cfiprovidencia.com Open in urlscan Pro
167.114.11.220  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 62

• https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14d5f6fa393708%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff35026410186d5%26relation%3Dparent.parent&container_width=624&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=500 HTTP 302
• https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df14d5f6fa393708%2526domain%253Dcfiprovidencia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fcfiprovidencia.com%25252Ff35026410186d5%2526relation%253Dparent.parent%26container_width%3D624%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCFIProvidencia%252F%26locale%3Des_ES%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D500

Request Chain 63

• https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3eaca6d50235f4%26domain%3Dcfiprovidencia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcfiprovidencia.com%252Ff35026410186d5%26relation%3Dparent.parent&container_width=624&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCFIProvidencia%2F&locale=es_ES&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=250 HTTP 302
• https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3eaca6d50235f4%2526domain%253Dcfiprovidencia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fcfiprovidencia.com%25252Ff35026410186d5%2526relation%253Dparent.parent%26container_width%3D624%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCFIProvidencia%252F%26locale%3Des_ES%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D250

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request index.php Show response cfiprovidencia.com/ta/	28 KB 29 KB	288ms 81ms	Document text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:42 GMT server Apache
GET H2	200	bootstrap-material-design.min.css unpkg.com/bootstrap-material-design@4.1.1/dist/css/	428 KB 47 KB	60ms 31ms	Stylesheet text/css	2606:4700::6810:7daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/bootstrap-material-design@4.1.1/dist/css/bootstrap-material-design.min.css Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2886f26c06c4c98b385fe936c3677090207496f65a4cae5c1e7c893d53bb9f3f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cfiprovidencia.com/ Origin https://cfiprovidencia.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:27 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 19548345 last-modified Tue, 23 Jan 2018 14:37:41 GMT fly-request-id 01F3Z4APM6E6JWCSH2GFA4QMZP server cloudflare etag W/"6ae00-TDmIH9ntnxlp2o9g/Dhd3bTqORc" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 774e307be91a7145-YUL
GET H2	404	bootstrap.min.css cfiprovidencia.com/ta/css/	0 0	258ms 255ms	Stylesheet text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/css/bootstrap.min.css Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	normalize.css cfiprovidencia.com/ta/css/	0 0	126ms 122ms	Stylesheet text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/css/normalize.css Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	dashboard.css cfiprovidencia.com/ta/css/	0 0	214ms 211ms	Stylesheet text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/css/dashboard.css Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	head-stilos.css cfiprovidencia.com/ta/css/	0 0	237ms 234ms	Stylesheet text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/css/head-stilos.css Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	footer-stilos.css cfiprovidencia.com/ta/css/	0 0	258ms 256ms	Stylesheet text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/css/footer-stilos.css Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	animate.css cfiprovidencia.com/ta/css/	0 0	257ms 255ms	Stylesheet text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/css/animate.css Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	wow.js cfiprovidencia.com/ta/js/	0 0	237ms 235ms	Script text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/js/wow.js Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	200	css fonts.googleapis.com/	4 KB 595 B	88ms 35ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Hind+Vadodara:400,500,600,700 Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7976a483afa010ca1dcbb1637a246a9cf9302e052f342338a1112f0f047f7613 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 05 Dec 2022 16:34:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 05 Dec 2022 16:34:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 05 Dec 2022 16:34:27 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	87ms 34ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 05 Dec 2022 16:34:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 05 Dec 2022 15:29:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 05 Dec 2022 16:34:27 GMT
GET H2	404	iconColombia.png cfiprovidencia.com/ta/images/banderas/	28 KB 28 KB	620ms 610ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/banderas/iconColombia.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	iconUsa.png cfiprovidencia.com/ta/images/banderas/	28 KB 28 KB	677ms 667ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/banderas/iconUsa.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	logoOficial.png cfiprovidencia.com/ta/images/logo/	28 KB 28 KB	638ms 628ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/logo/logoOficial.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	cuadros2.png cfiprovidencia.com/ta/images/	28 KB 28 KB	511ms 502ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/cuadros2.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	CFIP-INTEP-DIPAZUCAR2.jpg cfiprovidencia.com/ta/images/slider/	28 KB 28 KB	699ms 690ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/slider/CFIP-INTEP-DIPAZUCAR2.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	sliderEA.jpg cfiprovidencia.com/ta/images/slider/	28 KB 28 KB	677ms 668ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/slider/sliderEA.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	posterVideo.jpg cfiprovidencia.com/ta/images/slider/	28 KB 28 KB	699ms 691ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/slider/posterVideo.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	sliderImagenColegio.jpg cfiprovidencia.com/ta/images/slider/	14 KB 14 KB	698ms 690ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/slider/sliderImagenColegio.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash ebf2dcdb5270d97dd1ddec0d44d14a9daecfb8224b8ae33712e4411bc6c5bccd Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	sliderImagenExtAcaCFIP.jpg cfiprovidencia.com/ta/images/slider/	28 KB 28 KB	486ms 478ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/slider/sliderImagenExtAcaCFIP.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	imagenTalleresCFIP.jpg cfiprovidencia.com/ta/images/slider/	28 KB 28 KB	675ms 667ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/slider/imagenTalleresCFIP.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	iconoCiudadEducativa.jpg cfiprovidencia.com/ta/images/	28 KB 28 KB	534ms 526ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/iconoCiudadEducativa.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	duolingo-logo.jpg cfiprovidencia.com/ta/images/	28 KB 28 KB	534ms 527ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/duolingo-logo.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	correo.jpg cfiprovidencia.com/ta/images/	4 KB 4 KB	633ms 626ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/correo.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 0a9b5372ca71d755cafa58f07e08cc3c2150127f6d84272da481f387d6a09d48 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	logoProtejer.jpg cfiprovidencia.com/ta/images/	28 KB 28 KB	561ms 554ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/logoProtejer.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	ProtejerOficial.png cfiprovidencia.com/ta/images/logo/	28 KB 28 KB	593ms 586ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/logo/ProtejerOficial.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	logoBigbag.png cfiprovidencia.com/ta/images/	28 KB 28 KB	523ms 517ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/logoBigbag.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	imagenUaotecLogo.png cfiprovidencia.com/ta/images/	28 KB 28 KB	576ms 570ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/imagenUaotecLogo.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	prueba.png cfiprovidencia.com/ta/images/logo/	28 KB 28 KB	648ms 642ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/logo/prueba.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	industrial.png cfiprovidencia.com/ta/images/	28 KB 28 KB	697ms 691ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/industrial.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	categoriaIcfes.jpg cfiprovidencia.com/ta/images/	28 KB 28 KB	649ms 643ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/categoriaIcfes.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	premioConfenalco.jpg cfiprovidencia.com/ta/images/	28 KB 28 KB	607ms 602ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/premioConfenalco.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	certificacionesCalidad.jpg cfiprovidencia.com/ta/images/	28 KB 28 KB	751ms 746ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/certificacionesCalidad.jpg Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	logoblanco.png cfiprovidencia.com/ta/images/logo/	28 KB 28 KB	735ms 730ms	Image text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cfiprovidencia.com/ta/images/logo/logoblanco.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	jsfcrud.js cfiprovidencia.com/ta/js/	0 0	235ms 224ms	Script text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/js/jsfcrud.js Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	jquery.js cfiprovidencia.com/ta/js/	0 0	169ms 158ms	Script text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/js/jquery.js Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	efectoImagenFixed.js cfiprovidencia.com/ta/js/	0 0	588ms 578ms	Script text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/js/efectoImagenFixed.js Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	404	bootstrap.min.js cfiprovidencia.com/ta/js/	0 0	653ms 643ms	Script text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/js/bootstrap.min.js Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	87ms 32ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cfiprovidencia.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 30 Nov 2022 21:54:16 GMT x-content-type-options nosniff age 412812 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Nov 2023 21:54:16 GMT
GET H2	200	sdk.js Show response connect.facebook.net/es_ES/	3 KB 2 KB	73ms 22ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/es_ES/sdk.js Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f1967d5804ee246adeecd63960881e2028a48e7b11e2119dca3620ccab8d63c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 05 Dec 2022 16:34:28 GMT content-md5 66fBpKAmc7LV38bVri+TeQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1685 x-fb-rlafr 0 x-fb-debug 9oZY69MTyO5R0kPfzOiBp/JmplyIsyHLYy5JU1fLiA4xVXuM5fWK3mjq5fF0bcsWe2dvRfNUPZaye29AhO9hkw== x-fb-trip-id 1512268381 x-fb-content-md5 09f39a24a285de6251f953dfc4f56a8f cross-origin-opener-policy same-origin-allow-popups etag "ca0d4e20e7d9b43d57c7a6c2566cadf1" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * priority u=3,i expires Mon, 05 Dec 2022 16:42:47 GMT
GET DATA	200 OK	truncated /	198 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H2	404	videoCorto.mp4 cfiprovidencia.com/ta/images/slider/	28 KB 29 KB	728ms 727ms	Media text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/images/slider/videoCorto.mp4 Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash 516ad23cf3f4d3759c232119f7a4d0ec7e9578157afe08714b74e232b28463f8 Request headers Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip Accept-Encoding identity;q=1, *;q=0 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Range bytes=0- Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:43 GMT server Apache
GET H2	200	FoZr0BboCBA Show response www.youtube.com/embed/ Frame 2AAA	69 KB 29 KB	128ms 73ms	Document text/html	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/FoZr0BboCBA Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4b73e8887aed3c7b0e16ad14c128d1ee1521017125aa1dc48c4dda64e730c954 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cfiprovidencia.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Mon, 05 Dec 2022 16:34:28 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H3	200	sdk.js Show response connect.facebook.net/es_ES/	300 KB 85 KB	43ms 20ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/es_ES/sdk.js?hash=424a3cf13a6f2c8618dbce3ec1d0110d Requested by Host: connect.facebook.net URL: https://connect.facebook.net/es_ES/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4af0062b4b311c87dce2d3b8e541b6691b1e32dbf5ccd85ed856cd965169bd2e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://cfiprovidencia.com/ Origin https://cfiprovidencia.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 05 Dec 2022 16:34:28 GMT content-md5 WNF9OoSx0+xD1cvCGNC3qw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 86953 x-fb-rlafr 0 x-fb-debug CWlmfgGfybmodY7wB6oCmd4xlGGwtuUn11gpq/whWMnAskmPy82fqeBvL+kQYU6cY0759TlAPF/KWZqWZaRGxw== x-fb-content-md5 12bc4aa1f49066e99555ec50eaee12b3 cross-origin-opener-policy same-origin-allow-popups etag "352f0c739c30b378c0ad6d430fd963f4" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * priority u=3,i expires Tue, 05 Dec 2023 14:32:30 GMT
GET H3	200	www-player.css www.youtube.com/s/player/dab28f34/ Frame 2AAA	360 KB 49 KB	79ms 29ms	Stylesheet text/css	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/dab28f34/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c8fb02f68e820bfcc5da89d05e5903e066828ef585e86d69b585af69f21216e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/FoZr0BboCBA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 01 Dec 2022 16:07:39 GMT content-encoding br x-content-type-options nosniff age 347209 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49849 x-xss-protection 0 last-modified Thu, 01 Dec 2022 01:20:18 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 01 Dec 2023 16:07:39 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 2AAA	15 KB 15 KB	75ms 27ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:54:24 GMT x-content-type-options nosniff age 427204 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Nov 2023 17:54:24 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 2AAA	15 KB 15 KB	78ms 30ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 30 Nov 2022 22:53:06 GMT x-content-type-options nosniff age 409282 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Nov 2023 22:53:06 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/dab28f34/www-embed-player.vflset/ Frame 2AAA	314 KB 97 KB	99ms 56ms	Script text/javascript	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e266c87ad4ccde16ed22725e4369cbcb9522ad41233d435a2e5636f463907b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/FoZr0BboCBA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 01 Dec 2022 16:07:39 GMT content-encoding br x-content-type-options nosniff age 347209 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 99243 x-xss-protection 0 last-modified Thu, 01 Dec 2022 01:20:18 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 01 Dec 2023 16:07:39 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/ Frame 2AAA	2 MB 580 KB	70ms 28ms	Script text/javascript	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6c58604b37c66b22b4249bd6d4bc415699d3112f70ef7cbc279aded40d05d8c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/FoZr0BboCBA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 01 Dec 2022 16:07:40 GMT content-encoding br x-content-type-options nosniff age 347208 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 593839 x-xss-protection 0 last-modified Thu, 01 Dec 2022 01:20:18 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 01 Dec 2023 16:07:40 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/ Frame 2AAA	9 KB 3 KB	69ms 27ms	Script text/javascript	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/FoZr0BboCBA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 01 Dec 2022 16:07:39 GMT content-encoding br x-content-type-options nosniff age 347209 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Thu, 01 Dec 2022 01:20:18 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 01 Dec 2023 16:07:39 GMT
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 2AAA Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	87ms 34ms	XHR application/json	2607:f8b0:4004:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H3 Server 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4ac18b90983e8ab00694d9a226c6d420aaf1d6aa378decb842acf1ce05ddd185 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:28 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 05 Dec 2022 16:34:28 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 2AAA	29 B 587 B	74ms 23ms	Script text/javascript	2607:f8b0:4004:800::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:800::2006 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:31:38 GMT x-content-type-options nosniff age 170 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 05 Dec 2022 16:46:38 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	80ms 28ms	Preflight text/html	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Mon, 05 Dec 2022 16:34:28 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2AAA	66 KB 30 KB	83ms 32ms	XHR application/json+protobuf	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8889ce08504ce1e19bf9fbbd2126a0781eddbca0550b2d18c62e2eac4ce4a154 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/json+protobuf Response headers date Mon, 05 Dec 2022 16:34:28 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30873 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/ Frame 2AAA	119 KB 36 KB	25ms 24ms	Script text/javascript	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash abac45a349fba8447f2e116343591cc98447f9f545cc5a93315306654ff57d20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/FoZr0BboCBA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Sun, 04 Dec 2022 17:34:55 GMT content-encoding br x-content-type-options nosniff age 82773 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37229 x-xss-protection 0 last-modified Thu, 01 Dec 2022 01:20:18 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Mon, 04 Dec 2023 17:34:55 GMT
GET H2	200	_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js Show response www.google.com/js/th/ Frame 2AAA	36 KB 15 KB	77ms 25ms	Script text/javascript	2607:f8b0:4004:c06::93 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 15:18:21 GMT content-encoding br x-content-type-options nosniff age 4567 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14302 x-xss-protection 0 last-modified Thu, 03 Nov 2022 10:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Dec 2023 15:18:21 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/ Frame 2AAA	26 KB 8 KB	25ms 24ms	Script text/javascript	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 927880808b04d38324c6478d81795bfcc4cf1d4a52a1d8c41a7b59d5bb991b11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/FoZr0BboCBA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 01 Dec 2022 16:07:40 GMT content-encoding br x-content-type-options nosniff age 347208 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8242 x-xss-protection 0 last-modified Thu, 01 Dec 2022 01:20:18 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 01 Dec 2023 16:07:40 GMT
GET DATA	200 OK	truncated / Frame 2AAA	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/png
GET H2	200	0k-LwrjbApkBfCHAeUvjsDE478jDeo6Cvh9WABAd4g6cShl0gplt0OSyUFLpSaM7gD8kY16I=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 2AAA	2 KB 3 KB	95ms 43ms	Image image/jpeg	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/0k-LwrjbApkBfCHAeUvjsDE478jDeo6Cvh9WABAd4g6cShl0gplt0OSyUFLpSaM7gD8kY16I=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 73697d107dfaf8b8cabe82c14626aa8e5f616609e9d9adc417ace1d4be8b80d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:28 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="channels4_profile.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2370 x-xss-protection 0 expires Tue, 06 Dec 2022 16:34:28 GMT
GET H2	200	default.webp i.ytimg.com/vi_webp/FoZr0BboCBA/ Frame 2AAA	3 KB 4 KB	152ms 94ms	Image image/webp	2607:f8b0:4004:c06::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/FoZr0BboCBA/default.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::77 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 94273d9fecfda30ab6fd58fa80de77500d6e844c4ee5dda1e894ec280508850c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:28 GMT x-content-type-options nosniff server sffe etag "1523630981" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3186 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Mon, 05 Dec 2022 18:34:28 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 2AAA	4 KB 3 KB	102ms 54ms	Script text/javascript	2607:f8b0:4006:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:28 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 05 Dec 2022 16:34:28 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	74ms 23ms	Script text/javascript	2607:f8b0:4004:837::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:837::200e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 05 Dec 2022 15:36:31 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 3477 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Mon, 05 Dec 2022 17:36:31 GMT
GET H/1.1	200 OK	eb4ae45110e2b750dfa0f19525dfcb77 Show response app.bluecaribu.com/conversion/integration/	22 KB 23 KB	548ms 141ms	Script application/javascript	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.bluecaribu.com/conversion/integration/eb4ae45110e2b750dfa0f19525dfcb77 Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33 Resource Hash 83de0df1c2e45b32dc248af0cadf630fd91a68967d7efe63956bf7140af1840d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified 1662586351 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 X-Powered-By PHP/7.1.33 X-Frame-Options SAMEORIGIN transfer-encoding chunked Content-Type application/javascript Cache-Control post-check=0, pre-check=0, no-cache="set-cookie" Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	/ www.facebook.com/login/ Frame 1635 Redirect Chain https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14d5f6fa393708%26d... https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...	0 0	118ms 99ms	Document text/html	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df14d5f6fa393708%2526domain%253Dcfiprovidencia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fcfiprovidencia.com%25252Ff35026410186d5%2526relation%253Dparent.parent%26container_width%3D624%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCFIProvidencia%252F%26locale%3Des_ES%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D500 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/es_ES/sdk.js?hash=424a3cf13a6f2c8618dbce3ec1d0110d Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://cfiprovidencia.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy same-origin-allow-popups date Mon, 05 Dec 2022 16:34:28 GMT expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache priority u=0 report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug +Vt0WkDtfqEhSvKAnPDUR7oRVmhAc/qpL4sDqZWlNLnCWLGq7h5PwoLC4SaG7698HUeM/ePmudB5EsTFDot8ew== x-frame-options DENY x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Mon, 05 Dec 2022 16:34:28 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v9.0 location https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df14d5f6fa393708%2526domain%253Dcfiprovidencia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fcfiprovidencia.com%25252Ff35026410186d5%2526relation%253Dparent.parent%26container_width%3D624%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCFIProvidencia%252F%26locale%3Des_ES%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D500 pragma no-cache strict-transport-security max-age=15552000; preload x-content-type-options nosniff x-fb-debug rx6ULlEiC39K3zAwdhYR0hjXLGMlYg2MfTChWlY0ZkvXIdAFMiYMWA374CKLsW7rooz1HKnn3tYqyNNmnxKzJw== x-fb-rlafr 0 x-xss-protection 0
GET H3	200	/ www.facebook.com/login/ Frame 34D6 Redirect Chain https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3eaca6d50235f4%26d... https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...	0 0	104ms 81ms	Document text/html	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3eaca6d50235f4%2526domain%253Dcfiprovidencia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fcfiprovidencia.com%25252Ff35026410186d5%2526relation%253Dparent.parent%26container_width%3D624%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCFIProvidencia%252F%26locale%3Des_ES%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D250 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/es_ES/sdk.js?hash=424a3cf13a6f2c8618dbce3ec1d0110d Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://cfiprovidencia.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy same-origin-allow-popups date Mon, 05 Dec 2022 16:34:28 GMT expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache priority u=0 report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug v89PYOEeGco4LmyzAMgfdyhehwKHDEV2e56t7Lj+oIZK7p9y3GhwOWAdQmckRyN0KqYT2VCtZttYfkIU2xLBxA== x-frame-options DENY x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Mon, 05 Dec 2022 16:34:28 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v9.0 location https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3eaca6d50235f4%2526domain%253Dcfiprovidencia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fcfiprovidencia.com%25252Ff35026410186d5%2526relation%253Dparent.parent%26container_width%3D624%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCFIProvidencia%252F%26locale%3Des_ES%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D250 pragma no-cache strict-transport-security max-age=15552000; preload x-content-type-options nosniff x-fb-debug +sh8hci8vvVLs4rOVqRztrIbT+p3xaVZTrNciAkAD5RsVK0BJsbS1f5um7KQBBmTkp1L92lgb6OetDXtyjQdQQ== x-fb-rlafr 0 x-xss-protection 0
GET H3	204	generate_204 www.youtube.com/ Frame 2AAA	0 10 B	24ms 24ms	Image text/plain	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?YGztjg Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/FoZr0BboCBA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/FoZr0BboCBA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:28 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2AAA	90 B 134 B	36ms 36ms	XHR application/json+protobuf	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6ebb531b5a1686a4cf4894ae04e60fb4861f3e2b3de6e68ca2f65e52f854fe75 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/json+protobuf Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110 x-xss-protection 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	26ms 26ms	Preflight text/html	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Mon, 05 Dec 2022 16:34:28 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/108/ Frame 2AAA	52 KB 15 KB	62ms 21ms	Script text/javascript	2607:f8b0:4006:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/108/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80f::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 07:52:31 GMT content-encoding gzip x-content-type-options nosniff age 31318 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15164 x-xss-protection 0 last-modified Tue, 08 Nov 2022 00:45:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Tue, 06 Dec 2022 07:52:31 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	82ms 32ms	XHR text/plain	2607:f8b0:4004:837::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=56818132&t=pageview&_s=1&dl=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&ul=en-us&de=UTF-8&dt=Centro%20de%20Formaci%C3%B3n%20Integral%20Providencia%20%7C%20Inicio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1969074403&gjid=1526018905&cid=1628178842.1670258069&tid=UA-79494869-1&_gid=142238570.1670258069&_r=1&_slc=1&z=876683947 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:837::200e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://cfiprovidencia.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 05 Dec 2022 16:34:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cfiprovidencia.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	videoCorto.ogv cfiprovidencia.com/ta/images/slider/	16 KB 0	59ms 58ms	Media text/html	167.114.11.220 OVH
General Check archive.org Show headers Download Go to Full URL https://cfiprovidencia.com/ta/images/slider/videoCorto.ogv Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.114.11.220 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS host.protejer.com Software Apache / Resource Hash Request headers Referer https://cfiprovidencia.com/ta/index.php?QBOT.zip Accept-Encoding identity;q=1, *;q=0 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Range bytes=0- Response headers content-type text/html;charset=utf-8 date Mon, 05 Dec 2022 16:34:44 GMT server Apache
GET H/1.1	200 OK	launcher.chatbot.ss app.bluecaribu.com/ScriptMatic/style/	7 KB 8 KB	76ms 76ms	Stylesheet text/css	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.bluecaribu.com/ScriptMatic/style/launcher.chatbot.ss Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/conversion/integration/eb4ae45110e2b750dfa0f19525dfcb77 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33 Resource Hash f1d552ec5c1bf0484fd412f1edbe720cd77435756945f8117cdb0bc903c6e76b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified Wed, 13 Jul 2022 09:16:55 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 X-Powered-By PHP/7.1.33 X-Frame-Options SAMEORIGIN Content-Type text/css;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 7483 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	ws.launcher.ss app.bluecaribu.com/ScriptMatic/style/	4 KB 5 KB	146ms 98ms	Stylesheet text/css	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.bluecaribu.com/ScriptMatic/style/ws.launcher.ss Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/conversion/integration/eb4ae45110e2b750dfa0f19525dfcb77 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33 Resource Hash 4b43a1b15ec3c343c3b363eb1fb3dbdb095c52c55dd1f5a59e4fb6d73c1583a8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified Tue, 11 Jan 2022 15:37:41 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 X-Powered-By PHP/7.1.33 X-Frame-Options SAMEORIGIN Content-Type text/css;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 4490 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	whatsapp.js Show response app.bluecaribu.com/ScriptMatic/script/ Frame 7D40	17 KB 18 KB	149ms 100ms	Script text/javascript	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.bluecaribu.com/ScriptMatic/script/whatsapp.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/conversion/integration/eb4ae45110e2b750dfa0f19525dfcb77 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33 Resource Hash a1258b047cea65fccf3cb70b5abfc17318659df38e8a239b06b593ae3544e085 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified Wed, 11 May 2022 12:18:35 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 X-Powered-By PHP/7.1.33 X-Frame-Options SAMEORIGIN transfer-encoding chunked Content-Type text/javascript;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	ws-logo-h.png app.bluecaribu.com/app/views/V2/img/whatsapp/	7 KB 7 KB	103ms 55ms	Image image/png	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://app.bluecaribu.com/app/views/V2/img/whatsapp/ws-logo-h.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / Resource Hash 65faff3cc8dbc6d72904280322ee8b6f1e5e8a7b53012379294b684028b8a5a9 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified Tue, 11 Jan 2022 20:37:43 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 ETag "1c4f-5d5546cdb3d9a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7247
GET H3	200	css2 fonts.googleapis.com/	4 KB 661 B	87ms 35ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat&family=Roboto&display=swap Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/style/launcher.chatbot.ss Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ebced4b4eff382a06db1d9d45df5cf81e071bcea436dca94232e957b476b465a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://app.bluecaribu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 05 Dec 2022 16:34:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 05 Dec 2022 16:34:29 GMT
GET H2	200	tinycolor.min.js Show response cdnjs.cloudflare.com/ajax/libs/tinycolor/1.4.1/ Frame 7D40	14 KB 5 KB	82ms 28ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/tinycolor/1.4.1/tinycolor.min.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/script/whatsapp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9688be1c8cc6dfb654dc28761dd9a7bb3f94acf1ce57e9a0fe21a824ce02235f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 10171934 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4634 last-modified Mon, 04 May 2020 16:17:01 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ffd-3982" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FxiKcmVJWmq5ktl2jDoUIwzefZEnP355Oqj70bCTHmiGOBp6w0fJGPrL5qngIFJSizH%2FU9x3y8E6Ar5YXWtSet%2B0XbnqbgRKbr2ALo24j6PzANT4d5mqxoYAIvvaqeZ8HDeFdCO5zC8J4cDMmpVwx91"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 774e30865b3218bc-EWR expires Sat, 25 Nov 2023 16:34:29 GMT
GET H2	200	jquery-2.2.4.min.js Show response code.jquery.com/ Frame 7D40	84 KB 29 KB	96ms 28ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.4.min.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/script/whatsapp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-14e4a" vary Accept-Encoding x-hw 1670258069.dop101.dc2.t,1670258069.cds083.dc2.hn,1670258069.cds102.dc2.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29811
GET H3	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v25/	12 KB 12 KB	27ms 27ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Roboto&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cfiprovidencia.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 30 Nov 2022 10:55:02 GMT x-content-type-options nosniff age 452367 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12708 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:55:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Nov 2023 10:55:02 GMT
GET H/1.1	200 OK	chatbot.js Show response app.bluecaribu.com/ScriptMatic/script/ Frame 9F6F	28 KB 29 KB	76ms 75ms	Script text/javascript	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.bluecaribu.com/ScriptMatic/script/chatbot.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/conversion/integration/eb4ae45110e2b750dfa0f19525dfcb77 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33 Resource Hash 59fb31b289415a39b6ec379c1067225197f01d82a529082691758adcdff36ee5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified Mon, 24 Oct 2022 15:26:59 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 X-Powered-By PHP/7.1.33 X-Frame-Options SAMEORIGIN transfer-encoding chunked Content-Type text/javascript;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	avatar24.png app-blue-upload.s3.amazonaws.com/BOT/avatars/	22 KB 22 KB	146ms 66ms	Image image/png	54.231.233.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app-blue-upload.s3.amazonaws.com/BOT/avatars/avatar24.png Requested by Host: cfiprovidencia.com URL: https://cfiprovidencia.com/ta/index.php?QBOT.zip Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.233.193 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 07c046e3d4b5b2fb25c2557c5e7da9e0238a82eeb42336a6f999aa301e9cb251 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Mon, 05 Dec 2022 16:34:30 GMT x-amz-version-id elVvpZhibhfhe6gL2cRZ0s_.GCllHHeW Last-Modified Mon, 08 Jun 2020 18:28:29 GMT Server AmazonS3 x-amz-request-id 8V4AJF03S59YQFWM ETag "7b20b3ddc5083b03c6311e1ed6cd494b" Content-Type image/png Accept-Ranges bytes Content-Length 22121 x-amz-id-2 7pQ3HP1V7RSsQIp8kPKbshyuXsLDsX2Ea0+bOjTOaGGKkARtJnRfLZO7RpgLhtODkIXlGjPgnOw=
GET H3	200	tinycolor.min.js Show response cdnjs.cloudflare.com/ajax/libs/tinycolor/1.4.1/ Frame 9F6F	14 KB 5 KB	64ms 49ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/tinycolor/1.4.1/tinycolor.min.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/script/chatbot.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9688be1c8cc6dfb654dc28761dd9a7bb3f94acf1ce57e9a0fe21a824ce02235f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3368700 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4634 last-modified Mon, 04 May 2020 16:17:01 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ffd-3982" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7Ijt%2BtJ9w%2Bv2i8mJ4seDHeydH0uIW0mkJ7as%2Fftn7np5KcX4Nibo75L5Vfdc8WyTnClRKGq9pUbCeEOhNWbQIdNvrBH31tjlJdxbk9xzUwnz6D5NmgN%2FQeBe%2FTGwHJzI8N1Hs65QBp%2FmEbqLGuKVfEo"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 774e3086be674bb9-YUL expires Sat, 25 Nov 2023 16:34:29 GMT
GET H2	200	jquery-2.2.4.min.js Show response code.jquery.com/ Frame 9F6F	84 KB 29 KB	31ms 30ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.4.min.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/script/chatbot.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-14e4a" vary Accept-Encoding x-hw 1670258069.dop101.dc2.t,1670258069.cds083.dc2.hn,1670258069.cds102.dc2.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29811
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.12.1/ Frame 9F6F	248 KB 66 KB	40ms 39ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/jquery-ui.min.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/script/chatbot.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-3dee4" vary Accept-Encoding x-hw 1670258069.dop101.dc2.t,1670258069.cds083.dc2.hn,1670258069.cds204.dc2.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 67751
GET H3	200	utils.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.1.0/js/ Frame 7D40	239 KB 45 KB	38ms 37ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.1.0/js/utils.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/script/whatsapp.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df0797876b146528f534dc356f34fd6408384ca47baae6ecdfcdf0463294f142 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 489908 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45332 last-modified Mon, 04 May 2020 16:11:18 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ea6-3bdea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJAyk6zCKSKkdJcN8dCAXrGtnILs6iH10lEup3fKrZfnvabJpyaYpBqEUg8BBOfmK%2BAYqeZ6WThC3Yd91XnfgpPCv4E7N0qbhiybi631QWXaUSLH8HtCPGdnOCXrjWvDWZKienzP0h%2F5ZoDjmRxojNhg"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 774e3086ce794bb9-YUL expires Sat, 25 Nov 2023 16:34:29 GMT
GET H3	200	jquery.validate.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ Frame 7D40	23 KB 7 KB	27ms 26ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/script/whatsapp.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5257025 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6638 last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-5a1e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQcAPSMX4uy5piUX%2FLy4PCFonfNglStELeqSbQ9H%2Btvrmbd5u0q9RKlqQSXS%2BqRgsoqZNYvnwPBexaelKRGDFXOuN1WOCHk8x6C88Qba4giS9m3tqpONo3Hpt4JBcLn8L9w83u9%2BzdREautJZFoJyS2i"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 774e3086ce7b4bb9-YUL expires Sat, 25 Nov 2023 16:34:29 GMT
GET H3	200	intlTelInput.min.js Show response cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.0/js/ Frame 7D40	28 KB 9 KB	23ms 23ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.0/js/intlTelInput.min.js Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/script/whatsapp.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc43f24d17e53906d84037c99c68333365b8a5a375f73efb7c33de509b6e9102 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 7600094 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8764 last-modified Mon, 04 May 2020 16:11:18 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ea6-6f10" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8Nh91VgY5M2ClSO1IhgeGFOp%2FXPFHmmVxe%2FZcescOgR1WJNTZMNb9XeRVM40IhEUCVpxqUASY01mtshhczNlDVK%2FYJioFVfYSx5syssvH3to8Al%2BmnAaYCimQXIpfkg2r4LFXCmyTC0BzpYjxf9dyR2"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 774e3086ce7c4bb9-YUL expires Sat, 25 Nov 2023 16:34:29 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 9F6F	135 KB 52 KB	144ms 75ms	Script application/javascript	2607:f8b0:4004:c1b::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670258069580 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 04c6dd723c2d8dff2c78f63a0ec99404b087228d595f000d559def7e7383a74a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52915 x-xss-protection 0 last-modified Mon, 05 Dec 2022 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 05 Dec 2022 16:34:29 GMT
GET H/1.1	200 OK	assets.ss app.bluecaribu.com/ScriptMatic/style/ Frame 9F6F	5 KB 6 KB	117ms 116ms	Stylesheet text/css	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.bluecaribu.com/ScriptMatic/style/assets.ss Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33 Resource Hash f45658617808cda3ed19400f10cacaaa696d282e1504e2fec598bf69fe0a34a6 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified 1641933461 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 X-Powered-By PHP/7.1.33 X-Frame-Options SAMEORIGIN Content-Type text/css;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 5291 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	icon fonts.googleapis.com/ Frame 9F6F	569 B 367 B	38ms 38ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 05 Dec 2022 16:34:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 05 Dec 2022 16:34:29 GMT
GET H/1.1	200 OK	botv2.ss app.bluecaribu.com/ScriptMatic/style/ Frame 9F6F	6 KB 7 KB	98ms 97ms	Stylesheet text/css	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.bluecaribu.com/ScriptMatic/style/botv2.ss Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33 Resource Hash 457dbd60676d411c3f552f95da8a84208d6c571c674f44df33bd4dfa1501d4f6 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified Mon, 13 Jun 2022 10:04:55 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 X-Powered-By PHP/7.1.33 X-Frame-Options SAMEORIGIN Content-Type text/css;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 6307 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	avatar24.png app-blue-upload.s3.amazonaws.com/BOT/avatars/ Frame 9F6F	22 KB 22 KB	35ms 34ms	Image image/png	54.231.233.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://app-blue-upload.s3.amazonaws.com/BOT/avatars/avatar24.png Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.233.193 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 07c046e3d4b5b2fb25c2557c5e7da9e0238a82eeb42336a6f999aa301e9cb251 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Mon, 05 Dec 2022 16:34:30 GMT x-amz-version-id elVvpZhibhfhe6gL2cRZ0s_.GCllHHeW Last-Modified Mon, 08 Jun 2020 18:28:29 GMT Server AmazonS3 x-amz-request-id 8V4CRWWFYRHCSHT5 ETag "7b20b3ddc5083b03c6311e1ed6cd494b" Content-Type image/png Accept-Ranges bytes Content-Length 22121 x-amz-id-2 +MzEur+AkLtoCDmifUWhkbVG/ztTY8zuhtvarh/fkack5Uk93gTZm4uQ/7+u5LS33ZXrXKtLeN4=
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 7D40	135 KB 52 KB	89ms 40ms	Script application/javascript	2607:f8b0:4004:c1b::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670258069559 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 91b47bac1d799bdd3866c9c9d9b1eb45fc23bb1398ec2527d627821bbce99312 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52912 x-xss-protection 0 last-modified Mon, 05 Dec 2022 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 05 Dec 2022 16:34:29 GMT
GET H3	200	icon fonts.googleapis.com/ Frame 7D40	569 B 367 B	39ms 38ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 05 Dec 2022 16:34:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 05 Dec 2022 16:34:29 GMT
GET H/1.1	200 OK	ws.widget.ss app.bluecaribu.com/ScriptMatic/style/ Frame 7D40	7 KB 7 KB	98ms 97ms	Stylesheet text/css	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.bluecaribu.com/ScriptMatic/style/ws.widget.ss Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33 Resource Hash 1dca6dc00c99982743da053c61072fe32d4bdd93ff85eb22ac49fcd7dff14438 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified Tue, 29 Mar 2022 10:30:53 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 X-Powered-By PHP/7.1.33 X-Frame-Options SAMEORIGIN Content-Type text/css;charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 6656 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	intlTelInput.css cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.1.0/css/ Frame 7D40	25 KB 3 KB	25ms 24ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.1.0/css/intlTelInput.css Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5893565 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1970 last-modified Mon, 04 May 2020 16:11:18 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ea6-62a6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJ7wOIcwpfMvaHWj3mY9KjB0jWt2HqASmFK8QkNxyqPQjN%2FH7i6%2FWMeyE54D7KlR2DLH1L0J%2BuamSOfvnjav8YDxUdzKCFMq3xEmmYIVy6QylESXcXU2FWOIS%2FJjvfFdUR1SjYTkaXOgvc0q7v1BQsO%2B"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 774e30874f534bb9-YUL expires Sat, 25 Nov 2023 16:34:29 GMT
GET H/1.1	200 OK	ws-logo-h.png app.bluecaribu.com/app/views/V2/img/whatsapp/ Frame 7D40	7 KB 7 KB	61ms 61ms	Image image/png	54.236.131.203 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://app.bluecaribu.com/app/views/V2/img/whatsapp/ws-logo-h.png Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.131.203 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-131-203.compute-1.amazonaws.com Software Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 / Resource Hash 65faff3cc8dbc6d72904280322ee8b6f1e5e8a7b53012379294b684028b8a5a9 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Mon, 05 Dec 2022 16:34:29 GMT Last-Modified Tue, 11 Jan 2022 20:37:43 GMT Server Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.1.33 ETag "1c4f-5d5546cdb3d9a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7247
GET H3	200	css2 fonts.googleapis.com/ Frame 9F6F	4 KB 661 B	37ms 37ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat&family=Roboto&display=swap Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/style/botv2.ss Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ebced4b4eff382a06db1d9d45df5cf81e071bcea436dca94232e957b476b465a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://app.bluecaribu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 05 Dec 2022 16:34:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 05 Dec 2022 16:34:29 GMT
GET H3	200	css2 fonts.googleapis.com/ Frame 7D40	4 KB 661 B	35ms 35ms	Stylesheet text/css	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat&family=Roboto&display=swap Requested by Host: app.bluecaribu.com URL: https://app.bluecaribu.com/ScriptMatic/style/ws.widget.ss Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ebced4b4eff382a06db1d9d45df5cf81e071bcea436dca94232e957b476b465a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://app.bluecaribu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 05 Dec 2022 16:34:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 05 Dec 2022 16:34:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 05 Dec 2022 16:34:29 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/633734239/ Frame 7D40	2 KB 899 B	49ms 49ms	Script text/javascript	2607:f8b0:4004:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/633734239/?random=1670258069779&cv=11&fst=1670258069779&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&ref=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&auid=1064813361.1670258070&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670258069559 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 462a4dd20bf727d9baca2bca17067e6e4b56aef7a91c2315e4878cfbd078b25c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 874 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/633734239/ Frame 9F6F	2 KB 897 B	43ms 42ms	Script text/javascript	2607:f8b0:4004:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/633734239/?random=1670258069811&cv=11&fst=1670258069811&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&ref=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&auid=1064813361.1670258070&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-633734239&_=1670258069580 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a761dbc195766ed045417aeec2f66c2230c5019eb23738c5e16b346458d766f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Mon, 05 Dec 2022 16:34:29 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 872 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/633734239/ Frame 7D40	42 B 64 B	92ms 38ms	Image image/gif	2607:f8b0:4004:c06::93 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/633734239/?random=1670258069779&cv=11&fst=1670256000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&ref=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2037344558&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Mon, 05 Dec 2022 16:34:29 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ca/pagead/1p-user-list/633734239/ Frame 7D40	42 B 548 B	90ms 38ms	Image image/gif	2607:f8b0:4004:c07::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/633734239/?random=1670258069779&cv=11&fst=1670256000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&ref=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2037344558&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Mon, 05 Dec 2022 16:34:29 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/633734239/ Frame 9F6F	42 B 64 B	71ms 39ms	Image image/gif	2607:f8b0:4004:c06::93 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/633734239/?random=1670258069811&cv=11&fst=1670256000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&ref=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=808121652&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Mon, 05 Dec 2022 16:34:29 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ca/pagead/1p-user-list/633734239/ Frame 9F6F	42 B 108 B	79ms 48ms	Image image/gif	2607:f8b0:4004:c07::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/633734239/?random=1670258069811&cv=11&fst=1670256000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&ref=https%3A%2F%2Fcfiprovidencia.com%2Fta%2Findex.php%3FQBOT.zip&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=808121652&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cfiprovidencia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Mon, 05 Dec 2022 16:34:29 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 2AAA	28 B 50 B	42ms 40ms	XHR application/json	2607:f8b0:4004:c19::5b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c19::5b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 X-Goog-Request-Time 1670258071078 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/FoZr0BboCBA X-YouTube-Client-Version 1.20221130.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtnUnNnR043OVRUayiUu7icBg%3D%3D X-YouTube-Ad-Signals dt=1670258068410&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C150&vis=1&wgl=true&ca_type=image Response headers date Mon, 05 Dec 2022 16:34:31 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0