terminosdemsn.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://terminosdemsn.webcindario.com/outlok/index.html
Submission: On July 11 via automatic, source links-suspicious (July 11th 2023, 4:27:59 pm UTC) — Scanned from ES

Summary HTTP 78 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 78 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is terminosdemsn.webcindario.com.
TLS certificate: Issued by R3 on June 24th 2023. Valid for: 3 months.

This is the only time terminosdemsn.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
25	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
4	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
2	2600:9000:255... 2600:9000:2551:5800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:710... 2a02:26f0:7100::687e:2520	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
78	18

25 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

terminosdemsn.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2551:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:7100::687e:2520 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

r4.res.office365.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	webcindario.com terminosdemsn.webcindario.com	775 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	375 KB
7	office365.com r4.res.office365.com — Cisco Umbrella Rank: 149	706 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 113 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670 www.google.com — Cisco Umbrella Rank: 10	97 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	42 KB
4	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1250 pixel.quantserve.com — Cisco Umbrella Rank: 1003	19 KB
3	gstatic.com fonts.gstatic.com	189 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	10 KB
3	miarroba.info hosting.miarroba.info	2 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1172	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	125 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	4 KB
1	google.es www.google.es — Cisco Umbrella Rank: 19181	408 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	608 B
78	14

	Domain	Requested by
25	terminosdemsn.webcindario.com	terminosdemsn.webcindario.com
11	pagead2.googlesyndication.com	terminosdemsn.webcindario.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	r4.res.office365.com	terminosdemsn.webcindario.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com terminosdemsn.webcindario.com
3	fonts.gstatic.com	terminosdemsn.webcindario.com fonts.googleapis.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com terminosdemsn.webcindario.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	hosting.miarroba.info	terminosdemsn.webcindario.com
2	pixel.quantserve.com	terminosdemsn.webcindario.com
2	www.google.com	terminosdemsn.webcindario.com tpc.googlesyndication.com
2	rules.quantcount.com	secure.quantserve.com
2	secure.quantserve.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.googletagmanager.com	terminosdemsn.webcindario.com
1	fonts.googleapis.com
1	www.google.es	terminosdemsn.webcindario.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
78	19

This site contains links to these domains. Also see Links.

Domain
login.live.com

Subject Issuer	Validity	Valid
*.webcindario.com R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
miarroba.info E1	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.es GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.res.outlook.com DigiCert SHA2 Secure Server CA	`2023-04-17` - `2024-04-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://terminosdemsn.webcindario.com/outlok/index.html
Frame ID: 7633D48616CE1D8538D2854A88391384
Requests: 29 HTTP requests in this frame

Frame: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Frame ID: 55A3155FBB5EB8D39D08C977ECBF92E2
Requests: 41 HTTP requests in this frame

Frame: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 30BD63B5597E0F97064AB7F0DE648E29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html
Frame ID: 52E009CF56A4C5144090205DE079C02F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3279755397&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Findex.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689092873621&bpp=10&bdt=224&idt=339&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=5448918374943&frm=23&ife=1&pv=2&ga_vid=668132179.1689092874&ga_sid=1689092874&ga_hid=487564448&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3076649985&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075645%2C31075758%2C44788441&oid=2&pvsid=1581046556235549&tmod=1545867970&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.t6277pbbsvnq&fsb=1&dtd=371
Frame ID: 10C2F85FA1AAD16AE0C60EF678257D04
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 616CA5714E636C5A9F917C7614EE8D2C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D24E86A6DB3310634ED412F2A589107
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iniciar sesión en tu cuenta Microsoft

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

78
Requests

100 %
HTTPS

94 %
IPv6

14
Domains

19
Subdomains

18
IPs

4
Countries

2345 kB
Transfer

8167 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://login.live.com/gls.srf?urlID=WinLiveTermsOfUse&mkt=ES-ES&vv=1600&uaid=faf39e24f88f423d829d739dd7b7b9e5
Title: Términos de uso

Search URL Search Domain Scan URL

URL: https://login.live.com/gls.srf?urlID=MSNPrivacyStatement&mkt=ES-ES&vv=1600&uaid=faf39e24f88f423d829d739dd7b7b9e5
Title: Privacidad y cookies

Search URL Search Domain Scan URL

URL: https://login.live.com/pp1600/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
terminosdemsn.webcindario.com/outlok/ 21 KB
6 KB 164ms
35ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 1fc1e335c2734726ba4d4939600dc75f026098413105092e2dd7d72930c8efcb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 11 Jul 2023 16:27:53 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: Webcindario Hosting Service

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 235ms
108ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6267a440e2295893b68fcd63fa01c70cf3b14ff79def0b8bebe1de75eee8ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terminosdemsn.webcindario.com/
Origin: https://terminosdemsn.webcindario.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50450
x-xss-protection: 0
server: cafe
etag: 13643763804741040811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 16:27:53 GMT

GET
H2 200 Converged_v23082_5plpI1P0_uKjrokWdqCoBw2.css
terminosdemsn.webcindario.com/outlok/folder/ 133 KB
21 KB 40ms
40ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/Converged_v23082_5plpI1P0_uKjrokWdqCoBw2.css
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 6f68ced1c168a2c41fad8ea9e5ab75bef95867feade3002909428b61593f75d5

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:31 GMT
server: nginx
etag: W/"64a8729f-2123a"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jque.js Show response
terminosdemsn.webcindario.com/outlok/folder/ 3 KB
1 KB 41ms
40ms Script
application/javascript 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/jque.js
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: edcc8ea5246fe3ec2d2f83cc26196ae49ab1f8c916aaf7a29eba6e6df33fbdbd

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:27 GMT
server: nginx
etag: W/"64a8729b-bb3"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
terminosdemsn.webcindario.com/outlok/folder/ 4 KB
4 KB 105ms
103ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
last-modified: Fri, 07 Jul 2023 20:16:26 GMT
server: nginx
etag: "64a8729a-e43"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3651

GET
H2 200 arrow_left.svg
terminosdemsn.webcindario.com/outlok/folder/ 513 B
668 B 105ms
104ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/arrow_left.svg
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
last-modified: Fri, 07 Jul 2023 20:16:29 GMT
server: nginx
etag: "64a8729d-201"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 513

GET
H2 200 documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
terminosdemsn.webcindario.com/outlok/folder/ 2 KB
2 KB 106ms
105ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
last-modified: Fri, 07 Jul 2023 20:16:29 GMT
server: nginx
etag: "64a8729d-613"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1555

GET
H2 200 ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
terminosdemsn.webcindario.com/outlok/folder/ 900 B
1 KB 106ms
105ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/ellipsis_635a63d500a92a0b8497cdc58d0f66b1.svg
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 61d7ccc5d2c41bf86be6cefb0063405067849ba64e9f219f60596ef09a54a942

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
last-modified: Fri, 07 Jul 2023 20:16:28 GMT
server: nginx
etag: "64a8729c-384"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 900

GET
H2 200 ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
terminosdemsn.webcindario.com/outlok/folder/ 915 B
1 KB 106ms
105ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
last-modified: Fri, 07 Jul 2023 20:16:28 GMT
server: nginx
etag: "64a8729c-393"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 915

GET
H2 200 / Show response
hosting.miarroba.info/ 1 KB
1 KB 154ms
63ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=97e540277afeea00866e85d389d9ba2410960bd8&h=2130213&t=1689092873&k=40ceeae9ebbf7152e790d9af0d99b691
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab09647d7ac2bad6c3e1b6821b9ee2ad83e06a0794f076a670202d9e9726848d

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 11 Jul 2023 16:27:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAAsALNPZVhOmpjTTTbnEuTDrEQdtyTtj60wpQwP6YmJek7U28Jd6gBbHCRR3tOiRkQS8h8jdM2KUiA77irYoLzzokgDzuUxYr0Mu0VNL9HFPjLh4OZ8sEAMISLN5C1KIlKzLAdTMU1M0nnysnZbLDPFrKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache
cf-ray: 7e526a9a9ec1367c-MAD
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
63 KB 209ms
76ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbeab615a455e0a1ec65067ad8ac6c4b9da0759457804d3b1e5c9c7eb9f880e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63835
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jul 2023 16:27:53 GMT

GET
H2 200 prefetch.html Show response
terminosdemsn.webcindario.com/outlok/folder/ Frame 55A3 5 KB
2 KB 104ms
104ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 8934ddcfafe1779444fc1bf09367646b0a79b69c730b32f39f79b7b57b05aeb7

Request headers

Referer: https://terminosdemsn.webcindario.com/outlok/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 11 Jul 2023 16:27:53 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: Webcindario Hosting Service

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
terminosdemsn.webcindario.com/outlok/images/backgrounds/ 2 KB
2 KB 103ms
103ms Image
image/svg+xml 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terminosdemsn.webcindario.com/outlok/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
last-modified: Fri, 07 Jul 2023 21:22:36 GMT
server: nginx
etag: "64a8821c-748"
x-powered-by: Webcindario Hosting Service
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1864

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 55A3 139 KB
48 KB 115ms
112ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a2b67c120174c3665aede21447278d171cffd0658db8d26124582111ecbbd78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terminosdemsn.webcindario.com/
Origin: https://terminosdemsn.webcindario.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48706
x-xss-protection: 0
server: cafe
etag: 9480206676271769377
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 16:27:53 GMT

GET
H2 200 boot.worldwide.0.mouse.js.descarga
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 2 KB
1 KB 57ms
53ms Stylesheet
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.0.mouse.js.descarga
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: c73f959180f50e1a7c6926a44826db653698356803219cb2c3c03b82d0301621

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 boot.worldwide.1.mouse.js.descarga
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 2 KB
1 KB 58ms
54ms Stylesheet
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.1.mouse.js.descarga
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: c73f959180f50e1a7c6926a44826db653698356803219cb2c3c03b82d0301621

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 boot.worldwide.2.mouse.js.descarga
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 2 KB
1 KB 59ms
55ms Stylesheet
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.2.mouse.js.descarga
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: c73f959180f50e1a7c6926a44826db653698356803219cb2c3c03b82d0301621

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 boot.worldwide.3.mouse.js.descarga
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 2 KB
1 KB 59ms
55ms Stylesheet
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.3.mouse.js.descarga
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: c73f959180f50e1a7c6926a44826db653698356803219cb2c3c03b82d0301621

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 sprite1.mouse.png
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 16 KB
16 KB 59ms
55ms Stylesheet
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/sprite1.mouse.png
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
last-modified: Fri, 07 Jul 2023 20:16:40 GMT
server: nginx
etag: "64a872a8-4118"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 16664

GET
H2 200 sprite1.mouse.css
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 7 KB
1 KB 60ms
56ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/sprite1.mouse.css
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:40 GMT
server: nginx
etag: W/"64a872a8-1db4"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/css

GET
H2 200 boot.worldwide.mouse_002.css
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 1 KB
796 B 60ms
56ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.mouse_002.css
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 2b7ea8dd60889f75129a486330728ccbdbbf6f85b923d7805534cdaffa1beaa8

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:42 GMT
server: nginx
etag: W/"64a872aa-49e"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/css

GET
H2 200 boot.worldwide.0.mouse.js
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 648 KB
176 KB 60ms
56ms Stylesheet
application/javascript 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.0.mouse.js
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 6fc2e7366f3ab00bfeec94bfd0158d246f927d6f2ef7e96d2c42feae6ae947be

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:52 GMT
server: nginx
etag: W/"64a872b4-a1f90"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 boot.worldwide.1.mouse.js
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 644 KB
160 KB 60ms
57ms Stylesheet
application/javascript 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.1.mouse.js
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: d51dc655ea79ce747e767e064deda0f5aa1e119ce717ce461b698973d0d1c6e3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:50 GMT
server: nginx
etag: W/"64a872b2-a11ec"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 boot.worldwide.2.mouse.js
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 647 KB
166 KB 61ms
57ms Stylesheet
application/javascript 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.2.mouse.js
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: adea4054726651f0910d2a801ba3d840e8350d8baa17aa5956df5e142192413e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:48 GMT
server: nginx
etag: W/"64a872b0-a1bbe"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 boot.worldwide.3.mouse.js
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 645 KB
143 KB 61ms
57ms Stylesheet
application/javascript 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.3.mouse.js
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 59f01cb90458c7ba8df2b6919113cbda127905c6400836f1d53beea78c8eed14

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:46 GMT
server: nginx
etag: W/"64a872ae-a14e4"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 sprite1.mouse_002.png
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 16 KB
16 KB 61ms
58ms Stylesheet
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/sprite1.mouse_002.png
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
last-modified: Fri, 07 Jul 2023 20:16:39 GMT
server: nginx
etag: "64a872a7-4118"
x-powered-by: Webcindario Hosting Service
content-type: image/png
accept-ranges: bytes
content-length: 16664

GET
H2 200 sprite1.mouse_002.css
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 7 KB
1 KB 61ms
58ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/sprite1.mouse_002.css
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:39 GMT
server: nginx
etag: W/"64a872a7-1db4"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/css

GET
H2 200 boot.worldwide.mouse.css
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 227 KB
43 KB 61ms
59ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/boot.worldwide.mouse.css
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 8dfade63d9153799d2f8a254edcff8718388ea8d65b5a0daf340fe0fb302270e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:44 GMT
server: nginx
etag: W/"64a872ac-38bca"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/css

GET
H2 200 franzlab-antipishing.js Show response
terminosdemsn.webcindario.com/outlok/folder/prefetch_files/ Frame 55A3 14 KB
5 KB 62ms
59ms Script
application/javascript 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch_files/franzlab-antipishing.js
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 7aaa948933aa3b2b601742abf4fa05dfc5382bd30f0fbbb165d73e2e8e180b57

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 20:16:42 GMT
server: nginx
etag: W/"64a872aa-36b5"
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 / Show response
hosting.miarroba.info/ Frame 55A3 0
298 B 55ms
52ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=97e540277afeea00866e85d389d9ba2410960bd8&h=2130213&t=1689092873&k=40ceeae9ebbf7152e790d9af0d99b691
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 11 Jul 2023 16:27:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhbtjdRA4uE0rrlC6kIEVafNK72cvteL2zt1Da%2B31%2F3XqV3Ttc5txcCUcW%2B8q%2FYaFdeGMO09XZPLUVs6D4%2FHGK3T13XxgA2TQpGg2qE%2BvX30qiiRHt7bzQzR%2BxqQzEL%2Fg8QqEKzfu8s4ccc6NaUySMlilGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache
cf-ray: 7e526a9aff23367c-MAD
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 55A3 170 KB
63 KB 132ms
131ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43bbb533a6411a2d400e855c99dcfe6d109527f5bc9d92f03721b406d129de1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63967
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jul 2023 16:27:53 GMT

POST
H2 200 607f6b0b381bbc1f64fa027d62891072_cookie.php Show response
hosting.miarroba.info/ Frame 30BD 46 B
441 B 51ms
50ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://terminosdemsn.webcindario.com
Referer: https://terminosdemsn.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e526a9b4f89367c-MAD
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Tue, 11 Jul 2023 16:27:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mm4CV%2BJiYxwrSVUourNWdYo%2Bm6zwkkRDaCxkikKQwiUClvMprIZYRCsaLF1OEK6gmwg21mj9R%2FGX1Mdgu3VHLfHUdLt74nhETYDhF8iYFbFkn5ABfaHBy2BDuugfHF0DCBY6F6M8110nLNLjZP8beX1wrE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307050101/ 354 KB
122 KB 271ms
155ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7294310421616689&plah=terminosdemsn.webcindario.com&bust=31075873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d34027c6301fa4131bf2e40e8dd257a2751f8caead4deb717858cfc31b98a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124516
x-xss-protection: 0
server: cafe
etag: 1502820467557047132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 16:27:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/ Frame 52E0 10 KB
5 KB 225ms
72ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terminosdemsn.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 75807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 19:24:26 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 19:24:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ Frame 55A3 344 KB
118 KB 163ms
127ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7294310421616689&plah=terminosdemsn.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48783180259b4ff928cb313254bfd34a284ab76c3005954d9840e153ed17fef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121064
x-xss-protection: 0
server: cafe
etag: 10567554583188700242
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 16:27:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
34ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 15:01:18 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 11 Jul 2023 17:01:18 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 231ms
70ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 18 Jul 2023 16:27:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 55A3 52 KB
21 KB 63ms
45ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 15:01:18 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 11 Jul 2023 17:01:18 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 55A3 22 KB
9 KB 149ms
63ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:53 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 18 Jul 2023 16:27:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
218 B 54ms
53ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1192829910&t=pageview&_s=1&dl=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Findex.html&ul=en-us&de=UTF-8&dt=Iniciar%20sesi%C3%B3n%20en%20tu%20cuenta%20Microsoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=1800477527&gjid=1347860984&cid=668132179.1689092874&tid=UA-597118-7&_gid=194537921.1689092874&_r=1&_slc=1&gtm=45He37a0n71T2VG59&z=1906392747

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://terminosdemsn.webcindario.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://terminosdemsn.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 55A3 3 B
70 B 52ms
52ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=487564448&t=pageview&_s=1&dl=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Ffolder%2Fprefetch.html&ul=en-us&de=UTF-8&dt=Prefetch&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAAABCAAAAC~&jid=&gjid=&cid=668132179.1689092874&tid=UA-597118-7&_gid=194537921.1689092874&_slc=1&gtm=45He37a0n71T2VG59&z=986825269

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://terminosdemsn.webcindario.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://terminosdemsn.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
358 B 164ms
54ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-597118-7&cid=668132179.1689092874&jid=1800477527&gjid=1347860984&_gid=194537921.1689092874&_u=YEBAAAAACAAAAC~&z=1337374185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://terminosdemsn.webcindario.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Jul 2023 16:27:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://terminosdemsn.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-d5x2uDVHd7ALE.js Show response
rules.quantcount.com/ Frame 55A3 160 B
642 B 191ms
58ms Script
application/javascript 2600:9000:2551:5800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2551:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:04:09 GMT
via: 1.1 643f3a19739b50ef1fffa170c9395e24.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
age: 1436
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:55:53 GMT
server: AmazonS3
etag: "ceee564f54e512a948f918e2710eab6e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 3eLSLHgpR0ZKQ7yBgeodLExx2k3X21wEUCZXQPvFIz3ASOn7dXO1qg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A3 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adsense_fc_has_namespace_but_no_iframes&publisherId=ca-pub-7294310421616689&eid=44759842%2C44759927%2C44759876%2C31075645%2C31075758%2C44788441

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 55A3 397 B
608 B 209ms
69ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=terminosdemsn.webcindario.com&callback=_gfp_s_&client=ca-pub-7294310421616689

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7294310421616689&plah=terminosdemsn.webcindario.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6da5f43cff6401ca17485371fe275310da1a98a8d9ff26bdf1a5c194c66a6a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 55A3 107 B
456 B 196ms
68ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=terminosdemsn.webcindario.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A3 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=footer&cls=default%20footer%20ext-footer%20new-background-image&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10C2 11 KB
5 KB 219ms
218ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3279755397&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Findex.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689092873621&bpp=10&bdt=224&idt=339&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&nras=1&correlator=5448918374943&frm=23&ife=1&pv=2&ga_vid=668132179.1689092874&ga_sid=1689092874&ga_hid=487564448&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3076649985&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31075645%2C31075758%2C44788441&oid=2&pvsid=1581046556235549&tmod=1545867970&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.t6277pbbsvnq&fsb=1&dtd=371

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ff496b05d9284154da4e02974b57ff970bfafb2f882b429376f676b8a3c26b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terminosdemsn.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4788
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 16:27:54 GMT
expires: Tue, 11 Jul 2023 16:27:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-d5x2uDVHd7ALE.js Show response
rules.quantcount.com/ 160 B
642 B 105ms
57ms Script
application/javascript 2600:9000:2551:5800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2551:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:04:09 GMT
via: 1.1 643f3a19739b50ef1fffa170c9395e24.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
age: 1436
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:55:53 GMT
server: AmazonS3
etag: "ceee564f54e512a948f918e2710eab6e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 7TKW5vcHc7qSrCV5wGjQXLQwuwo0-6Z6sfTRc4A-rFvl0E9zwzngdA==

GET
H2 200 ca-pub-7294310421616689 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 271ms
101ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7294310421616689?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7294310421616689&plah=terminosdemsn.webcindario.com&bust=31075873

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74fc8dd8f26874f8fe341eb57bb3a6d2166e131f0c3ba7f0f2687363a4f03dbb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X8XAVl7Ovyl9WiSc6ZgO6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X8XAVl7Ovyl9WiSc6ZgO6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 219ms
87ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=668132179.1689092874&jid=1800477527&_u=YEBAAAAACAAAAC~&z=623137909

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.es/ads/ 42 B
408 B 253ms
96ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.es/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-597118-7&cid=668132179.1689092874&jid=1800477527&_u=YEBAAAAACAAAAC~&z=623137909

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1567368579;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Findex.html;uht=2;fpan=1;fpa=P0-1904514101-1689092874001;pbc=;ns=0;ce=1;qjs=1;qv=c818c...
pixel.quantserve.com/ 35 B
371 B 70ms
60ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1567368579;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Findex.html;uht=2;fpan=1;fpa=P0-1904514101-1689092874001;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=webcindario.com;dst=0;et=1689092874110;tzo=0;ogl=;ses=24dfed6a-1a96-497d-9ab6-77b28ddc7766;mdl=

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=95013379;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Ffolder%2Fprefetch.html;ref=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Findex...
pixel.quantserve.com/ Frame 55A3 35 B
371 B 69ms
63ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=95013379;source=gtm;rf=0;a=p-d5x2uDVHd7ALE;url=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Ffolder%2Fprefetch.html;ref=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Findex.html;uht=2;fpan=1;fpa=P0-1081071749-1689092873913;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=webcindario.com;dst=0;et=1689092874113;tzo=0;ogl=;ses=24dfed6a-1a96-497d-9ab6-77b28ddc7766;mdl=

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 boot.worldwide.0.mouse.js
r4.res.office365.com/owa/prem/16.3790.1.3213940/scripts/ Frame 55A3 648 KB
176 KB 326ms
90ms Stylesheet
application/x-javascript 2a02:26f0:7100::687e:2520
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com/owa/prem/16.3790.1.3213940/scripts/boot.worldwide.0.mouse.js

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::687e:2520 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

30bc3ba126e91f95d7480a073785a1d477006db381f181da67d29644674ba142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 17 Oct 2020 01:56:48 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *
content-length: 179729

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 55A3 15 KB
11 KB 109ms
108ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230706&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ac11e95ef1fa4cffcd614fa7b8230e89b239b352ea68b311c807cf88300619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11616
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55A3 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=0&eid=44787782&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=1581046556235549

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 16:27:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 55A3 35 B
55 B 33ms
33ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=487564448&t=timing&_s=2&dl=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Ffolder%2Fprefetch.html&ul=en-us&de=UTF-8&dt=Prefetch&sd=24-bit&sr=1600x1200&vp=&je=0&plt=953&pdt=23&dns=0&rrt=0&srt=104&tcp=0&dit=474&clt=474&_gst=467&_gbt=566&_u=QACAAAABCAAAAC~&jid=&gjid=&cid=668132179.1689092874&tid=UA-597118-7&_gid=194537921.1689092874&gtm=45He37a0n71T2VG59&z=1850007038

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 20:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70758
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 55A3 17 KB
7 KB 249ms
115ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 16:27:54 GMT

GET
H2 200 AGSKWxWKMok7xCMPVJhUaLks6OmdUuTgtk8vYPmKq_MLlKRrLJ1wmKmJQ6WZF6KFlJlcqjoWOFDP7q_RaCyrS4CxQdw= Show response
fundingchoicesmessages.google.com/f/ 305 KB
46 KB 179ms
179ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWKMok7xCMPVJhUaLks6OmdUuTgtk8vYPmKq_MLlKRrLJ1wmKmJQ6WZF6KFlJlcqjoWOFDP7q_RaCyrS4CxQdw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg5MDkyODc0LDQ3MTAwMDAwMF0sIkNDQjJENDIzLTdDNkMtNEQ0OS1CRDUwLTczQUQ5RDM5OEE0NCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vdGVybWlub3NkZW1zbi53ZWJjaW5kYXJpby5jb20vb3V0bG9rL2luZGV4Lmh0bWwiLG51bGwsW1s4LCI0d0JKRkQ4VlFVayJdLFs5LCJlcyJdLFsxOCwiW1tbMV1dXSJdLFsxOSwiMSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.es.4wBJFD8VQUk.es5.O/d=1/rs=AJlcJMwuaYygaCOiHP9ELAvbaCJMccNIxQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77e00122e83d7519c0bbae875d4bfee9cc753bcebc35a7f11ce036e3b5160f3b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-laXwCF0tjBbz0Y-im5Qp0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-laXwCF0tjBbz0Y-im5Qp0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 616C 13 KB
5 KB 60ms
57ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terminosdemsn.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 9838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 13:43:56 GMT
expires: Wed, 10 Jul 2024 13:43:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D24 783 B
970 B 72ms
71ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

827049997c6b35b665c40d85879273adab80bf52da1b125bf887183ab354f71f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nZP1b5pHQOEp1fnvskVHcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://terminosdemsn.webcindario.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-nZP1b5pHQOEp1fnvskVHcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 16:27:54 GMT
expires: Tue, 11 Jul 2023 16:27:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 616C 37 KB
14 KB 61ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 16:34:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 16:34:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D24 0
0 91ms
90ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230706&jk=1581046556235549&rc=
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ 63 KB
4 KB 248ms
120ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.es.4wBJFD8VQUk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwuaYygaCOiHP9ELAvbaCJMccNIxQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad597bd5da1121fc44e3a2176d030b49872c8e3f19d47fdb217668bfd4785f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 16:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 16:27:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 16:27:54 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 221ms
83ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terminosdemsn.webcindario.com/
Origin: https://terminosdemsn.webcindario.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 05:24:38 GMT
x-content-type-options: nosniff
age: 558196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 05:24:38 GMT

POST
H3 204 AGSKWxVMHAXypJgRepLidvVCQNAwyI0MFyFHpoVLf5v2_MB9GjmvnTyxX0-SpstpuXfXDyt-qDHo0GzspOG0lSBaEerCIMP3QblthqklCVk8F2pgGzrIzJbFsVdpGSJofxmuOlfV27PYTA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 203ms
77ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVMHAXypJgRepLidvVCQNAwyI0MFyFHpoVLf5v2_MB9GjmvnTyxX0-SpstpuXfXDyt-qDHo0GzspOG0lSBaEerCIMP3QblthqklCVk8F2pgGzrIzJbFsVdpGSJofxmuOlfV27PYTA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2jIsH5wkZXdG_cb0XMGoVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://terminosdemsn.webcindario.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-2jIsH5wkZXdG_cb0XMGoVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://terminosdemsn.webcindario.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 boot.worldwide.1.mouse.js
r4.res.office365.com/owa/prem/16.3790.1.3213940/scripts/ Frame 55A3 644 KB
160 KB 96ms
96ms Stylesheet
application/x-javascript 2a02:26f0:7100::687e:2520
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com/owa/prem/16.3790.1.3213940/scripts/boot.worldwide.1.mouse.js

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::687e:2520 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

2c8d7452cec941a942d7edeed6ac7ccbf64492685c815611989a707a5b049101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 17 Oct 2020 01:57:05 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *
content-length: 163132

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 616C 0
10 B 71ms
70ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z93gQA
Requested by: Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 boot.worldwide.2.mouse.js
r4.res.office365.com/owa/prem/16.3790.1.3213940/scripts/ Frame 55A3 647 KB
166 KB 86ms
86ms Stylesheet
application/x-javascript 2a02:26f0:7100::687e:2520
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com/owa/prem/16.3790.1.3213940/scripts/boot.worldwide.2.mouse.js

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::687e:2520 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

209631b47c5bf8b187edf20d5743e1cb617eed73807f395f49e94b6112818baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 17 Oct 2020 01:56:49 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *
content-length: 170026

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 136ms
136ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://terminosdemsn.webcindario.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 305848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 03:30:27 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 71ms
71ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://terminosdemsn.webcindario.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 317171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:21:44 GMT

GET
H2 200 boot.worldwide.3.mouse.js
r4.res.office365.com/owa/prem/16.3790.1.3213940/scripts/ Frame 55A3 645 KB
143 KB 87ms
87ms Stylesheet
application/x-javascript 2a02:26f0:7100::687e:2520
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com/owa/prem/16.3790.1.3213940/scripts/boot.worldwide.3.mouse.js

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::687e:2520 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

d78c0db087236877ee9843392efff21286c1cf69131176e34871362eabfc1a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 17 Oct 2020 01:57:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *
content-length: 145769

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
33ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1192829910&t=timing&_s=2&dl=https%3A%2F%2Fterminosdemsn.webcindario.com%2Foutlok%2Findex.html&ul=en-us&de=UTF-8&dt=Iniciar%20sesi%C3%B3n%20en%20tu%20cuenta%20Microsoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2158&pdt=1&dns=61&rrt=0&srt=35&tcp=67&dit=442&clt=442&_gst=648&_gbt=792&_u=YEBAAAABCAAAAC~&jid=&gjid=&cid=668132179.1689092874&tid=UA-597118-7&_gid=194537921.1689092874&gtm=45He37a0n71T2VG59&z=649410158

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 20:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70759
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite1.mouse.png
r4.res.office365.com/owa/prem/16.3790.1.3213940/resources/images/0/ Frame 55A3 16 KB
16 KB 69ms
68ms Stylesheet
image/png 2a02:26f0:7100::687e:2520
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com/owa/prem/16.3790.1.3213940/resources/images/0/sprite1.mouse.png

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::687e:2520 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 17 Oct 2020 01:52:18 GMT
server: AkamaiNetStorage
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *
content-length: 16664

GET
H2 200 sprite1.mouse.css
r4.res.office365.com/owa/prem/16.3790.1.3213940/resources/images/0/ Frame 55A3 7 KB
1 KB 69ms
69ms Stylesheet
text/css 2a02:26f0:7100::687e:2520
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com/owa/prem/16.3790.1.3213940/resources/images/0/sprite1.mouse.css

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::687e:2520 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 17 Oct 2020 01:52:14 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *
content-length: 1124

GET
H2 200 boot.worldwide.mouse.css
r4.res.office365.com/owa/prem/16.3790.1.3213940/resources/styles/0/ Frame 55A3 227 KB
43 KB 81ms
80ms Stylesheet
text/css 2a02:26f0:7100::687e:2520
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://r4.res.office365.com/owa/prem/16.3790.1.3213940/resources/styles/0/boot.worldwide.mouse.css

Requested by

Host: terminosdemsn.webcindario.com
URL: https://terminosdemsn.webcindario.com/outlok/folder/prefetch.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::687e:2520 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

8dfade63d9153799d2f8a254edcff8718388ea8d65b5a0daf340fe0fb302270e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 16:27:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Sat, 17 Oct 2020 01:54:57 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=630720000, s-maxage=630720000
accept-ranges: bytes
timing-allow-origin: *
content-length: 44146

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 55A3 0
0 94ms
93ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230706&jk=1581046556235549&bg=!19Sl1IDNAAb90kgr3dI7ADkAdvg8Wi1ZB7zYw9a5O4KksswwsXxhNkmAV7-i-ZZVZo157vu3bWwWNIDxSHMyFuVTHh5Z9m68zLUCAAAAjlIAAAAMaAEHmQLTQ0YdTaXcXF0Q8xho44YX_N_qdgz35J-urEKEKQxRV18AqzQ_DrfADEbQPdXcVmCexg_1liNZoIuL5iWBPg1vsAyK1vNNPykbmhjg7AZDFELHZHcdkXdYhgQ_oQO61fhWwIo5UgJjCL9zSj2DQRNdMy6NH0bX9w3uYE9DHrS6Umrhf77eZR_pV04tWGoJmwafJdiuL5enZEhz7a9tXTPKPyaWq8vIhtTx9m-4xr_FHhI8T_8qC-o9u07VKyUng5grBnHGfaQG4oJDC1DFIq5UrkneZeN-f40Lib3CedfqoZPh6SerUUTSOpN6vvfavSty4_fewmG4FCLGZbLijD7YbQ-2egXMkFzI_O03i0oWyhVkf1rMjJKJJuSq2Mm-wxGI5bK79UC9eFNEuraJsqla9DVe_cw7IxHCd9w__GWfjN0vIBqqwTG6MUFFms_HwVCJ--OPUYnwSuFgdDt1iJNmJ8mk4hVDydO8VpS7wpEIyPp7ziks5HpVxXNkBQKp2v8nGdqKIZ_ICaSoj7mWZTAuLwd0uoeIcR2AQA8FKKXMTAvtTPot0ocR6J77ufemX7yOlbGd9_3tTSptIZ0lUQPGnXb9UAM25KpCK61caIBWOO8dgWXmvZanUPwglJONNT_Pi3sRX6cpWBibXu6pFcv-7iCxC4skmGH4Qi-wrQUmQfZmpjMVVv9RfYrgsvI_j6lUfgzUwQF9J_u-UFlLvSPKze403WzEntiTV9toI7QoK4cG72tPoGzci13ZrxiWrkLAIbcr0oT1dG1Y2Ow0Ej7uGt7YylZ_PCDT3z5jJEHJzyJmc8fD70_Agw_HAOxkZzhKGnx1dBEhGQPspjKW5K_xuhFSfkXVV-qSos7bSXfgGTlTNfX7MmNrkKBkVlGg6NozWcgY-Fo-2G95ONkaXqCJZUIakBx8JnGG2Mgx25xt98UEJJNbZlZHUejaoc9FYokJWLP9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://terminosdemsn.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webcindario.com/	1970-01-20 22:47:32	Name: __muid Value: 97e540277afeea00866e85d389d9ba2410960bd8
.terminosdemsn.webcindario.com/	1970-01-20 22:47:32	Name: _ga Value: GA1.3.668132179.1689092874
.terminosdemsn.webcindario.com/	1970-01-20 13:12:59	Name: _gid Value: GA1.3.194537921.1689092874
.terminosdemsn.webcindario.com/	1970-01-20 13:11:32	Name: _gat_UA-597118-7 Value: 1
.quantserve.com/	1970-01-20 22:41:47	Name: mc Value: 64ad830a-24b21-8f4e5-4e658
.webcindario.com/	1970-01-20 22:33:08	Name: __gads Value: ID=a7cf9017adfd9cc9-220724ba26de00d6:T=1689092874:RT=1689092874:S=ALNI_MZLcFAL3zu4fCyDfHyOS1uDeuY9Aw
.webcindario.com/	1970-01-20 22:33:08	Name: __gpi Value: UID=00000c3bbc7c7f92:T=1689092874:RT=1689092874:S=ALNI_MadQvDStqyIF8nTYvIcvlPzEWW1Dg
.webcindario.com/	1970-01-20 22:36:01	Name: __qca Value: P0-1081071749-1689092873913
.doubleclick.net/	1970-01-20 13:11:33	Name: test_cookie Value: CheckForPermission
terminosdemsn.webcindario.com/	1969-12-31 23:59:59	Name: OWAPF Value: p:undefined11111111&

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hosting.miarroba.info
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
r4.res.office365.com
rules.quantcount.com
secure.quantserve.com
stats.g.doubleclick.net
terminosdemsn.webcindario.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.es
www.googletagmanager.com
2001:4860:4802:38::178
2600:9000:2551:5800:6:44e3:f8c0:93a1
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9b
2a02:26f0:7100::687e:2520
2a06:98c1:3120::3
5.57.226.202
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
0ff496b05d9284154da4e02974b57ff970bfafb2f882b429376f676b8a3c26b5
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fc1e335c2734726ba4d4939600dc75f026098413105092e2dd7d72930c8efcb
209631b47c5bf8b187edf20d5743e1cb617eed73807f395f49e94b6112818baa
2b7ea8dd60889f75129a486330728ccbdbbf6f85b923d7805534cdaffa1beaa8
2c8d7452cec941a942d7edeed6ac7ccbf64492685c815611989a707a5b049101
30bc3ba126e91f95d7480a073785a1d477006db381f181da67d29644674ba142
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
3a2b67c120174c3665aede21447278d171cffd0658db8d26124582111ecbbd78
43bbb533a6411a2d400e855c99dcfe6d109527f5bc9d92f03721b406d129de1a
461f87e55bba34c4d9248d1b45685ea832eba56c15ebf6cccf75d49f1547b502
48783180259b4ff928cb313254bfd34a284ab76c3005954d9840e153ed17fef1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59f01cb90458c7ba8df2b6919113cbda127905c6400836f1d53beea78c8eed14
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d7ccc5d2c41bf86be6cefb0063405067849ba64e9f219f60596ef09a54a942
6da5f43cff6401ca17485371fe275310da1a98a8d9ff26bdf1a5c194c66a6a3d
6f68ced1c168a2c41fad8ea9e5ab75bef95867feade3002909428b61593f75d5
6fc2e7366f3ab00bfeec94bfd0158d246f927d6f2ef7e96d2c42feae6ae947be
74fc8dd8f26874f8fe341eb57bb3a6d2166e131f0c3ba7f0f2687363a4f03dbb
77e00122e83d7519c0bbae875d4bfee9cc753bcebc35a7f11ce036e3b5160f3b
7aaa948933aa3b2b601742abf4fa05dfc5382bd30f0fbbb165d73e2e8e180b57
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
827049997c6b35b665c40d85879273adab80bf52da1b125bf887183ab354f71f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8934ddcfafe1779444fc1bf09367646b0a79b69c730b32f39f79b7b57b05aeb7
8dfade63d9153799d2f8a254edcff8718388ea8d65b5a0daf340fe0fb302270e
94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3
99190cfe65f919edb8071d84eee7096ec27561bc9b9fa396e55e0eb5e2cd0194
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
ab09647d7ac2bad6c3e1b6821b9ee2ad83e06a0794f076a670202d9e9726848d
ad597bd5da1121fc44e3a2176d030b49872c8e3f19d47fdb217668bfd4785f78
adea4054726651f0910d2a801ba3d840e8350d8baa17aa5956df5e142192413e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c0d34027c6301fa4131bf2e40e8dd257a2751f8caead4deb717858cfc31b98a9
c2ac11e95ef1fa4cffcd614fa7b8230e89b239b352ea68b311c807cf88300619
c73f959180f50e1a7c6926a44826db653698356803219cb2c3c03b82d0301621
cbeab615a455e0a1ec65067ad8ac6c4b9da0759457804d3b1e5c9c7eb9f880e7
d51dc655ea79ce747e767e064deda0f5aa1e119ce717ce461b698973d0d1c6e3
d60c833406c5cca9095b3cabd40d6f65e486a0a4c0b59105031c9a6e94595f5a
d78c0db087236877ee9843392efff21286c1cf69131176e34871362eabfc1a71
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edcc8ea5246fe3ec2d2f83cc26196ae49ab1f8c916aaf7a29eba6e6df33fbdbd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6267a440e2295893b68fcd63fa01c70cf3b14ff79def0b8bebe1de75eee8ca2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

terminosdemsn.webcindario.com Open in urlscan Pro 5.57.226.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

94 %IPv6

14 Domains

19 Subdomains

18 IPs

4 Countries

2345 kBTransfer

8167 kBSize

10 Cookies

3 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

terminosdemsn.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

94 %
IPv6

14
Domains

19
Subdomains

18
IPs

4
Countries

2345 kB
Transfer

8167 kB
Size

10
Cookies

78 HTTP transactions
0 data transactions