d60c34d0912c987a4eace9b7679bbf1d3f2dbb0
2e3355e4e47216214ccf0e04754c360c84d00b06f02002c01f43447c3b1dccff
2e520dd6d7e0cbd42b401db4b71b799f13c0060ef00d285ce23ddddbde789efc
2f2f5b344e54ccfdcc3355f7abb2b9e947db74411cdab7547941a09f19f4cddd
30c230975d4eff5a03d7de9132ba3e7e8bf57b9ab30941e057faa9d63363eb7e
3226fe1e77a4d987a5a69594483838a1041a2f56b946ffd4a4413ae278b5b9d5
336b818d1e24fd3353db49a4358fe03a8ec7cd8ce1e364ba947fd78f3d6b5cbb
34a51c9349496a4c0dcee8fe520fcf7b2423ec9ff0585589518f7f5f13f43edc
351e903753c5f1256e3afdd5b3d66a1091e65507f1ee879737c81bdb4f2d2b9e
38e4b5e80414907bfc785f4b1403a0c74f46ea9099cb96f6450e3da7bd9f6b7f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3af129907c63948d355137d252e6629956bfddd5fe911a12d079d11b475569b0
3dbfd192961150faaa5762d0bf7a6fc352ae6db0e0bc505b815804a026016079
3ff90b7ee8fdad8204c821cd1906ebd4f8eed9712ccf784907638b8f9b7beeb0
41b1e642052553a85b8618ab767a7408084731872f98509530fdec0f5ce79bff
4256713aa795a127c34d7b065dc0e624565692ccdef83e3cb96ad2402f0aeeec
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
46411efde7c039cbba581507a1d1ced57d0a6aad4291483ea29b2eebeee0520d
4bd27ea95d587b3842483c5822d8aaca1459d9193a013789604070e74421844c
4e328346db804706f1980535ccc0471594ff1f0f9b8d8881ace7bde7b4116ce2
5030fa331fbf77ce9335407a6321ac4d709f98735e632356f3d32e22e91fefcc
50953be41f5a613ff867cc44321337d01ebcb0c41121e048135855b4cbd43776
53a1923cf97cf48944ce7d438774a31a7196bd0fa420d08567ef02277fd8c234
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56ce62cdb7e23b564aa6f0e0084a974f1dc3c9bec5fcbf11d63b9cf5050d7e61
5712f37730c67b2e68e6c31d91cff957178336d99aff208ada0422bdbe81be2e
575bd52d5c4d8fb4e5178d7a25be594a93ad182deb44dbb1ae079144220f6c32
57c776b7a16603b5f6f4ef1727b1f9cc56c9688a571b017764b7da940f75954c
5aa0b1b54d44ee47fb611209721f9b9cd318f7366c1371928cea35092238a785
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5cb02d595757505062328ba3f97953e1571a762c77fec75668b5b82af11a2d24
5df5116c05568ffa259656329334fd14fcd78606d8a6a0bbfd8e6cbe9ad8ea3e
60471374e38cfc922a82cdb4117a27e109a1914e97bb9f98078ce1d9be4393ed
6273c82b04262da0c7e55157a83ffd19927d67a565b47c33dea1865ff11e2b7d
641ddf79d229c01501c5ca0096528f6a881a4f400494694cd91220327b5acf9f
64f289189523a38054e3214b1bef7b711fe83e1223af9c0b0ffec5134312f0d6
6558fc74bc6ee007e965b5b21f66d5d072ee0208dfbe37bd2a01d45f4ba16362
6649b654468ee308bad22bcf9eb0a83e9f912af5d373c84902b8cd63a8ce75b0
679f515c44d1a9aa8795203dc6247ce01b14b6b9cd3b6ba9da88cad6b30dbe72
68087ae70291b95d32d26ee4f8805dfd829768e85dd7b730561cfe281a8980d3
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d
72b2c8448a793e82a8d69cdb629fcda66b2dc9e2aa6656a35c6f63e5ecb01c87
74f5f23f115914d5f51cd794a4621fdf747df12358d96d2d4325a055d73611d1
7842065cd69db4d7389158150bd4b036a8e637eae938b47cf01f8db108f29d35
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7f17fbc6f5cc60175ecb8e5b9c5f80f5bac51b3bc8529c99319b0cd865934f58
8088b034452215f28b23db5f2c7122966209354d30da702b4f186d4daf4a110a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85a2f6884816dd87300f1678f0d55cb382bdabf45f4181a81a6a609b15aace43
85f175f02bf0675979c1231b4dd7f2ef09f17b0b329ddcf79d37e0b9339157a0
8637449e669fb7718f7aa4b64e461e8029bc673fe08a0b63e89267c26986cd3a
87a50fb24393024bdde09068bdf5da53d30e4d03a6c9173a59d61f85fc6e4f30
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9492cba6b410e194e36176c36a8f9f32a1a49849b3f5500c473028c9e8db0f44
950c63f60fa751017cd669c982fb139e975b18cf7b12fce382ae3ce83217b205
9757e1a5d5a10f5a3ce54859c83fc28ec20771f0cfdb93befaccc446206db06a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ccd623d8f06089da825c4e36a0aae8cd1ef68ffc0661b758801a6f7c67bd24d
9eff0334abca944eba81025b36ff6f167582143a071417ccfbc4c2cd4eaaa6c3
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a0064b31095030329871fb8c7749eb8c31893d166174a1b533ced7259ebfcd77
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a36f9f9deafe1caa7265df74d8b4cfd96f28c26c47a504a0e3cbb6133f16c76e
a4609c91c6e30d1c3fed2e60f53a227b3408b02b0f1194c044eb344b3676e61a
a4955dc7b9cad696f38fb13070f12cdccef6da966a4b572d656b655bcdd92658
a5e1e06c2f3427fe7af44fe0bd0f815377b06d9fdfe10bad97f4479efe85c0fb
a695c3769308f5af8bdf2c8582f8fffec1eb5eadf37a6e082c9c5d881061b0b2
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae2d955068f6cee3d81b3c941a7c9843096e957ede5847f19b4daadff14c1b32
afa9ab114550ee9fdd581c3fbc7805cf623159d2cbf586bb7810fcc8cbc3be4e
b206e457a3afb3c34f989018276af92d522aad5e46e445dcea675fbfe2ce042e
b2794ed49bb6c93760067f9a530e0a0f17e4941b23dcb9bee778091bd5f429f9
b3d0deaac8505292e27a61ebb0f11dd4c0613dd73e65b79bea7b9f75815a90ef
b47353b1d318e48f3b0ce13f3db793b3ab869153759f3a74e22ef597f4bf7d59
b7765ac7593e681f14425fd76491f25b19b788d26baacfd3b5f9cf294276daf3
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
b7dd280e791355b7f6e369682a827331ac63a72f9464667a5f02e77a6c5bff63
b8d73362d88d5a368f7f157fbcc983c84cba5b13e310207b88a4c0a581189445
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bf6ab75846a00293cda4064b817e06bea3274373a57f059c6e05bd98cc3e8dd6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3680ed6d0ac607636536373887c341af3d58deaaa6347e2a75ca18daafd41f7
c4bc7c6aa4a2a775ecf645d36a00504518c2bf45b3467f692c762b3be1802cea
c794f4950481a5699b82d303098ab9cb9ae5e47634e81b516711e703f5b6dc7b
c917dea1bb91502444fa3e9b7143571e752f62db48a42902ce643a59ce944bd8
cce6b7e5c575481b656773ef7e5dc0506f72dc3c0dc314cf26a2d71a80ded3d1
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d1cc8e2214a41a9230081c383912319694ad158fac9483a22ec3f6230af88826
d5987bb602d77513b1f5c3a0f44ddaac8bf4e37e40010d58a08d49d775ef1edb
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d62bd1543d9a8c144a1082c503a2e06ccbe151fafd0ee5e725049de2e74dabeb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79d1cea2a6d8a87d7e8b30576fbd4948b97b70b6110725a2da383a6450bd035
e94b4c36e6c866ec451c16c7452c5c259720ce5ac2c33439f3a61ce2876ef32c
ec84fcc76e87a61418fb86c06589df6a0316a1258b8e9e8de013bddbd14a561c
edc4aa8800cf83bdcf0fab2dd0f176cf5f37fd300dcda861bf3c0ebc92b50cd2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effafa8949e63168bd0ad6dbdc6ae7817a10b8c3fc55c8db0276e8ca4a323e51
f630ed4887414ba3efcb59aec6e70da814430713f4b13d4960720e6e9e01de50
f66036a0eda442cc13a7226cf7a8c1d4264b4da8daae5985c989c12dff353c80
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9966fdde3fd2ee6857cfc0bc2195f6e4a2ae9548b195fc546da6b8c8532a854
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
f9a8d8e4fe96532b11b0555400aaabbe871c5a25a39077996aeb6ba51c87f413
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921