elperiodico.com.gt Open in urlscan Pro
2600:9000:2315:5e00:15:d9ef:e40:93a1  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

• https://ads.us.e-planning.net/cm/5/31cb4/Articulo?rnd=0.266571825443652&e=1x1+boxa2m+billboarda1w+boxa1m+bannera3m+inlinea2w+bannera3w&fv=0&ur=https%3A//elperiodico.com.gt/noticias/investigacion/2022/03/12/%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/&ts=1649607159&tz=0&n=640x4b0&crs=UTF-8&vs=FFFFFFF&gdpr=0&ccpa=1---&lv=20 HTTP 302
• https://ads.us.e-planning.net/cm/5/31cb4/Articulo?ct=1&rnd=0.266571825443652&e=1x1+boxa2m+billboarda1w+boxa1m+bannera3m+inlinea2w+bannera3w&fv=0&ur=https%3A//elperiodico.com.gt/noticias/investigacion/2022/03/12/%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/&ts=1649607159&tz=0&n=640x4b0&crs=UTF-8&vs=FFFFFFF&gdpr=0&ccpa=1---&lv=20

Request Chain 94

• https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://mwzeom.zeotap.com/mw?cid=5ace947f-01b2-429c-9f5d-5e46d0938396&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 96

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://mwzeom.zeotap.com/mw?cid=e10bec62-6d58-401e-b7d4-695918b6069a&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 100

• https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 HTTP 302
• https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361&s_h=1 HTTP 302
• https://mwzeom.zeotap.com/mw?cid=f12cf938-da28-49ab-a1d4-7c5be59a359a&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 101

• https://dpm.demdex.net/ibs:dpid=199624&dpuuid=88fc604c-1428-415f-67e1-1eb411ae0d66&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=88fc604c-1428-415f-67e1-1eb411ae0d66&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://mwzeom.zeotap.com/mw?cid=12527076653251475764491252511829664385&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 103

• https://bn01.er.bemail.it/zeotap.php?_bid=88fc604c-1428-415f-67e1-1eb411ae0d66&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 HTTP 302
• https://mwzeom.zeotap.com/mw?cid=BE1-2022041018-46169-0.219155001649607160-7ec67bde887a670883204c778e2098c0&zdid=533&env=mWeb

Request Chain 104

• https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://mwzeom.zeotap.com/mw?cid=7085008799165642904&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 106

• https://idsync.frontend.weborama.fr/ids?key=zeotap&value=88fc604c-1428-415f-67e1-1eb411ae0d66&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://idsync.frontend.weborama.fr/ids?key=zeotap&value=88fc604c-1428-415f-67e1-1eb411ae0d66&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361&bounce=1&random=432100183 HTTP 302
• https://mwzeom.zeotap.com/mw?webouuid=tqfN/69/0OT9cpThfOxb6.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 108

• https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=88fc604c-1428-415f-67e1-1eb411ae0d66?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 HTTP 302
• https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=88fc604c-1428-415f-67e1-1eb411ae0d66?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 HTTP 302
• https://mwzeom.zeotap.com/mw?pid=57545f8aaa8294ac9080096d3558d3e0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 109

• https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
• https://mwzeom.zeotap.com/mw?cid=y-uEP7h_tE2ooe7JXCHN7.vfHhfoAZQQ9j0w--~A&zpartnerid=570&env=mWeb

Request Chain 110

• https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 HTTP 302
• https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Ol%2F2Llz7A8AGRDm1gJCHZYvmqtfogaRy%2BS41iYitP1U%3D

Request Chain 113

• https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361&_test=YlMB9wATlSuHMgAy HTTP 302
• https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YlMB9wATlSuHMgAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361&_test=YlMB9wATlSuHMgAy

Request Chain 114

• https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://mwzeom.zeotap.com/mw?cid=c5306253-01f7-4900-ab76-04dc4b21a54d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 115

• https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 HTTP 302
• https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 116

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=88fc604c-1428-415f-67e1-1eb411ae0d66&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=88fc604c-1428-415f-67e1-1eb411ae0d66&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361&dcc=t

Request Chain 118

• https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 HTTP 302
• https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361

Request Chain 130

• https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=71009019161 HTTP 302
• https://sync2.navdmp.com/sync?prtid=2&id=71009019161&google_gid=CAESEL1xnuBRICIt3HJnstl1Bio&google_cver=1

Request Chain 131

• https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
• https://sync.navdmp.com/sync?img=1&mdia=c5306253-01f7-4900-ab76-04dc4b21a54d

Request Chain 143

• https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent=&google_gid=CAESEBAgvlGzGNnuGvimOETBbGc&google_cver=1 HTTP 302
• https://a.audrte.com/p

Request Chain 144

• https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
• https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/a?adform_uid=1375197331558754899 HTTP 302
• https://ps.eyeota.net/match?bid=kh51m51&uid=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent=

Request Chain 146

• https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l8hP6j8YsSgymNc7W4z5iJA&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l8hP6j8YsSgymNc7W4z5iJA&gdpr=0&gdpr_consent=&google_gid=CAESEBAgvlGzGNnuGvimOETBbGc&google_cver=1 HTTP 302
• https://a.audrte.com/p

Request Chain 147

• https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l-f0zOgBMSXaN05P2FnALnQ&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l-f0zOgBMSXaN05P2FnALnQ&gdpr=0&gdpr_consent=&google_gid=CAESEBAgvlGzGNnuGvimOETBbGc&google_cver=1 HTTP 302
• https://a.audrte.com/p

Request Chain 149

• https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4lB8LwBAuLQYyV1fUcuL1alw&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4lB8LwBAuLQYyV1fUcuL1alw&gdpr=0&gdpr_consent=&google_gid=CAESEBAgvlGzGNnuGvimOETBbGc&google_cver=1 HTTP 302
• https://a.audrte.com/p

Request Chain 159

• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/1b88ece622f62d74c7d53f764a08e7e0/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=1 HTTP 302
• https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8881678633445770376/gdpr=1

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/	101 KB 102 KB	99ms 32ms	Document text/html	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / PHP/7.2.9 Resource Hash 5e29864a3e9673e212a2f6c47c871e2c7a744674e24f8529a313dc0829e039f0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 2035 content-type text/html; charset=UTF-8 date Sun, 10 Apr 2022 15:38:42 GMT link <https://elperiodico.com.gt/wp-json/>; rel="https://api.w.org/" <https://elperiodico.com.gt/wp-json/wp/v2/posts/658175>; rel="alternate"; type="application/json" <https://wp.me/pd1iSz-2LdJ>; rel=shortlink server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) x-amz-cf-id _OD1Zu3perdDvzOx-91rbs-h46W91wlfAB0X_lSiNIwLxFDsb3l7Gw== x-amz-cf-pop DUS51-P2 x-cache Hit from cloudfront x-powered-by PHP/7.2.9
GET H2	200	style.css elperiodico.com.gt/wp-content/themes/Ep2020v/	417 KB 48 KB	41ms 31ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/style.css Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash ce6a1b000f924fc4e02b69fe3096e5632048d6096a7c7652bfee79a32318c9b4 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:54 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Thu, 18 Nov 2021 21:08:46 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 463 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id Xtw4JUFPUejCDeEfhCwBX16xxxi6xpEyN2NQGb8MoAGxvmFcH2uN5g==
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/	26 KB 7 KB	110ms 51ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 632 age 4523908 cdn-cachedat 12/13/2021 21:25:06 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:54 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 8ac87b10825a6871d9cd076fc3a23e4f cf-ray 6f9cc3e1ade59a21-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css2 fonts.googleapis.com/	20 KB 1 KB	109ms 50ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4436d05d06cd3bfb3d45c647efac285c8f9ad3cf759214d1ad37b8a5b4815cf3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 10 Apr 2022 15:36:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 10 Apr 2022 16:12:38 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	200	css2 fonts.googleapis.com/	32 KB 2 KB	127ms 68ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 90ff67f5f28c0f1fa6e6ef5b7004531734f49364d7992069816d00148cc6ec00 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 10 Apr 2022 16:12:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 10 Apr 2022 16:12:38 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	200	mediaelementplayer-legacy.min.css elperiodico.com.gt/wp-includes/js/mediaelement/	11 KB 3 KB	135ms 124ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Wed, 09 Dec 2020 14:16:29 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 x-amz-cf-pop DUS51-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css content-encoding gzip x-amz-cf-id 8VA67TDCFZCiDhPjl8oJBd66ghUV6m19JDKC-qe92tcLHBCgMm9gFA==
GET H2	200	wp-mediaelement.min.css elperiodico.com.gt/wp-includes/js/mediaelement/	4 KB 1 KB	136ms 126ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Wed, 27 Nov 2019 16:31:43 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 x-amz-cf-pop DUS51-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css content-encoding gzip x-amz-cf-id 5VfeSNfwZ1uVZVvYHAAfUglXBSIP2ltoApFUz1NMM9pO1ESK5DUrcA==
GET H2	200	frontend.css elperiodico.com.gt/wp-content/plugins/paid-memberships-pro/css/	18 KB 4 KB	52ms 41ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.7.5 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 6ec5e25ccc2cc6c3b189abe9645698a4660cb23b57311c0289e1d8363ff91649 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:55 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 15 Mar 2022 20:53:50 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 462 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id aqdSf50YjVW2VJg9AerWqLDml5On5wf1mlf_wYU4kjErNtOA6tu5nw==
GET H2	200	pmpro-advanced-levels.css elperiodico.com.gt/wp-content/plugins/pmpro-advanced-levels-shortcode/css/	7 KB 2 KB	54ms 44ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/plugins/pmpro-advanced-levels-shortcode/css/pmpro-advanced-levels.css?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash d8d4bba88088b7bda3357bdf6c5ed6ed6d63bb89d17f3eea5e10b28c92c5d8b4 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:37 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Sat, 04 Jul 2020 23:05:33 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1937 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id oZykJCfsYVMsyhahngZX6P2x9D0a3jxv7q8ANg5b3RY-67TvISZsLA==
GET H2	200	twitter-feed.css elperiodico.com.gt/wp-content/plugins/wp-to-twitter/css/	2 KB 878 B	51ms 41ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 196b0d1013a5fb1985890e13453ab76df8bdcee3d57893e84afa3f3e58eacf52 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:37 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Mon, 24 Jan 2022 14:01:04 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1937 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id ITDz6vXCkpMGkRGSJbgrGsCWnNG2HDahQwi39hHum7u5B-O7rndF_Q==
GET H2	200	style.css elperiodico.com.gt/wp-content/themes/Ep2020v/	417 KB 48 KB	39ms 29ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/style.css?ver=1.0 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash ce6a1b000f924fc4e02b69fe3096e5632048d6096a7c7652bfee79a32318c9b4 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:54 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Thu, 18 Nov 2021 21:08:46 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 463 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id bFVax6qEZqraNzSdOzpUTZ-HPirbume9_U3jIpTscERu9V54BnhrMA==
GET H2	200	foundation-icons.css elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/foundation-icons/	19 KB 4 KB	69ms 58ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/foundation-icons/foundation-icons.css?ver=1.0 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:03:48 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1938 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id VHyBSGZjbJzisGCXZpGgOlBAGW89cooEAsMkF9vuLzKFsD22RUQlPg==
GET H2	200	all.min.css elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/	56 KB 12 KB	50ms 41ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/all.min.css?ver=1.0 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 15:15:40 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:03:48 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 3416 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id 7dxHeJ5bazEkFEdhcj_nXC-YlnGrwoeDNlW4JwJN0WUfdtsN-QD8Hg==
GET H2	200	solid.min.css elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/	668 B 989 B	49ms 41ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/solid.min.css?ver=1.0 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 8470c7e9d2da39dfb4ba8e3efaa267cd19bf71d2f9b2ac0840758f1fa44dd943 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 15:15:40 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:03:48 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 3416 x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 668 x-amz-cf-id FlPnGfPgPewLrjKbmlP1mtVUbwtcsSoim7xQQrDcCZbyBSk7_94_Rg==
GET H2	200	svg-with-js.min.css elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/	6 KB 2 KB	50ms 43ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/svg-with-js.min.css?ver=1.0 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash bfa1a98b6d4b6b2f4e8154872857093249ba073497a57e1f8b5272432e640d13 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:37 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:03:48 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1937 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id FUV5JXRBMLGIj3yrPvsPhyDXN-E2YNSGUo4nD8WCyiMVXMrNx6leiQ==
GET H2	200	v4-shims.min.css elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/	26 KB 4 KB	51ms 44ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/v4-shims.min.css?ver=1.0 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 4b8b06e8edfab1dd4475c13ee021e4f582b075677a9018e2f0ba56cc3fc2f0b6 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:37 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:03:55 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1937 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id qLenjpiEorosDQXdbWcp7DFQdO207UYHFLFQd92ZkXV3D6nW8WT8FQ==
GET H2	200	pum-site-styles.css elperiodico.com.gt/wp-content/uploads/pum/	17 KB 4 KB	53ms 46ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/uploads/pum/pum-site-styles.css?generated=1644595482&ver=1.16.4 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash b78a7d7b26af4c5da73a92e7644a6c4d7ddc1c20718af62e7d0f9ec20c253af4 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:37 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Fri, 11 Feb 2022 16:04:42 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1937 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id IT4QULIaw2w0JNM3NZqqvV_W2I4HleDfzvk6RZjsOyc2y-GAzzVHxw==
GET H2	200	jetpack.css elperiodico.com.gt/wp-content/plugins/jetpack/css/	86 KB 17 KB	55ms 49ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/plugins/jetpack/css/jetpack.css?ver=10.7 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:37 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 01 Mar 2022 14:57:40 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1937 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id 7zDohCwC60Fd3tBJFPB5BohSPs8qER7Yv76bjf2jSAGoxMbuenmOMw==
GET H2	200	jquery.min.js Show response elperiodico.com.gt/wp-includes/js/jquery/	87 KB 31 KB	145ms 139ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Mon, 26 Jul 2021 14:21:54 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 x-amz-cf-pop DUS51-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript content-encoding gzip x-amz-cf-id BPHs97BLlkyzfAPpuqeHJMlALOU5oZtcLiPNbH9M8BI1-tGujMgT3Q==
GET H2	200	jquery-migrate.min.js Show response elperiodico.com.gt/wp-includes/js/jquery/	11 KB 4 KB	152ms 146ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Wed, 09 Dec 2020 14:16:29 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 x-amz-cf-pop DUS51-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript content-encoding gzip x-amz-cf-id iZvCHKHxdvWykBhQqK0rS6QuOEXuZhM3nS1XUyXFujAoiNgz6j8R7g==
GET H2	200	utils.js Show response elperiodico.com.gt/wp-includes/js/	5 KB 2 KB	432ms 426ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-includes/js/utils.js?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 678b77e0a869f12beedcb1328889aef2d07eb9980b3943621d460a8369b42784 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Mon, 13 Apr 2020 16:29:28 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 x-amz-cf-pop DUS51-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript content-encoding gzip x-amz-cf-id 5bn_PYzLIfMCDn_ks3naOdDeornuSxubhuNJWzu9A196wWE-os05MA==
GET H2	200	jquery.cookie.min.js Show response elperiodico.com.gt/wp-content/plugins/miniorange-login-openid/includes/js/	2 KB 1 KB	55ms 49ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/plugins/miniorange-login-openid/includes/js/jquery.cookie.min.js?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 746635bb81e5b30625474e6cca59447b0301add31c8905541fff27bdfb89a604 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:55 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Mon, 24 Jan 2022 14:02:04 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 462 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id _Yh_GOIBjEne1hexfY4zG5YnrXIxvH6n4Au2fug6DNZ37PfGTidBkg==
GET H2	200	social_login.js Show response elperiodico.com.gt/wp-content/plugins/miniorange-login-openid/includes/js/	3 KB 1 KB	53ms 49ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/plugins/miniorange-login-openid/includes/js/social_login.js?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 34ccea80aeec0ffb83cf10234072f7b19dfd872990674b9ce414593bab0248b3 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:37 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Mon, 24 Jan 2022 14:02:04 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1937 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id BmWabEGGoVK2FRJEhpSMpBo3LODJMfpsPv1H3DEFLETsri5gf48elQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	103 KB 41 KB	90ms 43ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1021417606 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b83b56b7bf0c5521c1ba2f24f85ad88cc2060892ede15ba2fa855368af00a878 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41602 x-xss-protection 0 last-modified Sun, 10 Apr 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	200	modernizr.min.js Show response cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/	11 KB 5 KB	77ms 26ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 506006 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3980 timing-allow-origin * last-modified Mon, 04 May 2020 16:13:26 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f26-2b4c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa4vZDwZPcBwH2%2Bowm2AdN0yHvljeKP%2B5gg4Vh7YGTLTHTWWOvcii0NOhr4LQcTPF9nk4gPwtB%2FOo2jEkn6%2Bt2L8Z1pljXSZVMiLe%2BXLez1i%2BYJpiPByKibGhM%2FLVxALeoru8vCrIOFv8Ns%2BV%2FovVoTf"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6f9cc3e1aa16913c-FRA expires Fri, 31 Mar 2023 16:12:38 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	176 KB 65 KB	115ms 68ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-FL0V5DWNVY Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 11121af1f3d0a778ac2eb24208e1d12caf86d4589c95ec2ac99a68caaed1d7ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 66213 x-xss-protection 0 expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	200	chartbeat_mab.js Show response static.chartbeat.com/js/	22 KB 10 KB	59ms 19ms	Script application/x-javascript	2600:9000:2057:8400:18:1fcd:34f:cdc1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_mab.js Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:8400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 15:02:01 GMT content-encoding gzip last-modified Fri, 14 Jan 2022 02:25:43 GMT server nginx age 4237 etag W/"61e0df27-59c1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript via 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront) cache-control max-age=7200 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA6-C1 x-amz-cf-id fVQNhXKznq2kA5duca0Bgrge4ATi0kX2FAp6x1tfiGBjtmMK4ygADA== expires Sun, 10 Apr 2022 17:02:01 GMT
GET H2	200	logo-ep.png elperiodico.com.gt/wp-content/themes/Ep2020v/img/	5 KB 5 KB	36ms 32ms	Image image/png	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/img/logo-ep.png Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash b19058b20f670925c0b0ca57332d95afebfd392e7fa4764f7d94d9a02e79b31d Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:05:32 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1561 x-cache Hit from cloudfront content-type image/png x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 4829 x-amz-cf-id WGY6u-F44I_GhrRT7gqNMqv61jwElyjdmJTIuY_uqplvPmTILsWQXg==
GET H2	200	Portada-Guatemala-se-escribe-en-ruso%EF%80%A2The-Store-Project-1024x683.jpg cdn.elperiodico.com.gt/wp-content/uploads/2022/03/11130706/	204 KB 205 KB	111ms 27ms	Image image/jpeg	2600:9000:2057:4800:13:d8b7:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.elperiodico.com.gt/wp-content/uploads/2022/03/11130706/Portada-Guatemala-se-escribe-en-ruso%EF%80%A2The-Store-Project-1024x683.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4800:13:d8b7:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a6355ba79bdc6596a839b6e49e9bd678c5327493e1e0ec996d36d3191c3c5fb9 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 11 Mar 2022 20:02:10 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) last-modified Fri, 11 Mar 2022 19:07:08 GMT server AmazonS3 age 2578228 etag "5efabdf4898343247bd5fe3f4e565396" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 209315 x-amz-cf-id f1gBvLBgemtyw6qb2i3j7klh1j6_9o9yhjFykflG1ty_hsVD0nY6CQ== expires Sat, 11 Mar 2023 19:07:07 GMT
GET H2	200	Este-hombre-deja-boquiabierto-al-pu%CC%81blico-1024x574.jpg cdn.elperiodico.com.gt/wp-content/uploads/2022/01/25161911/	47 KB 47 KB	585ms 501ms	Image image/jpeg	2600:9000:2057:4800:13:d8b7:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.elperiodico.com.gt/wp-content/uploads/2022/01/25161911/Este-hombre-deja-boquiabierto-al-pu%CC%81blico-1024x574.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4800:13:d8b7:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1956e158fe7b4ec6510137c26fb73030d3ee21388924d689fa832ee4ffbf5f5a Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) last-modified Tue, 25 Jan 2022 22:19:12 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag "4bec6b802cc8f9f57a9f4eceb4d22a29" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 48023 x-amz-cf-id m7zIBdKWHwCF9CqcOVOraxShix-lHtJeLXmmmMMy3s_gQ3mWwUrBEg== expires Wed, 25 Jan 2023 22:19:11 GMT
GET H2	200	principal-1024x684.png cdn.elperiodico.com.gt/wp-content/uploads/2022/02/13231432/	891 KB 892 KB	585ms 502ms	Image image/png	2600:9000:2057:4800:13:d8b7:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.elperiodico.com.gt/wp-content/uploads/2022/02/13231432/principal-1024x684.png Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4800:13:d8b7:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 543b62a0cc8618e086e60255b5d777e59d907061777298897e6203d8ae7ed910 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) last-modified Mon, 14 Feb 2022 05:14:33 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag "fcf10b3bff86fe416200a9535d59e6b1" x-cache Miss from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 912095 x-amz-cf-id 6guBlXTIeEg4TkbQBlJG8aj-ZU1lV3ZMj3JOw6QsCablCnlfew-caQ== expires Tue, 14 Feb 2023 05:14:32 GMT
GET H2	200	Reina-Isabel-II.jpg cdn.elperiodico.com.gt/wp-content/uploads/2021/11/29162849/	68 KB 68 KB	518ms 434ms	Image image/jpeg	2600:9000:2057:4800:13:d8b7:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.elperiodico.com.gt/wp-content/uploads/2021/11/29162849/Reina-Isabel-II.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4800:13:d8b7:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a0ffaa4c240edc9760aa1cfbc0cc7d81625f2b19727f1eab5ffb2a0e7e05a3c6 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) last-modified Mon, 29 Nov 2021 22:28:50 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 etag "d4c5f8aca4857adecc3153ab52a10f8e" x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 69275 x-amz-cf-id UWWzS6LopsZ1Lt-a0Fnx5H95JnJUlRaM4iJegHR4SUVpmoIkr8L12w== expires Tue, 29 Nov 2022 22:28:49 GMT
GET H2	200	Norma-Torres.jpg cdn.elperiodico.com.gt/wp-content/uploads/2020/10/29095002/	62 KB 62 KB	175ms 92ms	Image image/jpeg	2600:9000:2057:4800:13:d8b7:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.elperiodico.com.gt/wp-content/uploads/2020/10/29095002/Norma-Torres.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4800:13:d8b7:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 366abc401692580373b1c78b16db1afbcc9d4c9fa1c0f2d2e62e034cb22b3929 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 09 Mar 2022 22:39:01 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) last-modified Thu, 29 Oct 2020 15:50:03 GMT server AmazonS3 age 2741618 etag "b9f9845685cf81ef6377dd062f4edfe3" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 63445 x-amz-cf-id bUSDBLdNNflUbBG8DTogWa9NtgoRYqPZF1S7uAv17EkdfTK7MZwjMQ== expires Fri, 29 Oct 2021 15:50:02 GMT
GET H2	200	p.8.fprin_.UKRAINIAN-PRESIDENTIAL-PRESS-SERVICE-AFP-1024x682.jpg cdn.elperiodico.com.gt/wp-content/uploads/2022/04/09232149/	140 KB 140 KB	111ms 28ms	Image image/jpeg	2600:9000:2057:4800:13:d8b7:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.elperiodico.com.gt/wp-content/uploads/2022/04/09232149/p.8.fprin_.UKRAINIAN-PRESIDENTIAL-PRESS-SERVICE-AFP-1024x682.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4800:13:d8b7:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2dac8d5c15995236c36c9b00552db215a15fd9041f1ee29afeebe0825a6e0b7c Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 14:22:58 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) last-modified Sun, 10 Apr 2022 05:21:51 GMT server AmazonS3 age 6581 etag "afd63395426bc1a03e001b2ca14fa6bb" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 142980 x-amz-cf-id ZJ77MaVgR8WRJ4FP3e0jUBUUFrlJlIaTKMs-ZE_sEzSRFIMkyDpSfQ==
GET H2	200	Max_Liebermann_-_Reiter_und_Reiterin_am_Strand_1903-1024x727.jpg cdn.elperiodico.com.gt/wp-content/uploads/2022/04/10011106/	172 KB 172 KB	92ms 91ms	Image image/jpeg	2600:9000:2057:4800:13:d8b7:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.elperiodico.com.gt/wp-content/uploads/2022/04/10011106/Max_Liebermann_-_Reiter_und_Reiterin_am_Strand_1903-1024x727.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4800:13:d8b7:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f203f7130baecdc1a51da2e3485207d069c098c031e504c8f4c5d8ede7ca3537 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 07:16:30 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) last-modified Sun, 10 Apr 2022 07:11:08 GMT server AmazonS3 age 32169 etag "e4c6070f0d01d93a83aabdecbf3118c7" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 176021 x-amz-cf-id UzOmpb4sSwLBH7uo2Xer7fqNBEoYiOVH9-Y-FOdGxLTLwyvwmaG1LA==
GET H2	200	72d291a-1024x633.jpg cdn.elperiodico.com.gt/wp-content/uploads/2022/04/10010847/	187 KB 188 KB	111ms 110ms	Image image/jpeg	2600:9000:2057:4800:13:d8b7:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.elperiodico.com.gt/wp-content/uploads/2022/04/10010847/72d291a-1024x633.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:4800:13:d8b7:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash eff21606c1d41017903b7656cfcf56f8b1e26c4c7a66cafd34ef99e1b98cd616 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 07:11:05 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) last-modified Sun, 10 Apr 2022 07:08:49 GMT server AmazonS3 age 32494 etag "ecc9fc542d91b832f5994190b312bb82" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 x-amz-cf-pop FRA6-C1 accept-ranges bytes content-length 191580 x-amz-cf-id Js-vNG6SsZ_SNUnFYfd3opUMI3aXCnGdbgmjeucci5igN8tIukXSSA==
GET H2	200	app.js Show response elperiodico.com.gt/wp-content/themes/Ep2020v/js/	687 KB 166 KB	64ms 64ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/js/app.js?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash c1756ab03b7b2ccd3fdbc236f2ee43636213ed8750a309aac12f9b2b5c988c4e Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:55 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:05:52 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 462 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id meIY8rAiqpyy-oDmf0OQJ1GWgEHVs7nUAPN6I1ZNWDeC7w03KneYcQ==
GET H2	200	signup.js Show response elperiodico.com.gt/wp-content/themes/Ep2020v/js/	5 KB 2 KB	32ms 32ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/js/signup.js?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash d8bbd37df58381f3279829e207c2923eeda0cac51f2393eda66b6c8c4567e656 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:55 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:05:52 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 462 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id UtkciyUkekCT2BAx7kNKq4yq9QkY8TTHEobJfJNIFBV8KzNwhkAzRg==
GET H2	200	perfil.js Show response elperiodico.com.gt/wp-content/themes/Ep2020v/js/	580 B 912 B	34ms 30ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/js/perfil.js?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 8d03f6cdaa751a9b5629bcfbc6467b498284d2549215db45465710043b1d28f1 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:56 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:05:52 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 462 x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 580 x-amz-cf-id ygRzdNBX4V86bemuD1g1SkCIF3b7CiKOSKG53UbVFikUvGGRby2EYw==
GET H2	200	papaparse.min.js Show response elperiodico.com.gt/wp-content/themes/Ep2020v/js/	14 KB 6 KB	34ms 29ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/js/papaparse.min.js?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 55ea02a2630bcb20989af7824621bbf2a3c6ade6ce4f7d8b5f87d5a288d4c420 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:56 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Fri, 24 Sep 2021 20:12:48 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 462 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id qah9YigeYTar1yni0yg3YhcmFmlaSmiV5x_I45n06rPcQh3LMMEduA==
GET H2	200	whatsappSendMessage-script.js Show response elperiodico.com.gt/wp-content/themes/Ep2020v/js/	2 KB 1019 B	28ms 24ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/js/whatsappSendMessage-script.js?ver=1649605121 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 26f4476240c614180181a72ad79dd428faaa6cccfb1e0260b5aeee8c8f6d73bf Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:09:23 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Thu, 14 Oct 2021 17:37:23 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1938 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id aQefJj1Te9vzzT3xbvSRuoB2-rJOT7n3S8nCtnekRiOX28BWisOjZg==
GET H2	200	core.min.js Show response elperiodico.com.gt/wp-includes/js/jquery/ui/	20 KB 7 KB	128ms 124ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Wed, 23 Feb 2022 01:39:42 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 x-amz-cf-pop DUS51-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript content-encoding gzip x-amz-cf-id nFyOqOU3i_F8X7J5--9nIo-YwKksf-Qt3tSojZ0afahRSbdk6mqQmQ==
GET H2	200	pum-site-scripts.js Show response elperiodico.com.gt/wp-content/uploads/pum/	68 KB 17 KB	34ms 30ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1644595482&ver=1.16.4 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 3431b64c5182cd40f7f57047807dc81feac9e89fcd42c78a09a4b8499ac24805 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:04:56 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Fri, 11 Feb 2022 16:04:42 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 462 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop DUS51-P2 content-encoding gzip x-amz-cf-id 3JKpu3XZhqL9OdfetIPh_Xtm-E0soAdG6oy1t0dDapKkLRZz9hiacQ==
GET H2	200	e-202214.js Show response stats.wp.com/	9 KB 3 KB	56ms 18ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202214.js Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-nc HIT hhn date Sun, 10 Apr 2022 16:12:38 GMT content-encoding br server nginx etag W/"6197c5cf-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Mon, 27 Mar 2023 05:14:24 GMT
GET H2	200	wp-emoji-release.min.js Show response elperiodico.com.gt/wp-includes/js/	18 KB 5 KB	219ms 217ms	Script application/javascript	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Mon, 26 Jul 2021 14:21:54 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 x-amz-cf-pop DUS51-P2 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript content-encoding gzip x-amz-cf-id 6UDp0u0MqsK9V9zcOcYeZVAqVg4sJygWTO6fnVgMyyi2JEI3KrXOJA==
GET H2	200	print.css elperiodico.com.gt/wp-content/plugins/paid-memberships-pro/css/	86 B 407 B	33ms 32ms	Stylesheet text/css	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.7.5 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 15 Mar 2022 20:53:50 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1937 x-cache Hit from cloudfront content-type text/css x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 86 x-amz-cf-id 5J6fNPxWZhvLSAhRSRTU4sm1uSyYLSPSXC701SDK14RaUkXYBNR3dA==
GET H2	200	css fonts.googleapis.com/	2 KB 598 B	27ms 26ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/wp-content/uploads/pum/pum-site-styles.css?generated=1644595482&ver=1.16.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2e9fbf3d824fd46e5a95966458246d1f26baae0e47d3dc732e2ce0f51b14d772 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 10 Apr 2022 15:26:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 10 Apr 2022 16:12:38 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	69ms 18ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 01:46:21 GMT x-content-type-options nosniff age 224777 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 08 Apr 2023 01:46:21 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	98ms 29ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26311 x-xss-protection 0 pragma public x-fb-debug GJjhnXzaUZuPEB804oUICCV288VkI7Xg8XCcbMc/sk9avY/IaJRm6fi9bGgCjtUVuIsaHbbAUMlz2SWR/ThG/A== x-fb-trip-id 720026100 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sun, 10 Apr 2022 16:12:38 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	78ms 19ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 2268 date Sun, 10 Apr 2022 15:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 10 Apr 2022 17:34:50 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	103 KB 39 KB	53ms 52ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T8JK7TD Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 91efc4b66a6c73c8442534bdafe3c865be5e8ca3fce2eb260acdbe61750c3018 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40018 x-xss-protection 0 last-modified Sun, 10 Apr 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	36 KB 14 KB	25ms 24ms	Script application/x-javascript	2600:9000:2057:8400:18:1fcd:34f:cdc1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:8400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 14:26:00 GMT content-encoding gzip last-modified Thu, 10 Mar 2022 04:15:35 GMT server nginx age 6398 etag W/"62297b67-8e96" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript via 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront) cache-control max-age=7200 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA6-C1 x-amz-cf-id iTzv-vgEh9ycFMQ4XIAV3saqiT3fr-yEZEcmu88mUfqHu0Ujc3ZBBg== expires Sun, 10 Apr 2022 16:26:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	48ms 24ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 06 Apr 2022 17:56:19 GMT x-content-type-options nosniff age 339379 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Apr 2023 17:56:19 GMT
GET H3	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/	63 KB 64 KB	50ms 28ms	Font font/woff2	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 756 age 3537677 cdn-proxyver 1.02 cdn-cachedat 01/30/2022 20:52:19 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 64464 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:54 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 556549a2ccd7cf32fc92a1dcc5d40f57 accept-ranges bytes cf-ray 6f9cc3e45f109bfb-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	60ms 39ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 06 Apr 2022 17:58:32 GMT x-content-type-options nosniff age 339246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15732 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:20 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Apr 2023 17:58:32 GMT
GET H2	200	epl-41.js Show response us.img.e-planning.net/layers/	69 KB 24 KB	138ms 69ms	Script application/x-javascript	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://us.img.e-planning.net/layers/epl-41.js Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash b87fc46fae9cf545190416f4310da54bb277fcbdddd62740c6ea8f0cbedec114 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:37 GMT content-encoding gzip last-modified Wed, 01 Dec 2021 18:20:40 GMT server openresty etag W/"61a7bcf8-1137f" content-type application/x-javascript cache-control max-age=86400 expires Mon, 11 Apr 2022 16:12:37 GMT
GET H2	200	ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2 fonts.gstatic.com/s/notoserif/v20/	27 KB 27 KB	50ms 46ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notoserif/v20/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 05 Apr 2022 11:57:51 GMT x-content-type-options nosniff age 447287 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27456 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:20:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 05 Apr 2023 11:57:51 GMT
GET H2	200	fa-solid-900.woff2 elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/webfonts/	74 KB 75 KB	45ms 41ms	Font application/octet-stream	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/webfonts/fa-solid-900.woff2 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/all.min.css?ver=1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4 Request headers Referer https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/all.min.css?ver=1.0 Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:03:57 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 1744 x-cache Hit from cloudfront x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 76084 x-amz-cf-id kI2RWr8YM5RjiGhjbLP3XU6yk_cLFqLmXwpo-e1WieyTVlBJhRnmRQ==
GET H2	200	fa-brands-400.woff2 elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/webfonts/	74 KB 75 KB	31ms 28ms	Font application/octet-stream	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/webfonts/fa-brands-400.woff2 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/all.min.css?ver=1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b Request headers Referer https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/fontawesome-free-5-12-0-web/css/all.min.css?ver=1.0 Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 15:15:02 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:03:56 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 3456 x-cache Hit from cloudfront x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 75936 x-amz-cf-id AxO8UA0Fdm_xpsW3GPuAZd386ZM_9ykMU37RU7joS3obQTaMUnFEWA==
GET H2	200	ga6Vaw1J5X9T9RW6j9bNfFIu0RWud-VMCoY.woff2 fonts.gstatic.com/s/notoserif/v20/	18 KB 18 KB	61ms 58ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notoserif/v20/ga6Vaw1J5X9T9RW6j9bNfFIu0RWud-VMCoY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d7adeb47b30e489473e64cb7b78b97f3013abfa66c5f39ba71daa14a3cffa80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 07 Apr 2022 01:07:35 GMT x-content-type-options nosniff age 313503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18736 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:14:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 07 Apr 2023 01:07:35 GMT
GET H2	200	foundation-icons.woff elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/foundation-icons/	31 KB 32 KB	31ms 28ms	Font application/font-woff	2600:9000:2315:5e00:15:d9ef:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/foundation-icons/foundation-icons.woff Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/foundation-icons/foundation-icons.css?ver=1.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:5e00:15:d9ef:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 / Resource Hash 8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec Request headers Referer https://elperiodico.com.gt/wp-content/themes/Ep2020v/fonts/foundation-icons/foundation-icons.css?ver=1.0 Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 15:15:02 GMT via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 20:03:48 GMT server Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.9 age 3456 x-cache Hit from cloudfront content-type application/font-woff x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 32020 x-amz-cf-id ZTfAywXwauxfZn_HinA7p7Tb7y4VY6H8PL-dP-EIPv5AaMBNoxsABA==
GET H2	200	ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2 fonts.gstatic.com/s/notoserif/v20/	23 KB 24 KB	56ms 54ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notoserif/v20/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 06 Apr 2022 19:38:10 GMT x-content-type-options nosniff age 333268 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23948 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:15:10 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Apr 2023 19:38:10 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	63ms 62ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Tue, 05 Apr 2022 14:02:01 GMT x-content-type-options nosniff age 439837 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 05 Apr 2023 14:02:01 GMT
GET H2	200	KFOkCnqEu92Fr1Mu51xIIzI.woff2 fonts.gstatic.com/s/roboto/v29/	17 KB 17 KB	67ms 66ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 01:28:33 GMT x-content-type-options nosniff age 225845 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17304 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 08 Apr 2023 01:28:33 GMT
GET H3	200	ga6Vaw1J5X9T9RW6j9bNfFIu0RWuc-VM.woff2 fonts.gstatic.com/s/notoserif/v20/	24 KB 24 KB	59ms 21ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notoserif/v20/ga6Vaw1J5X9T9RW6j9bNfFIu0RWuc-VM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 63503c22b93ab64970b05909bf8d9c59bf975cd581a5fc5132d738a32a94d746 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elperiodico.com.gt accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Wed, 06 Apr 2022 22:23:36 GMT x-content-type-options nosniff age 323342 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24944 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:14:42 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Apr 2023 22:23:36 GMT
GET H2	200	/ Show response mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/	320 B 567 B	191ms 146ms	XHR application/json	2a04:4e42::714 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=elperiodico.com.gt&domain=elperiodico.com.gt&path=%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%25D0%25B3%25D0%25B2%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D0%25BB%25D0%25B0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F Requested by Host: static.chartbeat.com URL: https://static.chartbeat.com/js/chartbeat_mab.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::714 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 84f05695f1546ec017cfe110215abdeafaeea05f7d0cc18ffb3eaa40dd3bd51d Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding gzip x-cache-hits 0 age 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 214 x-served-by cache-hhn4026-HHN access-control-allow-origin * x-timer S1649607159.681125,VS0,VE99 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/json via 1.1 varnish (Varnish/6.0), 1.1 varnish cache-control no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 accept-ranges bytes expires Fri, 08 Apr 2022 16:12:38 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	55ms 27ms	XHR text/plain	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=217766197&t=pageview&_s=1&dl=https%3A%2F%2Felperiodico.com.gt%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%B2%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D0%BB%D0%B0%3A%20Los%20se%C3%B1ores%20del%20polvo%20rojo%20y%20los%20se%C3%B1ores%20del%20polvo%20blanco%20(II%20Parte)%20%7C%20elPeri%C3%B3dico%20de%20Guatemala&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1458844462&gjid=1119158321&cid=1462766206.1649607159&tid=UA-870246-21&_gid=1097847068.1649607159&_r=1&_slc=1&z=444897506 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://elperiodico.com.gt/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://elperiodico.com.gt cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	39 KB 15 KB	83ms 34ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-1021417606 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 7ce02e0f563c14e7fd2d3249c13317e74fef66108f27096bf04a04552aa0c99c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14886 x-xss-protection 0 server cafe etag 11980861724045072707 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 10 Apr 2022 16:12:38 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	176 KB 65 KB	67ms 41ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-FL0V5DWNVY&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-1021417606 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3ec54884661e214fb0a9a44eb8b980c744a9187c7bc10c268ef23015e176a2e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 66251 x-xss-protection 0 expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	18ms 17ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A10.7&blog=192403271&post=658175&tz=-6&srv=elperiodico.com.gt&host=elperiodico.com.gt&ref=&fcp=613&rand=0.23154875518702944 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-origin * date Sun, 10 Apr 2022 16:12:38 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H3	200	492469847814769 Show response connect.facebook.net/signals/config/	307 KB 87 KB	442ms 404ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/492469847814769?v=2.9.57&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1b935e3a5ea0d20afd1221ee2d3107d578002c610df48278779e7eb511c9a5e8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug CYakS/AK6YCsCGvh3H1vtAy8iDxwBbPKJYyJwCa6xgm4SBdE0C+UqQE1Ae5Fla+NCNFPDAxHiFOIO7jeN7TyDA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Sun, 10 Apr 2022 16:12:39 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/	0 348 B	77ms 25ms	Ping text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-FL0V5DWNVY&gtm=2oe3u0&_p=217766197&sr=1600x1200&_z=ccd.AAB&_gaz=1&ul=en-us&cid=1462766206.1649607159&_s=1&dl=https%3A%2F%2Felperiodico.com.gt%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F&dt=%D0%93%D0%B2%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D0%BB%D0%B0%3A%20Los%20se%C3%B1ores%20del%20polvo%20rojo%20y%20los%20se%C3%B1ores%20del%20polvo%20blanco%20(II%20Parte)%20%7C%20elPeri%C3%B3dico%20de%20Guatemala&sid=1649607158&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-FL0V5DWNVY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://elperiodico.com.gt cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 348 B	78ms 25ms	Ping text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FL0V5DWNVY&cid=1462766206.1649607159&gtm=2oe3u0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-FL0V5DWNVY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://elperiodico.com.gt cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	93ms 44ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FL0V5DWNVY&cid=1462766206.1649607159&gtm=2oe3u0&aip=1&z=886933027 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	305ms 102ms	Image image/gif	3.229.229.241 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=elperiodico.com.gt&p=%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%25D0%25B3%25D0%25B2%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D0%25BB%25D0%25B0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F&u=D-zSvMBHZcGbeK8I1&d=elperiodico.com.gt&g=57792&g0=Investigaci%C3%B3n&g1=The%20Store%20Project%20%2F%20elPeri%C3%B3dico&n=1&f=00001&c=0&x=0&m=0&y=3775&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=915&t=_chwaBja7rQCeSLIMnxWR593nkA&V=129&i=%D0%93%D0%B2%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D0%BB%D0%B0%3A%20Los%20se%C3%B1ores%20del%20polvo%20rojo%20y%20los%20se%C3%B1ores%20del%20polvo%20blanco%20(II%20Parte)%20%7C%20elPeri%C3%B3dico%20de%20Gua&tz=0&_acct=anon&sn=1&sv=FglPlBy4PFGCRIgNHChcW2CCYPmjo&sd=1&im=067b0fff&_ Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.229.241 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-229-241.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif content-length 43 expires 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	30ms 25ms	XHR text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-870246-21&cid=1462766206.1649607159&jid=1458844462&gjid=1119158321&_gid=1097847068.1649607159&_u=IEBAAEAAAAAAAC~&z=1575501715 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://elperiodico.com.gt/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 10 Apr 2022 16:12:38 GMT content-type text/plain access-control-allow-origin https://elperiodico.com.gt cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1021417606/	3 KB 2 KB	75ms 28ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1021417606/?random=1649607158769&cv=9&fst=1649607158769&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Felperiodico.com.gt%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F&tiba=%D0%93%D0%B2%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D0%BB%D0%B0%3A%20Los%20se%C3%B1ores%20del%20polvo%20rojo%20y%20los%20se%C3%B1ores%20del%20polvo%20blanco%20(II%20Parte)%20%7C%20elPeri%C3%B3dico%20de%20Guatemala&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b85d2e2f0d194d6ad9c8860c8b9b52fc9ef5531a83862026a2d754fe5ebdbfa1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1202 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	88ms 42ms	Image image/gif	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-870246-21&cid=1462766206.1649607159&jid=1458844462&_u=IEBAAEAAAAAAAC~&z=1358975132 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	46ms 45ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-870246-21&cid=1462766206.1649607159&jid=1458844462&_u=IEBAAEAAAAAAAC~&z=1358975132 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/1021417606/	42 B 154 B	35ms 34ms	Image image/gif	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1021417606/?random=1649607158769&cv=9&fst=1649606400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Felperiodico.com.gt%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F&tiba=%D0%93%D0%B2%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D0%BB%D0%B0%3A%20Los%20se%C3%B1ores%20del%20polvo%20rojo%20y%20los%20se%C3%B1ores%20del%20polvo%20blanco%20(II%20Parte)%20%7C%20elPeri%C3%B3dico%20de%20Guatemala&async=1&fmt=3&is_vtc=1&random=4128448300&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/1021417606/	42 B 64 B	70ms 39ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1021417606/?random=1649607158769&cv=9&fst=1649606400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Felperiodico.com.gt%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F&tiba=%D0%93%D0%B2%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D0%BB%D0%B0%3A%20Los%20se%C3%B1ores%20del%20polvo%20rojo%20y%20los%20se%C3%B1ores%20del%20polvo%20blanco%20(II%20Parte)%20%7C%20elPeri%C3%B3dico%20de%20Guatemala&async=1&fmt=3&is_vtc=1&random=4128448300&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	universal.min.js Show response tag.navdmp.com/	13 KB 5 KB	83ms 31ms	Script application/javascript	2606:4700::6810:df3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tag.navdmp.com/universal.min.js Requested by Host: us.img.e-planning.net URL: https://us.img.e-planning.net/layers/epl-41.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68abb180139391d184e19c20f88ef9eb58a75c4bc5a6042de8e74ee2402fce4c Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 25 Mar 2022 17:36:15 GMT server cloudflare age 2883 etag W/"623dfd8f-35f3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin * cache-control max-age=3600 cf-ray 6f9cc3e82c546933-FRA content-type application/javascript expires Sun, 10 Apr 2022 16:24:36 GMT
GET H2	200	Articulo Show response ads.us.e-planning.net/cm/5/31cb4/ Redirect Chain https://ads.us.e-planning.net/cm/5/31cb4/Articulo?rnd=0.266571825443652&e=1x1+boxa2m+billboarda1w+boxa1m+bannera3m+inlinea2w+bannera3w&fv=0&ur=https%3A//elperiodico.com.gt/noticias/investigacion/20... https://ads.us.e-planning.net/cm/5/31cb4/Articulo?ct=1&rnd=0.266571825443652&e=1x1+boxa2m+billboarda1w+boxa1m+bannera3m+inlinea2w+bannera3w&fv=0&ur=https%3A//elperiodico.com.gt/noticias/investigaci...	1 KB 980 B	28ms 28ms	Script application/x-javascript	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://ads.us.e-planning.net/cm/5/31cb4/Articulo?ct=1&rnd=0.266571825443652&e=1x1+boxa2m+billboarda1w+boxa1m+bannera3m+inlinea2w+bannera3w&fv=0&ur=https%3A//elperiodico.com.gt/noticias/investigacion/2022/03/12/%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/&ts=1649607159&tz=0&n=640x4b0&crs=UTF-8&vs=FFFFFFF&gdpr=0&ccpa=1---&lv=20 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 95f857f76f82a03a6fe6ebfef932f1af7029ae4c99aebd1ac2a7a276e6ae9b85 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT content-encoding gzip server openresty p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-sid AMS-607 cache-control max-age=0, no-cache content-type application/x-javascript; charset=utf-8 expires Sun, 10 Apr 2022 16:12:39 GMT Redirect headers location /cm/5/31cb4/Articulo?ct=1&rnd=0.266571825443652&e=1x1+boxa2m+billboarda1w+boxa1m+bannera3m+inlinea2w+bannera3w&fv=0&ur=https%3A//elperiodico.com.gt/noticias/investigacion/2022/03/12/%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/&ts=1649607159&tz=0&n=640x4b0&crs=UTF-8&vs=FFFFFFF&gdpr=0&ccpa=1---&lv=20 date Sun, 10 Apr 2022 16:12:39 GMT p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" server openresty content-type text/html; charset=iso-8859-1 x-sid AMS-607
GET H2	200	60118 Show response tag.navdmp.com/u/	690 B 533 B	160ms 160ms	Script application/javascript	2606:4700::6810:df3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tag.navdmp.com/u/60118 Requested by Host: tag.navdmp.com URL: https://tag.navdmp.com/universal.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27245a8a3f678528283aa04f0767f4e880e0ddc8b3d517a4a770d03b556926c6 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 07 Sep 2021 18:45:01 GMT server cloudflare etag W/"6137b32d-2b2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin * cache-control max-age=3600 cf-ray 6f9cc3e85cbb6933-FRA content-type application/javascript expires Sun, 10 Apr 2022 17:12:39 GMT
GET H2	200	__index.js Show response s.e-planning.net/esb/4/0/191c3/eb6f633ff79123bc/ Frame 8CCE	64 KB 16 KB	109ms 49ms	Script application/x-javascript	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://s.e-planning.net/esb/4/0/191c3/eb6f633ff79123bc/__index.js Requested by Host: us.img.e-planning.net URL: https://us.img.e-planning.net/layers/epl-41.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 26cf3f0e892a4df2e98c23246a45716251a522c3ab553f10356219d7a0ca36c0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding gzip last-modified Mon, 04 Apr 2022 22:13:34 GMT server openresty etag W/"624b6d8e-101c7" content-type application/x-javascript access-control-allow-origin * cache-control max-age=157680000 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	__index.js Show response s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/ Frame 11BC	76 KB 18 KB	106ms 54ms	Script application/x-javascript	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/__index.js Requested by Host: us.img.e-planning.net URL: https://us.img.e-planning.net/layers/epl-41.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 487b5fe7739ba7464081326abe78ecb271e9e1f7641c042b171d1416faacae32 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding gzip last-modified Mon, 04 Apr 2022 14:51:04 GMT server openresty etag W/"624b05d8-12f43" content-type application/x-javascript access-control-allow-origin * cache-control max-age=157680000 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	__index.js Show response s.e-planning.net/esb/4/0/191c3/ab106627c7308dca/ Frame 7DDD	62 KB 16 KB	123ms 79ms	Script application/x-javascript	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://s.e-planning.net/esb/4/0/191c3/ab106627c7308dca/__index.js Requested by Host: us.img.e-planning.net URL: https://us.img.e-planning.net/layers/epl-41.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 68432f26944516285281952ec76b9a7ff045a913e89443b1f3c632d1dc77e78e Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding gzip last-modified Wed, 23 Mar 2022 22:09:04 GMT server openresty etag W/"623b9a80-f8b3" content-type application/x-javascript access-control-allow-origin * cache-control max-age=157680000 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	/ Show response spl.zeotap.com/ Frame 37C2	7 KB 2 KB	84ms 39ms	Document text/html	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Requested by Host: us.img.e-planning.net URL: https://us.img.e-planning.net/layers/epl-41.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ddae960bb260a7c5272435dacb53b9e515074f249ce04dd8598abb394fd49d5 Request headers Referer https://elperiodico.com.gt/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers * access-control-allow-origin https://elperiodico.com.gt cf-cache-status DYNAMIC cf-ray 6f9cc3e92c4b9225-FRA content-encoding br content-type text/html date Sun, 10 Apr 2022 16:12:39 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare vary Origin via 1.1 google
GET H/1.1	200	ptag Show response a.audrte.com/	5 KB 2 KB	435ms 104ms	Script text/plain	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.audrte.com/ptag?p=M1353665098 Requested by Host: us.img.e-planning.net URL: https://us.img.e-planning.net/layers/epl-41.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 781e67ecb2f9e56a60b2e356544fddea7f6b4bcb9b63fa3d19675112b0081826 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:39 GMT Content-Encoding gzip Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-transform, public, max-age=3600 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1683
GET H2	200	lotame.js Show response s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/	266 B 415 B	122ms 79ms	Script application/x-javascript	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js Requested by Host: us.img.e-planning.net URL: https://us.img.e-planning.net/layers/epl-41.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT content-encoding gzip last-modified Thu, 19 Nov 2020 16:18:03 GMT server openresty etag W/"5fb69abb-10a" content-type application/x-javascript access-control-allow-origin * cache-control max-age=157680000 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	0ad2157fb93c19ed.jpg s.e-planning.net/esb/4/0/191c3/	27 KB 28 KB	122ms 80ms	Image image/jpeg	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/0ad2157fb93c19ed.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 4ac9db7a74a47b7932273b766e4b2f8e46caffc4f52cd1da411fee8ac0f799ee Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT last-modified Wed, 30 Mar 2022 16:50:44 GMT server openresty etag "62448a64-6dac" content-type image/jpeg cache-control max-age=157680000 accept-ranges bytes content-length 28076 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	usr Show response usr.navdmp.com/	359 B 430 B	187ms 176ms	Script application/javascript	2606:4700::6810:df3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://usr.navdmp.com/usr?v=7&acc=60118&u=1&new=1&wst=0&wct=1&wla=1 Requested by Host: tag.navdmp.com URL: https://tag.navdmp.com/universal.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddc5ae4e1e8986b14c27ea3be4c14411d23de4e982c99aff545f23a320855de0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma public date Sun, 10 Apr 2022 16:12:39 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6f9cc3e96f146933-FRA p3p CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control max-age=3600 act f0 content-type application/javascript expires Sun, 10 Apr 2022 17:12:39 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	86ms 28ms	Image image/gif	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=492469847814769&ev=PageView&dl=https%3A%2F%2Felperiodico.com.gt%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F&rl=&if=false&ts=1649607159271&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1649607159269.1784745303&it=1649607158682&coo=false&rqm=GET Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Sun, 10 Apr 2022 16:12:39 GMT
GET H/1.1	400 Request failed due to privacy signals	getuid ib.adnxs.com/ Frame 37C2	0 0	273ms 238ms	Image text/html	37.252.172.37 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H2	200	pixel cm.g.doubleclick.net/ Frame 37C2	170 B 502 B	72ms 27ms	Image image/png	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26... https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent... https://mwzeom.zeotap.com/mw?cid=5ace947f-01b2-429c-9f5d-5e46d0938396&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab...	95 B 164 B	75ms 71ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=5ace947f-01b2-429c-9f5d-5e46d0938396&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3ea6f349225-FRA access-control-allow-headers * content-length 95 Redirect headers location https://mwzeom.zeotap.com/mw?cid=5ace947f-01b2-429c-9f5d-5e46d0938396&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	403	/ dmp.adform.net/serving/cookie/match/ Frame 37C2	0 331 B	112ms 46ms	Image text/plain	37.157.6.242 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.242 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D1... https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D1... https://mwzeom.zeotap.com/mw?cid=e10bec62-6d58-401e-b7d4-695918b6069a&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab...	95 B 153 B	43ms 43ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=e10bec62-6d58-401e-b7d4-695918b6069a&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3eaf8329225-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://mwzeom.zeotap.com/mw?cid=e10bec62-6d58-401e-b7d4-695918b6069a&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 cache-control private,no-cache, must-revalidate content-type text/html content-length 481
GET H2	200	cm trc.taboola.com/sg/zeotap/1/ Frame 37C2	0 161 B	66ms 25ms	Image text/plain	2a04:4e42::300 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-vcl-time-ms 8 date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 varnish server nginx x-timer S1649607159.341242,VS0,VE8 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn4041-HHN
GET H/1.1	200 OK	u dmp.v.fwmrm.net/ad/ Frame 37C2	0 411 B	645ms 104ms	Image text/html	2600:1f18:6593:f602:8bd3:480b:a39:d536 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:6593:f602:8bd3:480b:a39:d536 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Sun, 10 Apr 2022 16:12:39 GMT P3P policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID" Cache-Control no-store Connection keep-alive Content-Type text/html Keep-Alive timeout=300 Content-Length 0 Expires 0
GET H2	200	UCookieSetPug image6.pubmatic.com/AdServer/ Frame 37C2	0 166 B	108ms 44ms	Image text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88fc604c-1428-415f-67e1-1eb411ae0d66%26reqId%3D14c02247-32b9-4dab-5a53-a3abcaa91c25%26zdid%3D1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=136... https://mwzeom.zeotap.com/mw?cid=f12cf938-da28-49ab-a1d4-7c5be59a359a&zpartnerid=317&gdpr=1&gdpr_consent=	95 B 153 B	70ms 70ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=f12cf938-da28-49ab-a1d4-7c5be59a359a&zpartnerid=317&gdpr=1&gdpr_consent= Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3eb791d9225-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT server Apache-Coyote/1.1 location https://mwzeom.zeotap.com/mw?cid=f12cf938-da28-49ab-a1d4-7c5be59a359a&zpartnerid=317&gdpr=1&gdpr_consent= cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 x-xss-protection 1; mode=block expires 0
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://dpm.demdex.net/ibs:dpid=199624&dpuuid=88fc604c-1428-415f-67e1-1eb411ae0d66&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D... https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=88fc604c-1428-415f-67e1-1eb411ae0d66&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env... https://mwzeom.zeotap.com/mw?cid=12527076653251475764491252511829664385&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-...	95 B 153 B	36ms 36ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=12527076653251475764491252511829664385&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3eb58ce9225-FRA access-control-allow-headers * content-length 95 Redirect headers DCS dcs-prod-irl1-2-v030-080d1cadb.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID NClS0ovgQMc= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://mwzeom.zeotap.com/mw?cid=12527076653251475764491252511829664385&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	204	/ loadeu.exelator.com/load/ Frame 37C2	0 324 B	183ms 39ms	Image text/plain	34.254.143.3 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-143-3.eu-west-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://bn01.er.bemail.it/zeotap.php?_bid=88fc604c-1428-415f-67e1-1eb411ae0d66&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-... https://mwzeom.zeotap.com/mw?cid=BE1-2022041018-46169-0.219155001649607160-7ec67bde887a670883204c778e2098c0&zdid=533&env=mWeb	95 B 153 B	127ms 126ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=BE1-2022041018-46169-0.219155001649607160-7ec67bde887a670883204c778e2098c0&zdid=533&env=mWeb Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3eb08589225-FRA access-control-allow-headers * content-length 95 Redirect headers Location https://mwzeom.zeotap.com/mw?cid=BE1-2022041018-46169-0.219155001649607160-7ec67bde887a670883204c778e2098c0&zdid=533&env=mWeb Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.10.2 Connection keep-alive X-Powered-By PHP/5.4.16 Transfer-Encoding chunked Content-Type text/html
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con... https://mwzeom.zeotap.com/mw?cid=7085008799165642904&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-...	95 B 153 B	37ms 37ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=7085008799165642904&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3eaf8309225-FRA access-control-allow-headers * content-length 95 Redirect headers Location https://mwzeom.zeotap.com/mw?cid=7085008799165642904&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Date Sun, 10 Apr 2022 16:12:39 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	receive pixel.tapad.com/idsync/ex/ Frame 37C2	95 B 427 B	30ms 27ms	Image image/png	35.227.248.159 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=88fc604c-1428-415f-67e1-1eb411ae0d66 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 159.248.227.35.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google content-type image/png alt-svc clear content-length 95 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://idsync.frontend.weborama.fr/ids?key=zeotap&value=88fc604c-1428-415f-67e1-1eb411ae0d66&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26... https://idsync.frontend.weborama.fr/ids?key=zeotap&value=88fc604c-1428-415f-67e1-1eb411ae0d66&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26... https://mwzeom.zeotap.com/mw?webouuid=tqfN/69/0OT9cpThfOxb6.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4d...	95 B 153 B	38ms 37ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?webouuid=tqfN/69/0OT9cpThfOxb6.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3eb38a59225-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google last-modified Sun, 10 Apr 2022 16:12:39 GMT server nginx/1.18.0 location https://mwzeom.zeotap.com/mw?webouuid=tqfN/69/0OT9cpThfOxb6.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	2.gif dmp.theadex.com/d/949/i/ Frame 37C2	36 B 272 B	74ms 20ms	Image image/gif	185.15.245.82 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=88fc604c-1428-415f-67e1-1eb411ae0d66&axd_pid=175 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software / Resource Hash 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT cache-control no-store, no-cache, must-revalidate expires 0 content-length 36 content-type image/gif
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=88fc604c-1428-415f-67e1-1eb411ae0d66?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con... https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=88fc604c-1428-415f-67e1-1eb411ae0d66?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp... https://mwzeom.zeotap.com/mw?pid=57545f8aaa8294ac9080096d3558d3e0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32...	95 B 153 B	55ms 55ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?pid=57545f8aaa8294ac9080096d3558d3e0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3ec4a6a9225-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://mwzeom.zeotap.com/mw?pid=57545f8aaa8294ac9080096d3558d3e0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 cache-control no-cache x-server 10.45.1.239 content-length 0 expires 0
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=ZTAP https://mwzeom.zeotap.com/mw?cid=y-uEP7h_tE2ooe7JXCHN7.vfHhfoAZQQ9j0w--~A&zpartnerid=570&env=mWeb	95 B 153 B	44ms 44ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=y-uEP7h_tE2ooe7JXCHN7.vfHhfoAZQQ9j0w--~A&zpartnerid=570&env=mWeb Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3eb791b9225-FRA access-control-allow-headers * content-length 95 Redirect headers date Sun, 10 Apr 2022 16:12:39 GMT via http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer) server ATS age 0 strict-transport-security max-age=31536000 content-type text/html;charset=utf-8 location https://mwzeom.zeotap.com/mw?cid=y-uEP7h_tE2ooe7JXCHN7.vfHhfoAZQQ9j0w--~A&zpartnerid=570&env=mWeb content-length 0
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zd... https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Ol%2F2Llz7A8AGRDm1gJCHZYvmqtfogaRy%2BS41iYitP1U%3D	95 B 153 B	32ms 32ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Ol%2F2Llz7A8AGRDm1gJCHZYvmqtfogaRy%2BS41iYitP1U%3D Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3eba94d9225-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" location https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Ol%2F2Llz7A8AGRDm1gJCHZYvmqtfogaRy%2BS41iYitP1U%3D cache-control no-cache, no-store, must-revalidate content-length 0 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 37C2	0 338 B	122ms 40ms	Image text/plain	54.76.30.252 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.30.252 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-30-252.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT cache-control private, no-cache, no-store x-request-time D=36 t=1649607159 x-served-by beacon-n014-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	/ sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 37C2	95 B 359 B	81ms 24ms	Image image/png	162.55.236.225 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=88fc604c-1428-415f-67e1-1eb411ae0d66&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.225.236.55.162.clients.your-server.de Software nginx/1.14.2 / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT server nginx/1.14.2 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/png
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co... https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr... https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YlMB9wATlSuHMgAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3a...	95 B 153 B	36ms 36ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YlMB9wATlSuHMgAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361&_test=YlMB9wATlSuHMgAy Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3ec7ad99225-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 varnish server Varnish x-timer S1649607160.740498,VS0,VE0 x-served-by cache-hhn4071-HHN x-cache HIT location https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YlMB9wATlSuHMgAy&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361&_test=YlMB9wATlSuHMgAy cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co... https://mwzeom.zeotap.com/mw?cid=c5306253-01f7-4900-ab76-04dc4b21a54d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c0224...	95 B 153 B	34ms 34ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?cid=c5306253-01f7-4900-ab76-04dc4b21a54d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3ebb96b9225-FRA access-control-allow-headers * content-length 95 Redirect headers Date Sun, 10 Apr 2022 16:12:39 GMT Server MT3 4335 2c68c00 master cdg-pixel-x31 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://mwzeom.zeotap.com/mw?cid=c5306253-01f7-4900-ab76-04dc4b21a54d&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 0 Expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 37C2 Redirect Chain https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa9...	0 337 B	40ms 40ms	Image text/plain	54.76.30.252 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 54.76.30.252 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-30-252.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT cache-control private, no-cache, no-store x-request-time D=36 t=1649607159 x-served-by beacon-n019-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 date Sun, 10 Apr 2022 16:12:39 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a010-ash-prod.krxd.net
GET H/1.1	200 OK	dcm aax-eu.amazon-adsystem.com/s/ Frame 37C2 Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=88fc604c-1428-415f-67e1-1eb411ae0d66&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e... https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=88fc604c-1428-415f-67e1-1eb411ae0d66&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e...	43 B 645 B	46ms 46ms	Image image/gif	52.94.222.140 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=88fc604c-1428-415f-67e1-1eb411ae0d66&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361&dcc=t Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol HTTP/1.1 Server 52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Sun, 10 Apr 2022 16:12:39 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid D9KP8CFBKXC574GXVBTF Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 10 Apr 2022 16:12:39 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid XSGFBZ53CESTHSG1PP0C Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=88fc604c-1428-415f-67e1-1eb411ae0d66&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	400 Bad Request	87734 tags.bluekai.com/site/ Frame 37C2	0 225 B	206ms 156ms	Image text/plain	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/87734?id=88fc604c-1428-415f-67e1-1eb411ae0d66&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:39 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H2	200	mw mwzeom.zeotap.com/ Frame 37C2 Redirect Chain https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D88f... https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361	95 B 153 B	43ms 42ms	Image image/png	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-type image/png access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true cf-ray 6f9cc3ecdb7e9225-FRA access-control-allow-headers * content-length 95 Redirect headers location https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 date Sun, 10 Apr 2022 16:12:39 GMT cross-origin-resource-policy cross-origin content-length 0
GET H2	200	cmp.min.js Show response spl.zeotap.com/ Frame 37C2	557 B 468 B	47ms 45ms	Script text/plain	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d85bab34ce8a24a136d05c39f3c1decf1b82e837de68e6852675b434a68e696 Request headers accept-language de-DE,de;q=0.9 Referer https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers cf-ray 6f9cc3e9ad3c9225-FRA date Sun, 10 Apr 2022 16:12:39 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin https://spl.zeotap.com access-control-allow-credentials true content-encoding br access-control-allow-headers *
GET H2	200	Enabler.js Show response s0.2mdn.net/ads/studio/ Frame 11BC	134 KB 46 KB	63ms 19ms	Script text/javascript	2a00:1450:4001:810::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/Enabler.js Requested by Host: s.e-planning.net URL: https://s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/__index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:02:45 GMT content-encoding gzip x-content-type-options nosniff age 594 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46435 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:47:21 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 10 Apr 2022 16:17:45 GMT
GET H2	200	cc.js Show response tags.crwdcntrl.net/c/15238/	38 KB 11 KB	80ms 33ms	Script application/json	65.9.7.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238 Requested by Host: s.e-planning.net URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.7.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-7-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 18:18:01 GMT content-encoding gzip etag W/"2b2f816f40499d384e118ce88a266e02" last-modified Thu, 02 Jul 2020 15:35:12 GMT server AmazonS3 age 78879 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/json via 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop FRA56-C1 x-amz-cf-id i_brCYR-KBhfBtMK-H_sDVu7mtw0dQouDpvHN2hTpzQz2pn4GGV1kw==
GET H2	200	marca.png s.e-planning.net/esb/4/0/191c3/eb6f633ff79123bc/ Frame 8CCE	58 KB 58 KB	27ms 26ms	Image image/png	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/eb6f633ff79123bc/marca.png Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 71f8caa33dd92abc3d0398c401769d0b59b9cde14b62a4c6a854a44f8f6162d9 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT last-modified Mon, 04 Apr 2022 22:13:34 GMT server openresty etag "624b6d8e-e860" content-type image/png access-control-allow-origin * cache-control max-age=157680000 accept-ranges bytes content-length 59488 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	fondo-inline.jpg s.e-planning.net/esb/4/0/191c3/eb6f633ff79123bc/ Frame 8CCE	40 KB 40 KB	51ms 51ms	Image image/jpeg	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/eb6f633ff79123bc/fondo-inline.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash c232e604c56e28ec4f0bb71a442a92d002b43219ceddee27e9b354c9460acccb Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT last-modified Mon, 04 Apr 2022 22:13:34 GMT server openresty etag "624b6d8e-9e55" content-type image/jpeg access-control-allow-origin * cache-control max-age=157680000 accept-ranges bytes content-length 40533 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	3.jpg s.e-planning.net/esb/4/0/191c3/ab106627c7308dca/ Frame 7DDD	18 KB 18 KB	48ms 47ms	Image image/jpeg	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/ab106627c7308dca/3.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 4085f8f5573da6813111b461d4aab50207bf72c3eb6220b71ad5e30255f28323 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT last-modified Wed, 23 Mar 2022 22:09:04 GMT server openresty etag "623b9a80-487e" content-type image/jpeg access-control-allow-origin * cache-control max-age=157680000 accept-ranges bytes content-length 18558 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	2.jpg s.e-planning.net/esb/4/0/191c3/ab106627c7308dca/ Frame 7DDD	42 KB 42 KB	84ms 84ms	Image image/jpeg	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/ab106627c7308dca/2.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 826a41263904c425f830dd4e7af3ab694b982f5ccfa824ac33a237c7fd686b4e Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT last-modified Wed, 23 Mar 2022 22:09:04 GMT server openresty etag "623b9a80-a78d" content-type image/jpeg access-control-allow-origin * cache-control max-age=157680000 accept-ranges bytes content-length 42893 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	200	1.jpg s.e-planning.net/esb/4/0/191c3/ab106627c7308dca/ Frame 7DDD	39 KB 39 KB	86ms 85ms	Image image/jpeg	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/ab106627c7308dca/1.jpg Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 8a7e247e932f5866f15c7a5275cc6f3431c7618e30028a7bac0c4ec59a6e11e4 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:38 GMT last-modified Wed, 23 Mar 2022 22:09:04 GMT server openresty etag "623b9a80-9c7a" content-type image/jpeg access-control-allow-origin * cache-control max-age=157680000 accept-ranges bytes content-length 40058 expires Fri, 09 Apr 2027 16:12:38 GMT
GET H2	204	cmp spl.zeotap.com/ Frame 37C2	0 0	56ms 56ms	Document text/plain	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361&cmp=0 Requested by Host: spl.zeotap.com URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=88fc604c-1428-415f-67e1-1eb411ae0d66&reqId=14c02247-32b9-4dab-5a53-a3abcaa91c25&zdid=1361 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers * access-control-allow-origin https://spl.zeotap.com cf-cache-status DYNAMIC cf-ray 6f9cc3e9fe089225-FRA date Sun, 10 Apr 2022 16:12:39 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare vary Origin via 1.1 google
GET H2	200	boxa2m Show response u-ams02.e-planning.net/eat/5/31cb4/Articulo/ Frame 54A6	3 KB 2 KB	102ms 26ms	Script application/x-javascript	46.249.52.249 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://u-ams02.e-planning.net/eat/5/31cb4/Articulo/boxa2m?o=j&rnd=0.266571825443652&pb=0d8c7e547344284d&i=559c9e53a1ac0ff0&fi=9ff3d23430771136&eip=c61813a1816ce52c&ur=https%3A//elperiodico.com.gt/noticias/investigacion/2022/03/12/%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Requested by Host: us.img.e-planning.net URL: https://us.img.e-planning.net/layers/epl-41.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash f96808a5c6e1e022c02752855465c845589a904ceea38cb425a9d0e44e957f92 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT content-encoding gzip content-type application/x-javascript server openresty cache-control max-age=0, no-cache p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-sid AMS-738
GET H2	200	req Show response cdn.navdmp.com/	6 B 78 B	156ms 146ms	Script application/x-javascript	2606:4700::6810:df3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.navdmp.com/req?v=7&id=108877a519491db5b83068811210%7C0&acc=60118&tit=%25u0413%25u0432%25u0430%25u0442%25u0435%25u043C%25u0430%25u043B%25u0430%253A%2520Los%2520se%25F1ores%2520del%2520polvo%2520rojo%2520y%2520los%2520se%25F1ores%2520del%2520polvo%2520blanco%2520%2528II%2520Parte%2529%2520%257C%2520elPeri%25F3dico%2520de%2520Guatemala&url=https%253A%2F%2Felperiodico.com.gt%2Fnoticias%2Finvestigacion%2F2022%2F03%2F12%2F%2525d0%2525b3%2525d0%2525b2%2525d0%2525b0%2525d1%252582%2525d0%2525b5%2525d0%2525bc%2525d0%2525b0%2525d0%2525bb%2525d0%2525b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2F&upd=1&new=1&h1=%25u0413%25u0432%25u0430%25u0442%25u0435%25u043C%25u0430%25u043B%25u0430%253A%2520Los%2520se%25F1ores%2520del%2520polvo%2520rojo%2520y%2520los%2520se%25F1ores%2520del%2520polvo%2520blanco%2520%2528II%2520Parte%2529 Requested by Host: tag.navdmp.com URL: https://tag.navdmp.com/universal.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6f9cc3ea993d6933-FRA content-length 6 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/x-javascript
GET H2	200	sync Show response sync2.navdmp.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=71009019161 https://sync2.navdmp.com/sync?prtid=2&id=71009019161&google_gid=CAESEL1xnuBRICIt3HJnstl1Bio&google_cver=1	6 B 81 B	513ms 498ms	Script application/javascript	2606:4700::6810:df3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync2.navdmp.com/sync?prtid=2&id=71009019161&google_gid=CAESEL1xnuBRICIt3HJnstl1Bio&google_cver=1 Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:40 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6f9cc3eb3a746933-FRA content-length 6 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript Redirect headers pragma no-cache date Sun, 10 Apr 2022 16:12:39 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync2.navdmp.com/sync?prtid=2&id=71009019161&google_gid=CAESEL1xnuBRICIt3HJnstl1Bio&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync sync.navdmp.com/ Redirect Chain https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D https://sync.navdmp.com/sync?img=1&mdia=c5306253-01f7-4900-ab76-04dc4b21a54d	43 B 130 B	178ms 165ms	Image image/gif	2606:4700::6810:df3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.navdmp.com/sync?img=1&mdia=c5306253-01f7-4900-ab76-04dc4b21a54d Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Server 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT cf-cache-status DYNAMIC last-modified Mon, 28 Sep 1970 06:00:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif cf-ray 6f9cc3eb3a8b6933-FRA content-length 43 Redirect headers Date Sun, 10 Apr 2022 16:12:39 GMT Server MT3 4335 2c68c00 master cdg-pixel-x25 config:1.0.0 Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://sync.navdmp.com/sync?img=1&mdia=c5306253-01f7-4900-ab76-04dc4b21a54d Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 0 Expires Sun, 10 Apr 2022 16:12:38 GMT
GET H2	204	cms cms.analytics.yahoo.com/	0 123 B	145ms 42ms	Image text/html	212.82.100.182 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://cms.analytics.yahoo.com/cms?partner_id=NAVEG Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spcms.pbp.vip.ir2.yahoo.com Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT via http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer) server ATS age 0 strict-transport-security max-age=31536000 content-type text/html;charset=utf-8
GET H2	200	load_273GQ5Z7su6XwnzFcGcFIkISHzmyVHMy.js Show response sslcdn.adstudiomobile.com/cdn/js/ Frame 54A6	4 KB 2 KB	325ms 19ms	Script application/javascript	151.139.245.8 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://sslcdn.adstudiomobile.com/cdn/js/load_273GQ5Z7su6XwnzFcGcFIkISHzmyVHMy.js Requested by Host: u-ams02.e-planning.net URL: https://u-ams02.e-planning.net/eat/5/31cb4/Articulo/boxa2m?o=j&rnd=0.266571825443652&pb=0d8c7e547344284d&i=559c9e53a1ac0ff0&fi=9ff3d23430771136&eip=c61813a1816ce52c&ur=https%3A//elperiodico.com.gt/noticias/investigacion/2022/03/12/%25d0%25b3%25d0%25b2%25d0%25b0%25d1%2582%25d0%25b5%25d0%25bc%25d0%25b0%25d0%25bb%25d0%25b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.245.8 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software nginx / Resource Hash b071a18135cd4326774ac35b16d2b8c773a37b401fbececf8049f6db068e971f Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-maxcdn-backend cdn2-be02-fra1.stackpath.systems content-encoding gzip last-modified Tue, 05 Apr 2022 00:22:59 GMT server nginx etag W/"b162259-fdd-5dbdd3f43f692" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * date Sun, 10 Apr 2022 16:12:39 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame 4C15	0 18 B	65ms 30ms	Document text/plain	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: elperiodico.com.gt URL: https://elperiodico.com.gt/noticias/investigacion/2022/03/12/%d0%b3%d0%b2%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d0%bb%d0%b0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://elperiodico.com.gt Referer https://elperiodico.com.gt/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://elperiodico.com.gt alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Sun, 10 Apr 2022 16:12:39 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	5b3d0d3a8aec3347 Show response u-ams02.e-planning.net/ermt/4/31cb4/ Frame 54A6	99 B 348 B	33ms 33ms	Script application/x-javascript	46.249.52.249 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://u-ams02.e-planning.net/ermt/4/31cb4/5b3d0d3a8aec3347?i=559c9e53a1ac0ff0&fi=9ff3d23430771136&pb=0d8c7e547344284d&S=2e2&rnd=0.266571825443652&pb=0d8c7e547344284d&fi=9ff3d23430771136&rnd=0.266571825443652&ur=https%3a%2f%2felperiodico.com.gt%2fnoticias%2finvestigacion%2f2022%2f03%2f12%2f%D0%B3%D0%B2%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D0%BB%D0%B0-los-senores-del-polvo-rojo-y-los-senores-del-polvo-blanco%2f&&f=j&at=0&t=0 Requested by Host: sslcdn.adstudiomobile.com URL: https://sslcdn.adstudiomobile.com/cdn/js/load_273GQ5Z7su6XwnzFcGcFIkISHzmyVHMy.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 822ba14e3801b62979792124552265fe026441ec9b740aa456c134458ed8a77a Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:39 GMT server openresty p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-sid AMS-738 cache-control max-age=0, no-cache content-type application/x-javascript content-length 99 expires Sun, 10 Apr 2022 16:12:39 GMT
GET H2	200	ad_273GQ5Z7su6XwnzFcGcFIkISHzmyVHMy.js Show response sslcdn.adstudiomobile.com/cdn/js/ Frame 068E	37 KB 26 KB	27ms 27ms	Script application/javascript	151.139.245.8 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://sslcdn.adstudiomobile.com/cdn/js/ad_273GQ5Z7su6XwnzFcGcFIkISHzmyVHMy.js Requested by Host: sslcdn.adstudiomobile.com URL: https://sslcdn.adstudiomobile.com/cdn/js/load_273GQ5Z7su6XwnzFcGcFIkISHzmyVHMy.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.245.8 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software nginx / Resource Hash c9d528919d06d2a20f09e605bd96bb10ea63d071a09463af6d9d723a5411fc36 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-maxcdn-backend cdn2-be03-fra1.stackpath.systems content-encoding gzip last-modified Tue, 05 Apr 2022 00:22:59 GMT server nginx etag W/"b16225a-9523-5dbdd3f43f692" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * date Sun, 10 Apr 2022 16:12:39 GMT
GET DATA	200 OK	truncated / Frame 068E	22 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef8c069f155755d801cde878576a5d3c87047c9e79a425df9b83721e78500609 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/jpeg
GET H/1.1	200	ptrack Show response a.audrte.com/	368 B 878 B	109ms 108ms	XHR text/plain	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.audrte.com/ptrack?arlocation=217.114.215.131&p=M1353665098&artime=2022-04-10T16:12:40.037Z&arlocation=ZWxwZXJpb2RpY28uY29tLmd0L25vdGljaWFzL2ludmVzdGlnYWNpb24vMjAyMi8wMy8xMi8lZDAlYjMlZDAlYjIlZDAlYjAlZDElODIlZDAlYjUlZDAlYmMlZDAlYjAlZDAlYmIlZDAlYjAtbG9zLXNlbm9yZXMtZGVsLXBvbHZvLXJvam8teS1sb3Mtc2Vub3Jlcy1kZWwtcG9sdm8tYmxhbmNvLw==&gdpr=0&gdpr_consent=null&gdpr_version=1 Requested by Host: a.audrte.com URL: https://a.audrte.com/ptag?p=M1353665098 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash c5021dda58e74939e054bfa10c9f5ee205cd3233029bd58b219fd2bbc3c8ba96 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Encoding gzip Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://elperiodico.com.gt Access-Control-Allow-Credentials true Connection keep-alive Content-Length 264
GET H/1.1	200	ptrack Show response a.audrte.com/	368 B 877 B	219ms 110ms	XHR text/plain	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.audrte.com/ptrack?arlocation=217.114.215.131&p=M1353665098&artime=2022-04-10T16:12:40.038Z&arlocation=ZWxwZXJpb2RpY28uY29tLmd0L25vdGljaWFzL2ludmVzdGlnYWNpb24vMjAyMi8wMy8xMi8lZDAlYjMlZDAlYjIlZDAlYjAlZDElODIlZDAlYjUlZDAlYmMlZDAlYjAlZDAlYmIlZDAlYjAtbG9zLXNlbm9yZXMtZGVsLXBvbHZvLXJvam8teS1sb3Mtc2Vub3Jlcy1kZWwtcG9sdm8tYmxhbmNvLw==&gdpr=0&gdpr_consent=null&gdpr_version=1 Requested by Host: a.audrte.com URL: https://a.audrte.com/ptag?p=M1353665098 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 832a5dd2d645eeadd99ab5c5d41e3ded20fc98f31a4f33183966c0d387b3920f Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Encoding gzip Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://elperiodico.com.gt Access-Control-Allow-Credentials true Connection keep-alive Content-Length 263
GET H/1.1	200	ptrack Show response a.audrte.com/	2 KB 901 B	340ms 137ms	XHR text/plain	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.audrte.com/ptrack?arlocation=217.114.215.131&p=M1353665098&artime=2022-04-10T16:12:40.039Z&arlocation=ZWxwZXJpb2RpY28uY29tLmd0L25vdGljaWFzL2ludmVzdGlnYWNpb24vMjAyMi8wMy8xMi8lZDAlYjMlZDAlYjIlZDAlYjAlZDElODIlZDAlYjUlZDAlYmMlZDAlYjAlZDAlYmIlZDAlYjAtbG9zLXNlbm9yZXMtZGVsLXBvbHZvLXJvam8teS1sb3Mtc2Vub3Jlcy1kZWwtcG9sdm8tYmxhbmNvLw==&gdpr=0&gdpr_consent=null&gdpr_version=1 Requested by Host: a.audrte.com URL: https://a.audrte.com/ptag?p=M1353665098 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 14872e111f05fc43dbe7194089a594213f8d91055ef53553b95f8f2bbbb97e52 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Encoding gzip Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://elperiodico.com.gt Access-Control-Allow-Credentials true Connection keep-alive Content-Length 287
GET H/1.1	200	ptrack Show response a.audrte.com/	368 B 877 B	341ms 139ms	XHR text/plain	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://a.audrte.com/ptrack?arlocation=217.114.215.131&p=M1353665098&artime=2022-04-10T16:12:40.040Z&arlocation=ZWxwZXJpb2RpY28uY29tLmd0L25vdGljaWFzL2ludmVzdGlnYWNpb24vMjAyMi8wMy8xMi8lZDAlYjMlZDAlYjIlZDAlYjAlZDElODIlZDAlYjUlZDAlYmMlZDAlYjAlZDAlYmIlZDAlYjAtbG9zLXNlbm9yZXMtZGVsLXBvbHZvLXJvam8teS1sb3Mtc2Vub3Jlcy1kZWwtcG9sdm8tYmxhbmNvLw==&gdpr=0&gdpr_consent=null&gdpr_version=1 Requested by Host: a.audrte.com URL: https://a.audrte.com/ptag?p=M1353665098 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 3a597a5d67a62a0fc660ef2d9f8ccc70ae87a7e4b011b0e9650d976d1d07186f Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Encoding gzip Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin https://elperiodico.com.gt Access-Control-Allow-Credentials true Connection keep-alive Content-Length 263
GET H/1.1	200 OK	pixel ps.eyeota.net/	1 KB 1 KB	80ms 23ms	Image text/plain	3.122.214.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-214-165.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Length 1241 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200	p a.audrte.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent= https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent=&google_gid=CAESEBAgvlGzGNnuGvimOETBbGc&google_cver=1 https://a.audrte.com/p	68 B 617 B	125ms 124ms	Image image/png	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://a.audrte.com/p Protocol HTTP/1.1 Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Length 68 Redirect headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Access-Control-Allow-Origin * Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Location https://a.audrte.com:443/p Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= https://a.audrte.com/a?adform_uid=1375197331558754899 https://ps.eyeota.net/match?bid=kh51m51&uid=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent=	0 344 B	120ms 16ms	Image text/plain	3.122.214.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=kh51m51&uid=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Server 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-214-165.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Access-Control-Allow-Origin * Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Location https://ps.eyeota.net/match?bid=kh51m51&uid=d4l1KNZhD2KQ3qUtCbE1gIh-g&gdpr=0&gdpr_consent= Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200 OK	pixel ps.eyeota.net/	1 KB 1 KB	20ms 20ms	Image text/plain	3.122.214.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=d4l8hP6j8YsSgymNc7W4z5iJA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-214-165.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Length 1241 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200	p a.audrte.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l8hP6j8YsSgymNc7W4z5iJA&gdpr=0&gdpr_consent= https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l8hP6j8YsSgymNc7W4z5iJA&gdpr=0&gdpr_consent=&google_gid=CAESEBAgvlGzGNnuGvimOETBbGc&google_cver=1 https://a.audrte.com/p	68 B 617 B	131ms 131ms	Image image/png	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://a.audrte.com/p Protocol HTTP/1.1 Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Length 68 Redirect headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Access-Control-Allow-Origin * Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Location https://a.audrte.com:443/p Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200	p a.audrte.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l-f0zOgBMSXaN05P2FnALnQ&gdpr=0&gdpr_consent= https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4l-f0zOgBMSXaN05P2FnALnQ&gdpr=0&gdpr_consent=&google_gid=CAESEBAgvlGzGNnuGvimOETBbGc&google_cver=1 https://a.audrte.com/p	68 B 617 B	123ms 122ms	Image image/png	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://a.audrte.com/p Protocol HTTP/1.1 Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Length 68 Redirect headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Access-Control-Allow-Origin * Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Location https://a.audrte.com:443/p Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200 OK	pixel ps.eyeota.net/	1 KB 1 KB	69ms 69ms	Image text/plain	3.122.214.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=d4l-f0zOgBMSXaN05P2FnALnQ&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-214-165.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Length 1241 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200	p a.audrte.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4lB8LwBAuLQYyV1fUcuL1alw&gdpr=0&gdpr_consent= https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=d4lB8LwBAuLQYyV1fUcuL1alw&gdpr=0&gdpr_consent=&google_gid=CAESEBAgvlGzGNnuGvimOETBbGc&google_cver=1 https://a.audrte.com/p	68 B 617 B	120ms 120ms	Image image/png	54.81.10.167 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://a.audrte.com/p Protocol HTTP/1.1 Server 54.81.10.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-81-10-167.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Length 68 Redirect headers Date Sun, 10 Apr 2022 16:12:40 GMT Server nginx/1.18.0 Access-Control-Allow-Origin * Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Location https://a.audrte.com:443/p Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200 OK	pixel ps.eyeota.net/	1 KB 1 KB	124ms 56ms	Image text/plain	3.122.214.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=d4lB8LwBAuLQYyV1fUcuL1alw&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-214-165.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:40 GMT Content-Length 1241 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H2	200	3.png s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/ Frame 11BC	8 KB 9 KB	79ms 27ms	Image image/png	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/3.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash b320dcdb44fdd710096af8fc64ecf1b5f6ec4195d2be6c4447b020249a7405ab Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:41 GMT last-modified Mon, 04 Apr 2022 14:51:04 GMT server openresty etag "624b05d8-21e6" content-type image/png access-control-allow-origin * cache-control max-age=157680000 accept-ranges bytes content-length 8678 expires Fri, 09 Apr 2027 16:12:41 GMT
GET H2	200	2.png s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/ Frame 11BC	40 KB 40 KB	131ms 79ms	Image image/png	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/2.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 22bb04cfa9399f1ebe587c0b4e71434b6b8f1d1fa38963c10dc0a94a0397c9ce Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:41 GMT last-modified Mon, 04 Apr 2022 14:51:04 GMT server openresty etag "624b05d8-9e60" content-type image/png access-control-allow-origin * cache-control max-age=157680000 accept-ranges bytes content-length 40544 expires Fri, 09 Apr 2027 16:12:41 GMT
GET H2	200	1.png s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/ Frame 11BC	40 KB 40 KB	105ms 53ms	Image image/png	5.178.65.252 SERVERIUS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s.e-planning.net/esb/4/0/191c3/4511ea1914e7a494/1.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS i.e-planning.net Software openresty / Resource Hash 850e329e41bc9ad3dcfc9ddaed4cbefd26ebc2085bdd37007347e399eced958b Request headers accept-language de-DE,de;q=0.9 Referer https://elperiodico.com.gt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 16:12:41 GMT last-modified Mon, 04 Apr 2022 14:51:04 GMT server openresty etag "624b05d8-9f76" content-type image/png access-control-allow-origin * cache-control max-age=157680000 accept-ranges bytes content-length 40822 expires Fri, 09 Apr 2027 16:12:41 GMT
GET H2	200	rt=ifr Show response bcp.crwdcntrl.net/5/c=15238/rand=664386619/pv=y/amskip=Y/ Frame BE56	1 KB 2 KB	57ms 56ms	Document text/html	52.50.215.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/5/c=15238/rand=664386619/pv=y/amskip=Y/rt=ifr Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.215.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-215-59.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash a24f37f6a5375750740cb4da5709ea059005debabe564ea82e5a6ef8fa42a80f Request headers Referer https://elperiodico.com.gt/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-cache content-length 1186 content-type text/html;charset=utf-8 date Sun, 10 Apr 2022 16:12:42 GMT expires 0 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV pragma no-cache server Jetty(9.4.38.v20210224) x-server 10.45.16.37
GET H2	200	bsTd8NdE sync-tm.everesttech.net/upi/pid/ Frame BE56	85 B 259 B	111ms 111ms	Image image/png	151.101.66.49 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/c=15238/rand=664386619/pv=y/amskip=Y/rt=ifr Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.49 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Jetty(9.4.35.v20201120) / Resource Hash acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a Request headers accept-language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:42 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1649607162.391880,VS0,VE93 x-served-by cache-hhn4071-HHN x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * cache-control no-cache accept-ranges bytes content-type image/png content-length 85 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame BE56	170 B 188 B	30ms 30ms	Image image/png	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MWI4OGVjZTYyMmY2MmQ3NGM3ZDUzZjc2NGEwOGU3ZTA&gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/c=15238/rand=664386619/pv=y/amskip=Y/rt=ifr Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	usersync pixel-sync.sitescout.com/connectors/lotame/ Frame BE56	0 191 B	109ms 34ms	Image text/plain	66.155.71.25 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/c=15238/rand=664386619/pv=y/amskip=Y/rt=ifr Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:41 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT
GET H/1.0	200 OK	image.sbxx global.ib-ibi.com/ Frame BE56	0 72 B	389ms 95ms	Image text/plain	69.169.85.6 AMC
General Check archive.org Show headers Download Go to Show image Full URL https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=1b88ece622f62d74c7d53f764a08e7e0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/c=15238/rand=664386619/pv=y/amskip=Y/rt=ifr Protocol HTTP/1.0 Security TLS 1.2, RSA, AES_256_CBC Server 69.169.85.6 Colonia, United States, ASN29838 (AMC, US), Reverse DNS Software BigIP / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Connection close Content-Length 0 Server BigIP
GET H2	200	gdpr=1 sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8881678633445770376/ Frame BE56 Redirect Chain https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/1b88ece622f62d74c7d53f764a08e7e0/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=1 https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8881678633445770376/gdpr=1	49 B 279 B	62ms 51ms	Image image/gif	52.50.215.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8881678633445770376/gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/c=15238/rand=664386619/pv=y/amskip=Y/rt=ifr Protocol H2 Server 52.50.215.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-215-59.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sun, 10 Apr 2022 16:12:42 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * expires 0 cache-control no-cache x-server 10.45.13.212 content-type image/gif content-length 49 x-consent absent Redirect headers location https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8881678633445770376/gdpr=1 pragma no-cache date Sun, 10 Apr 2022 16:12:41 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H/1.1	200 OK	5907 tags.bluekai.com/site/ Frame BE56	62 B 304 B	159ms 159ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/5907?limit=0&id=9b19287b6b6cd56e7a5706a28adc62fa Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/5/c=15238/rand=664386619/pv=y/amskip=Y/rt=ifr Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Sun, 10 Apr 2022 16:12:42 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif