bemestarglobal.fun Open in urlscan Pro
2606:4700:3030::6812:3ce3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bemestarglobal.fun/
Submission: On November 29 via api (November 29th 2020, 6:51:14 am UTC) from BR

Summary HTTP 120 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 120 HTTP transactions. The main IP is 2606:4700:3030::6812:3ce3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bemestarglobal.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time bemestarglobal.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
68	2606:4700:303... 2606:4700:3030::6812:3ce3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
9	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
120	12

68 2606:4700:3030::6812:3ce3 (United States)

ASN13335 (CLOUDFLARENET, US)

bemestarglobal.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	bemestarglobal.fun bemestarglobal.fun	2 MB
17	googlesyndication.com 27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	223 KB
11	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	153 KB
10	ampproject.org cdn.ampproject.org	195 KB
8	gstatic.com fonts.gstatic.com	114 KB
4	google.com 2 redirects adservice.google.com www.google.com	485 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.ch adservice.google.ch	803 B
1	googleapis.com fonts.googleapis.com	2 KB
0	bemestarglobal.com.br Failed www.bemestarglobal.com.br Failed
120	10

	Domain	Requested by
68	bemestarglobal.fun	bemestarglobal.fun
11	tpc.googlesyndication.com	bemestarglobal.fun securepubads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	securepubads.g.doubleclick.net	bemestarglobal.fun securepubads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com	2 redirects bemestarglobal.fun
2	googleads.g.doubleclick.net	bemestarglobal.fun
2	27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	fonts.googleapis.com	bemestarglobal.fun
0	www.bemestarglobal.com.br Failed	bemestarglobal.fun
120	14

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://bemestarglobal.fun/
Frame ID: 754788EF51009D1E8C2C7546F0D64D32
Requests: 93 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: EC1E06D31A6C39D44D14B8ABBBDEFDE2
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: AD94C4DD15A62574D83271BA08CBE2D4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: C14708204DB7CC2706723E2D3345D299
Requests: 13 HTTP requests in this frame

Frame: https://27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: C7DA8C73A3B4FE4E68A48A47233E5C0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

120
Requests

99 %
HTTPS

91 %
IPv6

10
Domains

14
Subdomains

12
IPs

2
Countries

2432 kB
Transfer

4748 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

120 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bemestarglobal.fun/ 188 KB
23 KB 789ms
767ms Document
text/html 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.1.19

Resource Hash

5daec01dc1c415dfa28aa132ada582e1d1bf5a4dc51bf0525c4727eecefe2f21

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: bemestarglobal.fun
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:55 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de58271f4f5ed5c68f6380d8abebf02fc1606632654; expires=Tue, 29-Dec-20 06:50:54 GMT; path=/; domain=.bemestarglobal.fun; HttpOnly; SameSite=Lax PHPSESSID=uac0ntet6qg595if61d006hts6; path=/
cache-control: private
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
x-powered-by: PHP/7.1.19
link: <https://bemestarglobal.fun/wp-json/>; rel="https://api.w.org/" <https://bemestarglobal.fun/>; rel=shortlink
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 06b45ddf3400002bd2830c7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Dt5wt1kWs40cimpU6ddwpl8lX94aGF%2FXld0Y2vrRgIFPmVka4PgvDSfv5A80vJ94W1HisKesfTKD0q7fG%2FuCkHtlW5JE%2BxljCjdxq70IpMwSNhqYs7HUvjgY5qfrEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f9a65ab8bbe2bd2-FRA
content-encoding: br

GET
H2 200 style.min.css
bemestarglobal.fun/wp-includes/css/dist/block-library/ 40 KB
6 KB 253ms
251ms Stylesheet
text/css 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/css/dist/block-library/style.min.css?ver=5.3.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Jun 2020 12:54:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"07eb862ef3fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NL6k89z0QmRJsyQuW9EGeZVLlhDdedHPY74CVygHckJfs9DVFpM7L0RvWi27iUt1i%2BZ3VZwkpS50%2Bdu1sccxrQvNj%2FufCC4XsSWsZVRI%2FIgx4bwD17P57G8xIqDikjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b05d672bd2-FRA
cf-request-id: 06b45de23900002bd2319d8000000001

GET
H2 200 styles.css
bemestarglobal.fun/wp-content/plugins/contact-form-7/includes/css/ 2 KB
907 B 246ms
244ms Stylesheet
text/css 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:46:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"805369fd78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DwFXq%2Fw7j6X4Zu9GnqR8KVx9MlqXC2VKw7tw9avtVzpcVoGbzq%2BHv7W%2F9qW5B9ODJ5h%2BERpxrbrnvVtYNe%2BdFJvEYMqXWmtjWCfbPymmOKIHKKmjq5T2H%2B5b6Jrj%2Fnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b05d682bd2-FRA
cf-request-id: 06b45de23900002bd2ae8c3000000001

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d44be7cfec3d2c29db1f35a1c5c20fa6db250e512f90deaeb9f2454fe04f578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 29 Nov 2020 06:50:55 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sun, 29 Nov 2020 06:50:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 29 Nov 2020 06:50:55 GMT

GET
H2 200 style.css
bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/ 1 MB
106 KB 478ms
477ms Stylesheet
text/css 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/style.css?ver=8.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ad804e0729dda90e8b0792923635af46f6b3dfb6e82124125f00ca54ac642c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:22:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80d6a69f078d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ffSkS42DMSv8Mzb58Jyo7m38B2VSq1aH5s%2FeJ0G1W2ViVLayF5WPycz6BTpWl8W9yU4LkM0%2BPgMIey7Ob%2Fn6hIYQ9opVi7O2KVAZPPBh7T2Ve7PrCYVWpHb84tR7R%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b05d692bd2-FRA
cf-request-id: 06b45de23900002bd285a70000000001

GET
H2 200 demo_style.css
bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/includes/demos/health/ 3 KB
864 B 249ms
248ms Stylesheet
text/css 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/includes/demos/health/demo_style.css?ver=8.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fdfb70b5a7b86d40db5e3651f5d66a444ce99fced7303dbef0025a368f2aae7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:22:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80a9758f078d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FrFSqlLK%2BZgFMtOKLPm9EkrarfPxBkpUevN6E85QcUgwSUbuPvr%2FVjtKZKcvCELzoUlXGIw4xQMd79fjGseVDBTvKueCMxalO5N5GWO3VrLMlbXwEoz9zv4nGiY4LkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b05d6b2bd2-FRA
cf-request-id: 06b45de23900002bd27b927000000001

GET
H2 200 jquery.js Show response
bemestarglobal.fun/wp-includes/js/jquery/ 95 KB
32 KB 366ms
365ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 18:17:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0de96251664d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Ee43nR6aaUBrpFjPBvfQ57ZdzyNJUc6m%2B%2BriANREJxRSJ%2FksnMvzP956P%2FEvQsTcXwGjY7Vl%2BceOjutuDR6v4dzwJOEJW%2BP%2FuxHCgtlmqdxB12L3fdlKEHgbtzVmw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b05d6c2bd2-FRA
cf-request-id: 06b45de23900002bd275906000000001

GET
H2 200 jquery-migrate.min.js Show response
bemestarglobal.fun/wp-includes/js/jquery/ 10 KB
4 KB 249ms
249ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:13:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"032bad0ee78d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ViOdJtwSTC6SzwB7PMMnPDjxSyzgcsOMjm5xWDO9Vmdzm5VVtBSW%2FoErEoXLBgll1f9sLDVfyLdgnYKsJzqEX7xaEAkIOY8DhmOW0b9mM7r1P44VCD9LNBo0gdEjU3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b05d6f2bd2-FRA
cf-request-id: 06b45de23900002bd27e3a0000000001

GET
H2 200 wp-emoji-release.min.js Show response
bemestarglobal.fun/wp-includes/js/ 14 KB
5 KB 246ms
246ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:43:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"094e07a78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GvM4IoJc5%2FOS27xGwtinxBg5zxLLXfeuqc4jO9fuoC%2Bc862PnaB%2BOdX1WW6q2WczDe8ECs2fblieCspxF8lGubygLC9sA9EtdcwarRm7qG4Qq%2BDaGmqZ38seieU3YJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b2aa242bd2-FRA
cf-request-id: 06b45de3ac00002bd27e3bd000000001

GET
H2 200 bem-estar-global.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 5 KB
5 KB 259ms
246ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/bem-estar-global.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dc18212454be4bb2ea30886bafa0b509032813706773649174da0305ea5cfa6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4960
cf-request-id: 06b45de4c000002bd29faac000000001
last-modified: Wed, 29 Jan 2020 19:43:26 GMT
server: cloudflare
etag: "0c3755fdcd6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Glmhvb8%2FCvsuU2AzTS%2FZPvWMchaW5PXTeplAvn%2FeNgS9CTLN1h1N1%2B415cD96joMqfIzD7WMh%2FjdNFFuFPFA62gPApJGd8lc%2Fsw%2FtGWTfDBHtl2b%2FCYrvw%2By25KL1DI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d772bd2-FRA

GET
H2 200 Alergia-1200x600-1-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 6 KB
6 KB 258ms
245ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/Alergia-1200x600-1-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ea0952a594d985f20247de8733d28aceefc477a16d440f72112fd6615b0637

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 5841
cf-request-id: 06b45de4c100002bd26d876000000001
last-modified: Sat, 15 Feb 2020 02:47:28 GMT
server: cloudflare
etag: "b785f542aae3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PL4s1CQS9yVkv4sh%2BRwv7ghGos7LZo3%2FqPQhPjWPi6dmZuC8jof4TF2TBOC6U72Z7FFgFub5%2BDVhvGxju3Op3YUofyHRUDCLYJtkFiFQU%2Fup5A6TtYtqxPkV1A5ofn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d7a2bd2-FRA

GET
H2 200 esgotamento-mental-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 8 KB
8 KB 254ms
241ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/esgotamento-mental-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67d6ff9cdaf8e44146217d2171df6de56ba6678c3df0ea57158646c33958ce0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 8187
cf-request-id: 06b45de4c000002bd293106000000001
last-modified: Tue, 28 Jan 2020 21:40:20 GMT
server: cloudflare
etag: "07ab78923d6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HcswxES8ho7K27SZsrNbVzZlnBvU%2BlupNRTqsoK7Da9F%2B1IEOLxcu5vX%2BP5n%2Fgfm3kcLnZ7z%2FRV9xoF0wIzbFgdeVEJylPPEr4uel7A22iLN9YoSkZVkrXNgUCDaeig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d7b2bd2-FRA

GET
H2 200 alimentos-para-o-cerebro-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 12 KB
12 KB 258ms
245ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-para-o-cerebro-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d304ddd6609387906e306e6a81d3810e8d54ede8042b7bd3f87b164ddc2b2139

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 12345
cf-request-id: 06b45de4c200002bd2341d9000000001
last-modified: Tue, 28 Jan 2020 15:05:24 GMT
server: cloudflare
etag: "0d2cc5decd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ndj5L32G3gdPSLGViiwLGCIIBtETYH1WlEZ2DdQItJmBIrcg6ireEeJeO4yrca4SyBCoYNCQ9vswTKeJWAPprNol1F9ndqDvxXvcnMuKdF3rNfKI5w1CbvP%2FNbLdsIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d802bd2-FRA

GET
H2 200 imagem27-01-2020-23-01-06-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 56 KB
57 KB 371ms
358ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/imagem27-01-2020-23-01-06-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b9ddc5158dd66c8c64fdd7e2b47bf5a071dd2038ae97e84dcb2ddf9af0ca72

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 57819
cf-request-id: 06b45de4c300002bd29caf4000000001
last-modified: Mon, 27 Jan 2020 23:00:12 GMT
server: cloudflare
etag: "0e68e8765d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7VqJb6v0GnVb5z9idc3o8VgGnhqR8bhhgs%2Baf5B8pl53%2F%2F%2F8kxWACxfhiPACNOGUOWY31xCkQ0IHwfoMAW8rF8JsMUcn8X3QxuXW5x0cs1cgCHlFNk9Rc0RYFN4UVyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d822bd2-FRA

GET
H2 200 surto-de-dengue-em-2020-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 11 KB
11 KB 256ms
243ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/surto-de-dengue-em-2020-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2598484ecad2996835fb9552bb3beeae9b24642f262eddd708a440d1c91f1b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 11120
cf-request-id: 06b45de4c200002bd24320d000000001
last-modified: Mon, 27 Jan 2020 22:18:09 GMT
server: cloudflare
etag: "80a6bba75fd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CQDVGmAyIUm9N2H7Ld6OK4umuoxotO7CJ4MPheN%2BaxJ1nziCKIP3NhGq8MpP7FwZBAX%2FyI3vAsVJkERarTZHmkPy%2Btit1IpHgf%2BFNZvrqC6x%2BNEClKEEPyRHkTPkphU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d832bd2-FRA

GET
H2 200 dia-mundial-da-alimentacao-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 7 KB
7 KB 254ms
242ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/dia-mundial-da-alimentacao-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17192d14b518552f7c75db83c6134a13d155207bc1feb99cefc04a8b2587797c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7119
cf-request-id: 06b45de4c200002bd241b29000000001
last-modified: Tue, 28 Jan 2020 03:22:54 GMT
server: cloudflare
etag: "03b713a8ad5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7aX4ltLOOpZHI3EtNZ8VqILXOHI%2FoNFiN7u61XsGymFMWUsDxYEZHGGUU5KVpOrt9eQvaILWBUa0YnMAJ5KHCgciXH2HTjhtJETybTRdLgUdqQZ4xr6wqJisHw7YOJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d842bd2-FRA

GET
H2 200 carne-vermelha-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 10 KB
10 KB 255ms
242ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/carne-vermelha-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d120a0d4e4b4531ca4981e3e176056e571454d03664246609593ea2ef0df8a23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 9741
cf-request-id: 06b45de4c200002bd2aa3de000000001
last-modified: Tue, 28 Jan 2020 02:45:42 GMT
server: cloudflare
etag: "0f11885d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZfO8pO%2B3UbdwoygsvqmsDpfmZWEBB4f1wYyDvVchTmpfb%2FjoEjLWrIRAH4I%2F9Cf2v5hLdh2ZfiB8z4PBSqmyjwjd3pXCFL7cVIGxX7gpHLcPzwVEHwznGX8mTXNTakU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d852bd2-FRA

GET
H2 200 cerveja-engorda-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 4 KB
4 KB 255ms
242ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/cerveja-engorda-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9167963c0a983cc4060aa79e8be838a95a615d9841ff20c9c623dcf9787ed60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4273
cf-request-id: 06b45de4c300002bd2b1952000000001
last-modified: Tue, 28 Jan 2020 01:49:26 GMT
server: cloudflare
etag: "057d02b7dd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YotDfHifVd49WuDq5Y6l%2BplMk4fgR%2Fd3WDi03KLNHyTUI3CcTRYScJLMOx9wBH6gKue%2Bh7KhuZ3G0%2BY0BjUOE9gzKdVmYTZ8ccZn%2FohFryJUg1YIPqoB%2FDqeHaGFV44%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d882bd2-FRA

GET
H2 200 alimentos-para-idosos-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 17 KB
17 KB 412ms
400ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-para-idosos-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec7505b9cfcae8ca3528aea18906b30c70f00ff2f4601f0feccd858db830b4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 17501
cf-request-id: 06b45de4c400002bd261317000000001
last-modified: Tue, 28 Jan 2020 00:59:28 GMT
server: cloudflare
etag: "0d8dd3076d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wC9Bjjy87ujkXLaZormNxbMJcNeWwMwGPh%2BcYVkuGYMuM%2Brr7XKxd%2BLhaGVcK84vSeP1tOlccKKBGxaQmpcTUwedH4tDuILfpSqweQXNQykkGkRwclQJhort3cR6qRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d8f2bd2-FRA

GET
H2 200 rotulo-de-alimento-anvisa-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 48 KB
49 KB 406ms
393ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/rotulo-de-alimento-anvisa-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3db7e3828bc6cb9feb6d2f77ca2c53cb56510f6ce37b636bccdf6bbb6314abe5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 49619
cf-request-id: 06b45de4c400002bd27191b000000001
last-modified: Mon, 27 Jan 2020 22:35:00 GMT
server: cloudflare
etag: "0256262d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CByth%2BBxS3juyfqlfXd21TvL4%2FMR%2B840nZF9G1ew9XFrAaqnKM50DOBODgEW9n8eiXOAhg82%2Bu87C2S%2BnUcokHeYsGir1Lr3ag1Fd6NlHZpLmwDPDZ1Bx5mpilyzCxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d902bd2-FRA

GET
H2 200 download-1-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 8 KB
8 KB 259ms
247ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/download-1-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7671dc771f1b919246554263f7dba1e9254ffb127813246bc2e5fe7c3fed55d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7757
cf-request-id: 06b45de4c500002bd248b0d000000001
last-modified: Tue, 11 Feb 2020 03:16:56 GMT
server: cloudflare
etag: "8e2951b789e0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BAsNKXQM2MTkeSudQLFArcPT8STxJIsk2h5Zx2URHUmW%2BhPIjvi9wIArnduEORwDnnuSlNjhQXYIQ6ForfnnhEE%2BT4HAySjLyN%2FTItNhh%2F2jpjsFZu3TAgeTA%2F6W%2FZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d912bd2-FRA

GET
H2 200 alongamentos-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 9 KB
9 KB 268ms
256ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/alongamentos-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788b813ee69620dc1c52f2ca56f9e9740ccff4983cefd8103682bf36b67d5825

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 9130
cf-request-id: 06b45de4ca00002bd235a4c000000001
last-modified: Thu, 06 Feb 2020 23:03:28 GMT
server: cloudflare
etag: "fe4897a441ddd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FjtqV0I0sobUpX3IeZnwie2rI0J%2FRQvF2Cl0qmGRrEU6qX7dx0zOBrPSn1BAN3OyMz%2B3UbQVQNLEKezdoZgXukyGye64g4Zzf46QA%2FCxYX0m%2BPIqzbq4YbWcI2wXXoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d932bd2-FRA

GET
H2 200 m3-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
7 KB 260ms
248ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m3-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e77f3c7a238f9edafe7235e2f3ab2daece91c04ac4ce5d3655db9e11d1d8001

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6760
cf-request-id: 06b45de4c500002bd26e85e000000001
last-modified: Mon, 03 Feb 2020 22:48:08 GMT
server: cloudflare
etag: "bdf44a1e4dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wOYY1tSJ9iDEPPpWhXvVWqyLuXoUtXuq0R%2FFvngdzw%2BOLrSBPbnAHXfUHQ1YarctFx1qM8F8sbVwqzlsFq59piBA67saMbrM0uCa6G3ErKFfUnF%2Fp0qyI%2FRmcZ%2F2e4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d942bd2-FRA

GET
H2 200 8007-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 4 KB
4 KB 263ms
251ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8007-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

215ac8ba68fd4d0dccc241ebfed79871510048b5dc8ebd81ad3153e0e7a64ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 3812
cf-request-id: 06b45de4c500002bd278967000000001
last-modified: Mon, 03 Feb 2020 21:27:00 GMT
server: cloudflare
etag: "ca8288abd8dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kc2fv%2BtUgRz3f1iaPQ73so2389aU%2B9PUTPnRRF0iFt4IKfcb%2BgIPCG8GNwr9E1f1an%2BBFB4gV7kxQoWLTJHCwVN1C5L1dVbzTc2b8Wzb%2FTgd%2F3Okv2Bpj7I7e%2BvEQCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d952bd2-FRA

GET
H2 200 8-dicas-para-cuidar-do-bem-estar-dos-idosos-no-verao-1-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 6 KB
6 KB 262ms
250ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8-dicas-para-cuidar-do-bem-estar-dos-idosos-no-verao-1-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf7de96eefe4e4343a183dcdb2b749a6f58b5a4d2f2c7a504214abbde94f365

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6309
cf-request-id: 06b45de4c500002bd28e920000000001
last-modified: Mon, 03 Feb 2020 21:04:01 GMT
server: cloudflare
etag: "b712b475d5dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TetgiQCq2OmUATcIruvW7dSTx2h6Gp25NDE3iWdRFADM0Gpu7R5Rne6SrUV89U7XNjhcEL6FWoSC%2FHLrBtCB7G3kbiz%2FvNTsUobfiW8odTXa125g%2BcKYpnZqx3D%2Bwlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d962bd2-FRA

GET
H2 200 m2-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/02/ 31 KB
31 KB 411ms
400ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m2-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7574fa9f17d50faef16fcdaeef26f281417a24086d7f15abea950f8185f07b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 31602
cf-request-id: 06b45de4c500002bd2a791b000000001
last-modified: Mon, 03 Feb 2020 22:41:41 GMT
server: cloudflare
etag: "c04daa1ae3dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YGoLl7Kj6GEqQUHmWYrvfVsKddq4z8yddaXhmg16B5ikq%2FS%2BbkNFvx9aOU08VMoIo0VeHcfV%2B3babE%2BI6N%2Bmvl7h3XCFru904FRm093NVvpTZe93NcEij5C3ugt8nq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d982bd2-FRA

GET
H2 200 m1-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 6 KB
7 KB 257ms
246ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m1-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a33ede08db57ecf67b9c46291b98795fe5338c443531096831a90bdfa487e70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6369
cf-request-id: 06b45de4c500002bd2a7245000000001
last-modified: Mon, 03 Feb 2020 21:47:55 GMT
server: cloudflare
etag: "993b697dbdad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jzOFFS%2FcDc93K5ZxRrISrB34YL%2FI%2FlW%2FATxLi3pOVMRax%2FQD9eEQ5PX7WBTFbnvAGJWHPxJBDup2zsjrGfI7ht4DrUkVNdNvTy%2BTgExSQK4j3qbPmillecL531%2Fqats%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d992bd2-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 102ms
34ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

cdb8b3957b40dde4f132034ec94d63d46954cbd94da028b3f7a5b72d158a7e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "708 / 276 of 1000 / last-modified: 1606134076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18518
x-xss-protection: 0
expires: Sun, 29 Nov 2020 06:50:56 GMT

GET
H2 200 o-que-causa-enxaqueca-324x160.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 62 KB
63 KB 372ms
362ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/o-que-causa-enxaqueca-324x160.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bd565c807733a1065ac29160deba1aef9cdfa5dc2a9993526e00fbdba7e1c1f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 63865
cf-request-id: 06b45de4c700002bd2a7246000000001
last-modified: Mon, 27 Jan 2020 16:20:49 GMT
server: cloudflare
etag: "80467fbc2dd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4WRVwXyFoPlHT6rFOaU62MYMOe4hVtHGNY5l%2FbSPTSF5OBEaf9TU3JrfLdtYdrEHWrI2r7uGUTJc0fqQ8xAPYh%2BW2l5efKhbUHKSCm9EgAyIbzgvbmWKN7n1LgtZUL0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d9a2bd2-FRA

GET
H2 200 download-1-275x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 9 KB
10 KB 258ms
247ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/download-1-275x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6659642c4cda14e9e9366d5c4fcf9fdf421db786ebee18948e6bec07ab31462c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 9538
cf-request-id: 06b45de4c600002bd23234d000000001
last-modified: Tue, 11 Feb 2020 03:16:56 GMT
server: cloudflare
etag: "b4d254b789e0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FPaMg32Usj8%2FB56bzIOm3kIRdvLLa6Adkw64UCw5vQzifC0HtdQCVJSPOmjVHfZ2jGUQ8oX02fmQgx14Qkjs2%2B9m2dMCkyfJLOz%2FjjYLqb6RybHnaPKba3C5KMsplv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d9b2bd2-FRA

GET
H2 200 trimetilaminuria-e-sindrome-do-odor-de-peixe-696x385.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 78 KB
78 KB 407ms
397ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/trimetilaminuria-e-sindrome-do-odor-de-peixe-696x385.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ece9a39f21243d2c5e3610a4163e2af8243833d0be9985542856b969726025a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 79812
cf-request-id: 06b45de4c600002bd264a20000000001
last-modified: Sun, 26 Jan 2020 19:13:38 GMT
server: cloudflare
etag: "05d7db67cd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Qxdr4P4w0sOOtiYz9I3xE93oTecwPvSMrYimpE%2BQ6OR%2FxZtiFNWW4m2XdAzKoF4J94NykaPVK5NMp9iN3%2FPS60eZ6kaPME8OIk9cA2D4Da7XsjgUJKlBMzUDZVvjaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d9c2bd2-FRA

GET
H2 200 hamburguer-vegetal-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 23 KB
24 KB 369ms
359ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/hamburguer-vegetal-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d71331ca21ef9691a7db1f7665d41f0a102f6990ae882ca857c20d99f7acae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 23769
cf-request-id: 06b45de4c600002bd24cb47000000001
last-modified: Sun, 26 Jan 2020 19:31:14 GMT
server: cloudflare
etag: "02dea2b7fd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HoEBwvOToyC9V2BwCNA359ozODTzHvj7cfHN0npRRhEKO74P8r55yBI8w%2FVe0VtRC39DqlThVRLfY%2BTNZmOoSbeYnirVKchakeHAk9AUxr5GlhGYy0qjVTQtcQYNMhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d9d2bd2-FRA

GET
H2 200 receita-de-grao-de-bico-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 53 KB
54 KB 407ms
397ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/receita-de-grao-de-bico-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

266330fad0319c25944f535a0d99af4c7b365d83dd27348a26a58e5b40c14584

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 54565
cf-request-id: 06b45de4c600002bd275938000000001
last-modified: Sun, 26 Jan 2020 19:16:46 GMT
server: cloudflare
etag: "0e38b267dd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iE0%2FtiSTwSfX7dgmL59ffxr%2F5VLJnurtOSgvxoRy38KEp83YirGKsJjmUsyqvxkDPmY3ditLEPqgXfeVb9808zg58FOt8xOV%2B0bvpNaRAHOHLcBknjL%2F8voON1xUaaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d9e2bd2-FRA

GET
H2 200 imagem27-01-2020-19-01-11-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 83 KB
83 KB 370ms
360ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/imagem27-01-2020-19-01-11-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96bde909ae4cc990a493f1710fecad71b900a408d17a10248d619cf3ab9804d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 84503
cf-request-id: 06b45de4c600002bd23cbf4000000001
last-modified: Mon, 27 Jan 2020 19:45:17 GMT
server: cloudflare
etag: "8084cb4c4ad5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZKoumeBj2Uogv7BB03iBO4GiY1CHVexKqpjZ%2B9KRJ1TDHczj1BR6M4zEA8BYlh9DZpeCpCYweHrOa395ACx9EuBA3x0ub8kPtA6ksSVJeRhatZL2fQusSqsTQhGfTAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46d9f2bd2-FRA

GET
H2 200 como-ganhar-massa-muscular-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 6 KB
6 KB 258ms
248ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/como-ganhar-massa-muscular-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20cf47e0735b3d4c7c5931a0d3d09516c825b21673c37db5c8464fcacab03a00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6177
cf-request-id: 06b45de4c600002bd25b24e000000001
last-modified: Mon, 27 Jan 2020 20:53:19 GMT
server: cloudflare
etag: "8049dbcd53d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zWp6Kus29QFAgAtp3g5NnN5UlbwlOEd8hKKYjBUoq90apI8tib6M3fz83ntGeUGxIqwdfUXNzm0BAZhJbgLhMEQgK5mZeOgnNVMEfR25mX2HRJ0kDs%2FAOHVNovREd5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46da02bd2-FRA

GET
H2 200 alimentos-e-bebidas-que-causam-manchas-nos-dentes-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 7 KB
7 KB 259ms
249ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-e-bebidas-que-causam-manchas-nos-dentes-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9091ad8ab447fd9b230306e328c9a397f39eba4a7570c9ee2545ae487f5f35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7152
cf-request-id: 06b45de4c700002bd29faad000000001
last-modified: Mon, 27 Jan 2020 01:22:53 GMT
server: cloudflare
etag: "8014e64bb0d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wSoJlFBSKvohmjXrb1WA1FSqKCZHnETkqUYSnPnP41Sg2bDACrTGxsnTs2k2zDr%2FqM3ffJ%2FN2APzlDXkrSflDj74SyjWJWvD9V36MI1CvNX5nEY0nqHR38kF5vtp0ks%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46da12bd2-FRA

GET
H2 200 leites-vegetais-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 27 KB
27 KB 405ms
396ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/leites-vegetais-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477b0e7861ac1d9839b0326df78955e784f7134a90b85be1c83ebb41e5b4cb27

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 27786
cf-request-id: 06b45de4c700002bd26d877000000001
last-modified: Mon, 27 Jan 2020 00:00:20 GMT
server: cloudflare
etag: "042aec3a4d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mus%2F2AGNnfjp4h%2BQOPgcojDSoSLo7TrByeMCsZggw%2Fn8gwhKY9s95PTgxhlNzLNQHl9jfkWfpRe3cxuAe4UKPBdwQmNPTDe%2B30s1Q14M4a3kWxuh8NMISEoYB8IxrAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46da22bd2-FRA

GET
H2 200 jambu-e-bom-pra-que-150x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 38 KB
38 KB 408ms
399ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/jambu-e-bom-pra-que-150x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

637dcd44e3416fd3cab76616f4c3a5f49445728300e84117d758f142bc9234c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 38873
cf-request-id: 06b45de4c700002bd24922a000000001
last-modified: Mon, 27 Jan 2020 20:23:35 GMT
server: cloudflare
etag: "807d82a64fd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jXup3Y1kwiSDK%2Fs0C45vUti7rdocY%2BqnpIxxJbWe8Dlrvdm9AE46S4e%2BVt9lt1SIhNDusryzCHxq5PGLMWX%2BX%2FXiaafNl2DtQMAUMlXkrfo2XDZugEqo3qC6AODS%2BTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46da32bd2-FRA

GET
H2 200 hamburguer-vegetal-150x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 22 KB
23 KB 370ms
361ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/hamburguer-vegetal-150x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2946d0b6261c3d9c02821f77df0bc7fe1b4df534087c5e6070a53e99298b3e4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 22911
cf-request-id: 06b45de4c700002bd23e347000000001
last-modified: Sun, 26 Jan 2020 19:31:14 GMT
server: cloudflare
etag: "02dea2b7fd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9yQZx2aC1FWbIit8PW8UOau7ZGH0uDdDhL%2FaGNc54XRrYmYHtMFmYLMTObsfV8Poukg3hn97a%2FWu350Hi38C0K9%2BC5%2FfVBwfQzpSbnjtfiltasTu1%2BmASrPNfU1H4R8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46da62bd2-FRA

GET
H2 200 m3-150x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 6 KB
6 KB 260ms
251ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m3-150x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a310751daf9c3a3e16dd621ec0ffd4167ca4814631a4355ff3e2a60161c82115

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6180
cf-request-id: 06b45de4c700002bd293107000000001
last-modified: Mon, 03 Feb 2020 22:48:08 GMT
server: cloudflare
etag: "39f93f1e4dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e2OPPYXMXA7sku3Ya%2BXvA8GOO8rLmtml0R9pmOAIi94OPVv7hInIlDt6njc3hEHfEFkTI178g8ecaGjRMEJYaIPb7berVazr%2BeQiwkF2tf8SMh1vc%2Fkgwv3hsmwqcyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46da82bd2-FRA

GET
H2 200 dieta-detox-para-figado-funciona-150x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 4 KB
4 KB 260ms
251ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/dieta-detox-para-figado-funciona-150x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1052a775a53a42b82f3a91ee1d74876c92e40cdb78ff3beb50098e343e0ac87d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4197
cf-request-id: 06b45de4c700002bd27e3d6000000001
last-modified: Sun, 26 Jan 2020 19:15:48 GMT
server: cloudflare
etag: "0caf937dd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9dTUbNIZe6qquxXsBujSxpMHA%2FXcBd7bdF5%2BEWDYDvkKCl7dZd9Tc4a1SxVr3GkTex7DTNulmAso50aUhiZ1zdgt6bQJwlhi4s3lEWY5JYSeX%2FsaQEu6wQUU8C9cXT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46da92bd2-FRA

GET
H2 200 cafe-gelado-e-saudavel-150x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 18 KB
18 KB 403ms
395ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/cafe-gelado-e-saudavel-150x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3151e97d93d37f3865331b4227a42a09575453a53d0bb048497abaae4f419a30

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 18525
cf-request-id: 06b45de4c800002bd28d977000000001
last-modified: Sun, 26 Jan 2020 19:16:18 GMT
server: cloudflare
etag: "06ddb157dd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qu2knB4ti2vhqb5WqAVPo5m5%2BFj5Vewsrza3x4d%2BRyLnAWwXQ4OTWR5WJ60poIY8C%2F9RnL61tM9f9zIuhdJsk5XTiSf5O%2BTnVbt6OiSigPHBentp5rMVOn36bmfZRbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46daa2bd2-FRA

GET
H2 200 black-friday-panela-de-pressao-eletrica-150x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 4 KB
4 KB 267ms
258ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/black-friday-panela-de-pressao-eletrica-150x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90bf8ad394e8cc9f996f7f710dee0c57a220ab165d86de204e616b7ec7b114ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4150
cf-request-id: 06b45de4c800002bd2a2246000000001
last-modified: Mon, 27 Jan 2020 17:11:27 GMT
server: cloudflare
etag: "804949cf34d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BVSbMYsuV6yAv8MeaHSB%2F45JrZpik4G%2BNcfohvZxZ6qgs5nY1oz03j6t3iM7yyWJhgrP8S1sWa%2BkYJH0NXKkozhhpktYNX9ZD0RlEhL%2FwJP9hPxUkaZ29yJXnHX0Dwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dab2bd2-FRA

GET
H2 200 cha-e-bom-pra-que-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 5 KB
6 KB 260ms
252ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/cha-e-bom-pra-que-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073e4a2140fd115de1b6050dc1dcaa7577df5fde701a040036559988d89028eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 5271
cf-request-id: 06b45de4c800002bd29caf5000000001
last-modified: Mon, 27 Jan 2020 01:37:27 GMT
server: cloudflare
etag: "80e5d754b2d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ryaPHWba%2BGZrXFUxrasIZoNNhctPAjHxbtaMu7ebKKDiJ1%2B2SZNU%2BsidKO1g9srdGmfKYm6ousB4sKBl%2FvC1IsvVRTUB2s622kzl%2BURNx16tmJL3F7hl1YNqnhGLzf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dad2bd2-FRA

GET
H2 200 picada-de-cobra-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 74 KB
75 KB 404ms
395ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/picada-de-cobra-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4f9f30a75b799c301f0c56b6320276d5bd36efee7598be7e2360dc24d6c9db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 76055
cf-request-id: 06b45de4c800002bd241b2a000000001
last-modified: Mon, 27 Jan 2020 06:26:23 GMT
server: cloudflare
etag: "8091e7b1dad4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q9BZLRLFm8y70%2FnlCk2ODa1Yjc5tQ3SFcEc62OLSzV6LHWmfpmgkVEdKf3bOROjZ8ivWuNg3LoclCXB2MXR8ia7VL%2FCBQaIKvKliPih2BjpacG8ZyaRQwBRNvMQdIqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46db02bd2-FRA

GET
H2 200 o-que-e-bom-para-constipacao-324x235.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 60 KB
60 KB 402ms
394ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/o-que-e-bom-para-constipacao-324x235.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509af098731fc8b9e89fed339fbd1322abd8f1906e5f6a35c8f5449d976133ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 60981
cf-request-id: 06b45de4c800002bd2b1953000000001
last-modified: Mon, 27 Jan 2020 07:24:56 GMT
server: cloudflare
etag: "0d4d0dfe2d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A1kjyTyL0bPxiPzW7hWtC%2FzDNRzlJzrrZ8Ju0w0aLm8NDBpvV5UHrYiah%2ByldeGV9Rm0zK9OdLvSz3x8tp5FQkSV0LKYLk9jCTd3rQm9w4%2F8VtXB0QqFYGQM9FGCE6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46db12bd2-FRA

GET
H2 200 trimetilaminuria-e-sindrome-do-odor-de-peixe-100x70.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 4 KB
4 KB 266ms
258ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/trimetilaminuria-e-sindrome-do-odor-de-peixe-100x70.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e5bef8dd9eaf947c440d7e9a1b7e39759dcf6c45d7457e12e320aa5c847f57a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 3585
cf-request-id: 06b45de4c900002bd27c11a000000001
last-modified: Sun, 26 Jan 2020 19:13:37 GMT
server: cloudflare
etag: "80c6e4b57cd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2zBrxu9Y5pIFYnQP2P74Jk3S4%2BO0EGIxcob42slz6n7S4I2cq3gnUIokqNLG388EtaNse4SHSo4jhGUDKLz7i5Zp9kWWrDanxYYg6bD%2FbbfQWcDA79%2Fyr7maMvZ2ChM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46db22bd2-FRA

GET
H2 200 consumo-de-sal-100x70.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 2 KB
2 KB 261ms
253ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/consumo-de-sal-100x70.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e552d5a8ffbd69838d044cbd32f74eff1cc9db4653ee4ea49e72bd854ec0cb2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 1941
cf-request-id: 06b45de4c900002bd23996e000000001
last-modified: Mon, 27 Jan 2020 16:35:41 GMT
server: cloudflare
etag: "80ac2bd02fd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9SzA4mzHe6sVC1353QYId6A4mu22lyLU3Dt2iXIN558TMovIERvAYg5XRoYSqhgg%2B9vwHkRkyRS8ADpd04Ie39ekG6op%2BxnyclNO%2FJ2j%2Bq2gnuYLuxafneenReLFjQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46db32bd2-FRA

GET
H2 200 8007-100x70.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 2 KB
2 KB 264ms
256ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8007-100x70.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00557e18dcbae607f348a1e71d938cab7cf74358b71a5a3b9b6c5908e3308d0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 1642
cf-request-id: 06b45de4c900002bd285aa5000000001
last-modified: Mon, 03 Feb 2020 21:27:00 GMT
server: cloudflare
etag: "5cd57dabd8dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uqiceU4qxVkNggjr0kCFob8t1FaMX3BSdi2upqNf%2FXTQWQPHafeKjYj2nHYCwWGDsjpdgTEx1LAec%2BFoy2wQ9AoaonmHFCB9bCfL37l8ULDdPizOPCDo5Z65I359H1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46db42bd2-FRA

GET
H2 200 m2-100x70.png
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
7 KB 266ms
258ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m2-100x70.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf5306b9533b6a1355580032fab8edb38024d73f436170be0efc1a6e387588ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6805
cf-request-id: 06b45de4c900002bd29e92f000000001
last-modified: Mon, 03 Feb 2020 22:41:41 GMT
server: cloudflare
etag: "1511a21ae3dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RnF0JyvCfhADiCy7POwbmjSPTs6iA40UpH5r3pb36vjvDi0SY5UepndSFjwWQi0Txm347uOVMznFep5ATwV9h9ZvjB52ZFU0tLAGx6kKcvki5rBibN1XSw9ZWnAhNfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46db62bd2-FRA

GET
H2 200 imagem27-01-2020-19-01-11-324x160.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 126 KB
126 KB 405ms
398ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/imagem27-01-2020-19-01-11-324x160.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50c48477149acdcf2812be497babed6d269b75c9bf4b324e99f5a9ed67ef732f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 128674
cf-request-id: 06b45de4ca00002bd261318000000001
last-modified: Mon, 27 Jan 2020 19:45:17 GMT
server: cloudflare
etag: "8084cb4c4ad5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0%2Fa2HC4BVSf2r2qVCyXMISFJ1ZdhZa7dmZY4K7Gn3VGEDZvHpjqgBzrZdzW0gDPLOdGk23fuwBnTCZNFCwEKIi6WeMNtoijOYIFrX%2BqGgHBU1kLkgk0Qj9JIlY1aGcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46db82bd2-FRA

GET
H2 200 Alergia-1200x600-1-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
7 KB 260ms
252ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/Alergia-1200x600-1-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea04284a237406470e07671892ef250652f5effcb1b05ba03ba8f0b91ae86b0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7262
cf-request-id: 06b45de4ca00002bd2341db000000001
last-modified: Sat, 15 Feb 2020 02:47:28 GMT
server: cloudflare
etag: "ebf0543aae3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Nqb0JRXFzqdE4iaN6%2BAekvmH3uHQjSANLh1djSIuYR4Eyp8RFtDN8JDLbEm8l20vNDuYsdahCUtjG8GBULNvj2MyjDAFJqWmkfnP7J4NPyuBCByYAeSxQyTYZmnYnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46db92bd2-FRA

GET
H2 200 alongamentos-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 12 KB
13 KB 262ms
255ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/alongamentos-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7dad86ca119299aa0677d6e374ab4f868f8fb3aebad5e1e572e3c9daab91ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 12698
cf-request-id: 06b45de4ca00002bd25a324000000001
last-modified: Thu, 06 Feb 2020 23:03:28 GMT
server: cloudflare
etag: "70e99ea441ddd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t0U30H0sDD4B5XVcUws4j7eSDLg1YFSD4PO92hXJr1Tythfp5MAD6NFX2gErgcEr1DolZ62OPkky40nnzKj6Ol9FNnR0G5wl5YLHe4MgNRFOkMkwsNVYqg05xuLlz%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dba2bd2-FRA

GET
H2 200 m3-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 11 KB
11 KB 261ms
254ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m3-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1230ca571a79f4bf29245b4ea6abbd99834461fd37d9cbe597fb1bc955b95a04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 11223
cf-request-id: 06b45de4ca00002bd248b0e000000001
last-modified: Mon, 03 Feb 2020 22:48:08 GMT
server: cloudflare
etag: "52f0551e4dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MgZsArRlIsxyLBafEyrY%2FSHbaPL85NxYU%2BwouYi%2Bs22QuklWjA%2FnZ6oD%2BwmRaRnlbfwS%2F6sh6Q6wbtaetc13sHu5iOjMuH%2FtWJz0DPSdtk8beULjZObU93go5Hxm5DI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dbb2bd2-FRA

GET
H2 200 m2-324x160.png
bemestarglobal.fun/wp-content/uploads/2020/02/ 48 KB
48 KB 405ms
398ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m2-324x160.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2819a8960e6500a74f45ba78ef007d64b04604e9f51b2e8895f842a52893fd74

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 48720
cf-request-id: 06b45de4ca00002bd27191c000000001
last-modified: Mon, 03 Feb 2020 22:41:41 GMT
server: cloudflare
etag: "4456c11ae3dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LVWxw6XXnjsY4fMf9o8SwZ7%2BRZvtOx2Q%2BhzsjI%2F6sAvQWLEGuYE3YUUYZiDLvemd9AL1TiPYxpua3tUH5PnMs4qg84j34Vsu6uheck2nnFyWUcriTMHXjzOSNRkuNAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dbd2bd2-FRA

GET
H2 200 m1-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
7 KB 261ms
255ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m1-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62fef6c7e0e4de569c7e2a271193cab4a4dac629503df75093265639fd93bd1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7042
cf-request-id: 06b45de4cb00002bd26e85f000000001
last-modified: Mon, 03 Feb 2020 21:47:55 GMT
server: cloudflare
etag: "a678bf97dbdad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u2gaLKgP%2BNPuFKWLsucTr%2BxlH0OX86gyK67nvonvS%2F9UrzpjiOkHrxtU8hmjJYL7JehdQAT39fg6J9Of5oUufjO8GmzY0iTW7e9hoXeaoRL5Rrojqb6GcBPSNkW2DsU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dbf2bd2-FRA

GET
H2 200 8007-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 4 KB
4 KB 264ms
257ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8007-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c86783af68588ef60acc0ba2149c546e1f0abf132b5b35648fb3af87d637f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4082
cf-request-id: 06b45de4cb00002bd27b95c000000001
last-modified: Mon, 03 Feb 2020 21:27:00 GMT
server: cloudflare
etag: "3bb9babd8dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AcBaPyhPxb7393hzX1DcM%2B5NT2Wj1pFG5iXsHTWSaafwjCTXBfX65fD0G5GHowHvt0q%2FIPSduIyb7JHBFG6Xe2vhnVpJJuoMZRJfUzZnj3KHJpEl2Peh57hmzrA78Jw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dc22bd2-FRA

GET
H2 200 8-dicas-para-cuidar-do-bem-estar-dos-idosos-no-verao-1-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
8 KB 263ms
257ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8-dicas-para-cuidar-do-bem-estar-dos-idosos-no-verao-1-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d450f3bc065ae3a613269957140e3183c36dcb8e13658cfcd90e83f800ec615

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7414
cf-request-id: 06b45de4cb00002bd283137000000001
last-modified: Mon, 03 Feb 2020 21:04:01 GMT
server: cloudflare
etag: "e194c075d5dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OFSCP5uztZQ%2FwDQ2JTBVV9QF5KUxaj3ofkEUGcZsB%2Fufj%2FhPbl4MVV%2FWrNiZz1T%2FQEs57VlVz1js8IEvmmUJQmwGen5hfiNMCdufVYXhIvYdBVyu6mi3utcEUQrRRH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dc32bd2-FRA

GET
H2 200 saude-bem-estar.jpg1_-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
8 KB 255ms
249ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/saude-bem-estar.jpg1_-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffaa77713f0e6251a44c92284921b1ef3b3b375264d6311a0161dff2ddfbc53e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7215
cf-request-id: 06b45de4cb00002bd2a7247000000001
last-modified: Mon, 03 Feb 2020 20:22:25 GMT
server: cloudflare
etag: "1421f6a5cfdad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eYPW1Oc3MlVWNCjxP9h5fHouDfuIG7qUs2YmKXDHn4sRPYHcYefMVyfsy%2FMnVD96GNyoBoKUU3rpPkXcH92%2F8J77e8UBsQbH2bHDhxaE4Kdp%2F62B3PW1r%2BvxAiLYsQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dc42bd2-FRA

GET
H2 200 esgotamento-mental-324x160.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 12 KB
12 KB 260ms
254ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/esgotamento-mental-324x160.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec70430d7840a8c54f42db530d9fd04cecb409dd23bb14acd099b994ad6e4e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 12284
cf-request-id: 06b45de4cb00002bd24cb48000000001
last-modified: Tue, 28 Jan 2020 21:40:20 GMT
server: cloudflare
etag: "07ab78923d6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p3ncLSH7xtnVv6tR1YaQZ4tljVWzF%2FkajlxAjbrTkCXDWFAX44YNf1vdW0U3n2WYLNcXEfjc3f1HXA2r4AeJ%2B0cFQVLoQDB7sfejngSna7y8NlTXccuoF4wApOyme3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b46dc72bd2-FRA

GET
H2 200 email-decode.min.js Show response
bemestarglobal.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
7ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06b45de49100002bd292bed000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7R%2F24JfVSoKqQzymFXpdRQcIlHQLIiXhX10ZlEZtFcy8UQHD6LJxBBwLwJ9AGvLdPqV6FglEDyBsxe3wJ0Fl1C3ZtCw2E58An9ftkYzCB29IqJ7vux4alp%2BiYeZeAKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5f9a65b41cf92bd2-FRA
expires: Tue, 01 Dec 2020 06:50:56 GMT

GET
H2 200 scripts.js Show response
bemestarglobal.fun/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 259ms
245ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:46:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"805369fd78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4htE5rPt7iUZ2cRkuJcAX%2BScuV2PXaS90mdZ0T%2Bs%2F1pmL5Vg7UHyHKbyt8vwUXpH%2FsoPOCd2XfDwcCpG8bBUHjOmA5vFfr%2Fc4nskagt3gXw05SwHiVb8AV2WNYU8meo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b46d6f2bd2-FRA
cf-request-id: 06b45de4bf00002bd24cb46000000001

GET
H2 200 tagdiv_theme.min.js Show response
bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/js/ 203 KB
46 KB 488ms
475ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/js/tagdiv_theme.min.js?ver=8.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57aaa20be325e520dc5700769644f698b4edb96c44287656317c403629d37ebc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:22:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80d6a69f078d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VrIloWX8qDIUUI18L%2BjNJqTvDuAGHNVf%2Fak0wk8aUQV%2F4czTrqBhsrWCyMRU%2FXqj4MGWHBajOVOrlShwjB%2FdjSgjuGo634g86N1SGIVVfH8tpYtxzZzPvnoJ9X6YwbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b46d712bd2-FRA
cf-request-id: 06b45de4bf00002bd275937000000001

GET
H2 200 comment-reply.min.js Show response
bemestarglobal.fun/wp-includes/js/ 2 KB
1 KB 254ms
241ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/comment-reply.min.js?ver=5.3.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:43:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8057aa7c78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HOLgpQ2SVJq8dGyulj5uCZA2mytPpJJlzCFvHS6wd5BdEf%2F5Sz%2FBtz8hzo%2F5nZEnnDqirVxGTW9QUIuteiQ863OJ9eiAM70zwiMJkN3KLeky2jSfDwssrbEHIMAP3D4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b46d732bd2-FRA
cf-request-id: 06b45de4c000002bd23cbf3000000001

GET
H2 200 wp-embed.min.js Show response
bemestarglobal.fun/wp-includes/js/ 1 KB
983 B 257ms
244ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/wp-embed.min.js?ver=5.3.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:43:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8057aa7c78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vEZiyi%2B8fIIhGOKm%2Begug6%2Bh4H4sYkcMG9R5jhZMIqETY0vlYtlXNHJn53UtJ01E3fJ86IWPidLxxrqo2uAAxvpXUXjIFkpVvXsiqj0md%2B18VE1EmhYqfWKQUMJzRyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b46d752bd2-FRA
cf-request-id: 06b45de4c000002bd25b24d000000001

GET 10.jpg
www.bemestarglobal.com.br/wp-content/uploads/2018/11/ 0
0

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 como-proteger-os-olhos-do-sol-534x453.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 194 KB
194 KB 384ms
383ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/como-proteger-os-olhos-do-sol-534x453.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3a252576cec8eba1e895b3d1b033089ea775c6579aab91989c2517236f48f13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 198203
cf-request-id: 06b45de4d700002bd260197000000001
last-modified: Sun, 26 Jan 2020 19:14:24 GMT
server: cloudflare
etag: "068e8d17cd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D3hXYqXFGtwXAFs2TRmIypZj7OGcClV77CnNuNdCPajgiJ9QpXqBmhFliUkQqKSMXLa4TMdWNQH9Q6YvlMGL7d4qBbSxn0HMHA4rZgUKWXxzjAk9it%2FtRuEiTvESl48%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b48ded2bd2-FRA

GET
H2 200 saude-bem-estar.jpg1_-534x350.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 21 KB
22 KB 382ms
381ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/saude-bem-estar.jpg1_-534x350.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1b6a9fd96e413ec94022bcd1bf9cf3a4d705d08da80daa03264914c34f9fc2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 21732
cf-request-id: 06b45de4d700002bd2a7249000000001
last-modified: Mon, 03 Feb 2020 20:22:25 GMT
server: cloudflare
etag: "f3d617a6cfdad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xiAXTyXzVKTXjJcOLMNkBQgOwZbn%2BcfNEX%2BdYyzKNFHbi4SOGg17glttEQHUR98WhMS%2FarVnVn1n8z5zNbtJt8HMdQlhdIMx6OJq6RFjDX8w%2BGjFxdML3asc%2F5A3TcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b48df12bd2-FRA

GET
H2 200 pq-o-cabelo-fica-branco-534x453.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 76 KB
77 KB 383ms
382ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/pq-o-cabelo-fica-branco-534x453.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a09f2f5523650a471891e7a29bfebe86508b695736d37aa605a191bae76d094

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 78027
cf-request-id: 06b45de4d900002bd2a791d000000001
last-modified: Sun, 26 Jan 2020 20:52:13 GMT
server: cloudflare
etag: "80bc1a7c8ad4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N8fNP5JIqtpecZ9CVAl%2FXjBuVyJ%2FcSEVZB%2BFOSTZBQb4WYDts47RUmMOU2kTtAoZ9vrGTfk9I5Mksy8p3PkdNiV%2FUdgIIGDLWxuAruKeU1rSfF2QJiys%2FDwhe7NYTVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b48df42bd2-FRA

GET
H2 200 alimentos-para-o-cerebro-534x462.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 73 KB
74 KB 380ms
380ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-para-o-cerebro-534x462.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3decd6ebbe8b9a062a96cb7c4b684f4c8e21c322b3ec5454a1a9233b63b1b186

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 75251
cf-request-id: 06b45de4d700002bd25b24f000000001
last-modified: Tue, 28 Jan 2020 15:05:25 GMT
server: cloudflare
etag: "8068655eecd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RbRUWl11sll8krjDw0%2FqHqoPuCPU7og5IUZP%2F9Ug6Za3TRkb2scdXy2X%2BgLNJt9JkHJ6XxTxIxp7BmANablbvORe6Npsy2CIxtpgqOkvqe3%2Bm208R8ZtHMeM7nLUsT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5f9a65b48df52bd2-FRA

GET
H2 200 newspaper.woff
bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/images/icons/ 18 KB
12 KB 379ms
378ms Font
font/x-woff 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/images/icons/newspaper.woff?14

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/style.css?ver=8.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d730d958599587aee3ee598871cc31de21c73d08a2d45dc437e62438ae753a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://bemestarglobal.fun
Referer: https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/style.css?ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:22:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"013dd7f078d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gooicH9xBc0UKxIuPEg8bfLaUbpZgFXtHkKsq9PxNVMdmVygYr%2F3RZOZM%2B5IF%2BvGJtm40OZ8WkNEwWZAT1jtsBQsT0o5uSSNtWtp5M%2FNF50H%2FPbZZ3uQfG3YJcRN%2Ffs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/x-woff
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5f9a65b49e092bd2-FRA
cf-request-id: 06b45de4dd00002bd29e931000000001

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v18/ 41 KB
42 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v18/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 01:58:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 20:45:21 GMT
server: sffe
age: 449568
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42444
x-xss-protection: 0
expires: Wed, 24 Nov 2021 01:58:08 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 28 Nov 2020 19:32:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 40710
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sun, 28 Nov 2021 19:32:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 17:20:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 567032
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Mon, 22 Nov 2021 17:20:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 240160
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:08:16 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:45:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 475517
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 23 Nov 2021 18:45:39 GMT

GET
H3-Q050 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:45:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:34 GMT
server: sffe
age: 475515
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Tue, 23 Nov 2021 18:45:41 GMT

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 09:05:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 251106
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Fri, 26 Nov 2021 09:05:50 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:06:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 459880
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 23 Nov 2021 23:06:16 GMT

GET
H3-Q050 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 93ms
60ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Sun, 29 Nov 2020 06:50:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
803 B 36ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=bemestarglobal.fun

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
317 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bemestarglobal.fun

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 227ms
227ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=162726421751086&correlator=1778643484231941&output=ldjh&impl=fif&eid=21068749%2C21068418&vrg=2020111701&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201129&iu_parts=112081842%2Cbemestarglobal.fun_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606632656706&dlt=1606632655412&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=242&adks=189184897&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=51&icsg=1068149503&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x294&msz=970x250&ga_vid=1918298979.1606632657&ga_sid=1606632657&ga_hid=832396502&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

4fcc1688e284e98e2c21c5c992bda15f7dda511ba71b2fb6cdb23d09ae0a9943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10478
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 77ms
39ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 441ms
440ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=162726421751086&correlator=1778643484231941&output=ldjh&impl=fif&eid=21068749%2C21068418&vrg=2020111701&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201129&iu_parts=112081842%2Cbemestarglobal.fun_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606632656716&dlt=1606632655412&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=944&adks=3837544199&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=51&icsg=1068149503&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x324&msz=336x280&ga_vid=1918298979.1606632657&ga_sid=1606632657&ga_hid=832396502&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

7734eb44b8ac16410e4dcdf327f0ff6083c80eb56a215f266bf350a6c2270000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10570
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
15 KB 801ms
800ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=162726421751086&correlator=1778643484231941&output=ldjh&impl=fif&eid=21068749%2C21068418&vrg=2020111701&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201129&iu_parts=112081842%2Cbemestarglobal.fun_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606632656721&dlt=1606632655412&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=1268&adks=2249543816&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=51&icsg=1068149503&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x294&msz=300x250&ga_vid=1918298979.1606632657&ga_sid=1606632657&ga_hid=832396502&fws=4&ohw=1600&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f03be224508dba099c541c85a1d6b6fc74e6f13f9d433ef86d520c2f56a128a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15434
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
278 B 1026ms
1025ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=162726421751086&correlator=1778643484231941&output=ldjh&impl=fif&eid=21068749%2C21068418&vrg=2020111701&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201129&iu_parts=112081842%2Cbemestarglobal.fun_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606632656724&dlt=1606632655412&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=3533&adks=2389259451&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=51&icsg=1068149503&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x134&msz=728x90&ga_vid=1918298979.1606632657&ga_sid=1606632657&ga_hid=832396502&fws=4&ohw=1600&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f0a38812ce10a0393ed5b543ae1da42cfbe38b715ad0c8c4a277529b926aef96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
322 B 900ms
899ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=162726421751086&correlator=1778643484231941&output=ldjh&impl=fif&eid=21068749%2C21068418&vrg=2020111701&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201129&iu_parts=112081842%2Cbemestarglobal.fun_fluidx250&enc_prev_ius=%2F0%2F1&prev_iu_szs=1600x250&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606632656726&dlt=1606632655412&idt=1267&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=906&adks=2474987350&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=51&icsg=1068149503&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=1600x-1&ga_vid=1918298979.1606632657&ga_sid=1606632657&ga_hid=832396502&fws=516&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

80dd0dfbeb45640bb5946e60073021c362bfb95bd911b0d46ca37fdf17354921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame EC1E 180 KB
50 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 333957
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:05:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame EC1E 13 KB
5 KB 33ms
12ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 308983
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:01:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame EC1E 90 KB
28 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 333617
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:10:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame EC1E 3 KB
1 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307882
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame EC1E 41 KB
13 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307882
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
DATA 200
OK truncated
/ Frame EC1E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d6b7ee4706064c1d53596c96b12b0b21358d237120e957fd40a73ea2aa3588a

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9408662970338994517
tpc.googlesyndication.com/simgad/ Frame EC1E 68 KB
68 KB 27ms
7ms Image
image/gif 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9408662970338994517

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62088c453247242a61cf21ea995a1886ed38c737d631e104b4b55d8187e15bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 21:28:13 GMT
x-content-type-options: nosniff
age: 379364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69427
x-xss-protection: 0
last-modified: Mon, 20 May 2019 11:50:40 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Nov 2021 21:28:13 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EC1E 3 KB
3 KB 26ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Nov 2020 21:09:44 GMT
x-content-type-options: nosniff
server: cafe
age: 34873
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 29 Nov 2020 21:09:44 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EC1E 344 B
811 B 26ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 69448
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 29 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC1E 0
0 37ms
36ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4jJe0ETDX8yDMZiHjuwPs7yVuAHVh6HnXcTD55fjCavu7Z7CEhABIKrswCNg9ZXOgeAEoAGGzezOA8gBA6kCN3qGRgODsj7gAgCoAwHIAwiqBNgBT9CWp5kKAWe473WIyYbo5AUGA5f9PrRsiQsB-Ejx368rmNmO5smJCT6GRPscl3RgKcEJL1-s-6c2dOgx1C7ADTtkbWXhQU9BRdnWb7pHfT67ano9H8QaprRZrH8zrYhhCSnNbFSA33rNq1ilS52MlFBymqalAXLriclSjA8w1zEBi3l5y-WkGxxc6DnJUyLIvwN-Dg7-et6kERKzHtfvKze_Xh0SkHMs_1aOz2EZABke3yFq5SGPQKoCWMqikvxBlNx_xU_mufG8NSYzb3y7tIZ58i02iWvWwASByIm2hwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AH4rKTMagH1ckbqAfw2RuoB_LZG6gHlJixAqgHpd8bqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELaMHdIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tOTEyOTU5OTg4NzkzOTIzMIAKA8gLAdgTCrIXGgoYCAESFHB1Yi04MzA5NzczODA4NjYxMzQ2&sigh=A3HzYkdCT6g&tpd=AGWhJmvywbsD1q0kM9Q_YiT0s-NFK7Xv9KEVFdbqEjcaKY0AVg
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
21ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6659b2fc7bfbcbf251223063004052c8d03ebab643e4d708e20533e374eee195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Nov 2020 06:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6560
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sun, 29 Nov 2020 06:50:57 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EC1E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

45ms
14ms

Image
text/html

2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 29 Nov 2020 06:50:57 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame AD94 0
0 29ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bemestarglobal.fun/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bemestarglobal.fun/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 28 Nov 2020 21:47:14 GMT
expires: Sun, 28 Nov 2021 21:47:14 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 32623
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 9408662970338994517
tpc.googlesyndication.com/simgad/ Frame EC1E 68 KB
68 KB 8ms
8ms Image
image/gif 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9408662970338994517

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62088c453247242a61cf21ea995a1886ed38c737d631e104b4b55d8187e15bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 21:28:13 GMT
x-content-type-options: nosniff
age: 379364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69427
x-xss-protection: 0
last-modified: Mon, 20 May 2019 11:50:40 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Nov 2021 21:28:13 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EC1E 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Nov 2020 21:09:44 GMT
x-content-type-options: nosniff
server: cafe
age: 34873
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 29 Nov 2020 21:09:44 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EC1E 344 B
439 B 7ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 69448
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 29 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame C147 180 KB
50 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 333957
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:05:00 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C147 13 KB
5 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 308983
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:01:14 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C147 90 KB
27 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 333617
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:10:40 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C147 3 KB
2 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307882
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C147 41 KB
13 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 307882
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C147 3 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Nov 2020 21:09:44 GMT
x-content-type-options: nosniff
server: cafe
age: 34873
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sun, 29 Nov 2020 21:09:44 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C147 344 B
369 B 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 69448
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 29 Nov 2020 11:33:29 GMT

GET
DATA 200
OK truncated
/ Frame C147 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c65499f6247c0aa95bd6c075cb9397eac020a033d696464a283e353919b87572

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 13811558808178575221
tpc.googlesyndication.com/simgad/ Frame C147 63 KB
63 KB 7ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13811558808178575221?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmH1FSf8ERRRvEVdbvXlpthkJVIrA

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cea8e617f9eb5737ee5e9ebb7a408fc540c43f060e73484587de2fa8144aa94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 20:19:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 19:02:14 GMT
server: sffe
age: 124294
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64129
x-xss-protection: 0
expires: Sat, 27 Nov 2021 20:19:23 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C147 0
0 75ms
27ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRt5zzsT6bAoQa-K_OEsg9akbpCDhJwl6bJ-EfoB4VqSNfODHXOly8Fp8Ju4HOND427pmHH
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C147 0
0 48ms
47ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C18570ETDX9L6OsGbrASPs5mwB9ysj6Fg3rKuw90MzpevlasJEAEgquzAI2D1lc6B4ASgAdG5qMIDyAEC4AIAqAMByAMIqgTTAU_Qh-cQocQRiRijJrVJx5X-gGtAO-Ho9UoxYRGYGWNOcAw03HwjFuH2t13BapR4N6Q9YsY3IfjcoIny4b_kvbfo6NS_4y4-2dqS8Accy-Sp6Qmz--7WRSImsTJNvTzBjFzqYojYfmbHj-IiA4fFX7ydtADVMJwGB6g1qTfWWAhCFjEOOBvt2ZHkTU8N0ifTNpSY4qiNSBFZaRd5J56igCLOz12RoL0Rj_Y6gx8gBtA5DD7bLEHk2Af96i-u9I8-kL2WSivWAp1tDnoBjv4519lJoPvABJSAzJytA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeXxtc9qAfVyRuoB_DZG6gH8tkbqAeUmLECqAel3xuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ16UF0ggJCIDhgEAQARgd8ggbYWR4LXN1YnN5bi05MTI5NTk5ODg3OTM5MjMwgAoDyAsB2BMCshcaChgIARIUcHViLTgzMDk3NzM4MDg2NjEzNDY&sigh=y7OKZ6WPV3w&tpd=AGWhJmsRZU0iGOZKAD_fSTTm0IhB9o0ACdr8o1cdFJZglhqsug
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C147
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 29 Nov 2020 06:50:57 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
196 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=162726421751086&bg=!19Sl1PTNAAVGySeIRlj1oX8-iCiRYAIAAAC3UgAAAA9oAQcKAXFCOHqZRkG1eaogU9ZkbHcXKjHREhUBS1M2g5KNsAiSHXLHVmQ_z32i8O7YSq76KazOHCcRN8KRqL5SF3qLmLK-C5XpVDe5MjrxFsCmpHWtf80ZJIfSMdXfZdjOpmnMWd94TKA_ejiCytB3l6Sfh9vdLW5VdYquDtfXq22Hu709MCwNR7D1FrSeolLqP8gDOP5DrHZcvdEZtNRg8FEpnEzo1_J3tEXMvufqWwNFacWP9THIU_gZ1z0WZR4WpcOawaSCCg2XG8R-IkSpEu4yCP6Xh6ccHrfyXdawICXa-WqJZTuUMoqDfX9OfSO_UFSIPi3b9H6EP9xTJb8058o3NhhhJKLr5y3PWJWF0STLKduG4xxPXb3VF08Si-EQegI3HK_S3HbQjB0nbMFTvy78qgNuc94hR5ugnfrvwCvisy8XSSomMX7NFvycRJC4wpNBV2d6sWvNzTjTZAGMiP4Ng4CiqNAIrGtTgDdGMd2lVnI_s_yZAbuTwhiLoVSRwdYg9VCthbjlYBomzV3hDPn7dbzDt1yjhPmpHOxDgqdgzIiP2xlyv6SFUD5cdUgBa0g9xj-wgNx6A1EEOGmuJcfPoYebmLbsC0I1poylPCV1HMmVpEmJBRhuUTqjev4SfKizIpHqDqCC00AILChm1-6_yyu7xltknjiRYQ3r3j_RPKWxsLkigSecOnFhBFXgIupY_zT5rrGnESnXCBUNlWs0EIWbov7AT6z9uaWQyYXFBnEo3IInpHHqa3p_ZdPs4lq2KCywzcNjjUW8UpMqTDDivkejZPRRBGnPPfYtd0Pycg4h-OfKdFqlO4c01UUF5Q4jtOz8Ri2WU9UU0cZxKq-Yv_UfrDtBLFQE_1rlLdJ8W0Lr5c-w2ELewnYFwoDBHVdij00W1CP-clQm9jlqUhWOeiZxccJovcgcFG0E9nS8aAu1p2Ri2ac-uVNHvGCh6PmcHCb_NOGQCfmz8o4KURMTsNRuQariWg_Q5CAnj9ygU4zzFaqDWiGireUmfLtmFCMHzSyYzjnxHHfjKGlbFzxNCfMeJ1D9HNFvhDkhr5aU66jhwcdbyUBaZRpLDs5XqxyohA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 06:50:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C7DA 0
0 27ms
13ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bemestarglobal.fun/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bemestarglobal.fun/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 29 Nov 2020 06:50:56 GMT
expires: Mon, 29 Nov 2021 06:50:56 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 06:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Sun, 29 Nov 2020 06:50:57 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EC1E 42 B
94 B 21ms
20ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBXuE-cMiIBPLmCLJBeyv-qo5EXNEejJk42B5bvU9CWn_A7Y_t9Vx7X99mk0O-hjl5rbCu68_dojKRwhgtSaV4j25bnXbKvSLmlvkXpeAmsyI-R3-SviGt_GxKbX-t7lH_DWX78y1KmSLyd5DAo3EJ&sai=AMfl-YTVo-NI1iD-1mlT6P62DsHQyQWAgOgQi3T5L1q42nK2J9Mrhdp2K3mJ7VRgzBUBXCA-guk9puLr1P_2uySWf22lmS69DCYPFZOW0ECYmqEj9EqpE5THmdmZ5VhWPHc&sig=Cg0ArKJSzAlhzASuT1V4EAE&cid=CAASPeRo6c3cziws2YWhFRLUxXasAaXGaufFqWDsCeTI06JmtLQQfnqvyTb2JIAF6ZShZT1COiyzOxAqxJAxOmA&id=ampim&o=315,242&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=207&tls=1207&g=100&h=100&tt=1207&r=v&avms=ampa&adk=189184897

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 06:50:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C147 42 B
66 B 21ms
21ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstQPuFSIhlt46R1rX6e_lvxPJnv5sLH4gEaHR8rEUIN2N9p11oQUeBy0VKdZ9xQPyfEpgdIhHYLP3zr5Le05yEb1tkePXUZZqDnjLDOVPvUgyZcT_K9goDt3ITvkY4a7Oyywu9-FaRgJF5MXvdrNOLag&sai=AMfl-YTObT3eGWZLDAM4XOGR_8X1PCh8aajMtp6_dmaFKzsYiabveJeSVgQN3Qr7qu_xwb3M1Mkzkyx9_RmSRJM0Lpmg4yFPOvmWK44KpmbSIObg4MJz2boY8NiMyWE-_mUq&sig=Cg0ArKJSzNLcz-K_z20OEAE&cid=CAASPeRoI2kIKwmxVWGoC1VOANjw11lU12lG9Qh7s-wIuyLHyH5l6oznEfLV7h3-2TaIHxCTENGRxtRnrjccENo&id=ampim&o=1010,944&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=113&tls=1114&g=91.42857193946838&h=91.42857193946838&tt=1114&r=v&avms=ampa&adk=3837544199

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 06:50:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bemestarglobal.com.br
URL: https://www.bemestarglobal.com.br/wp-content/uploads/2018/11/10.jpg

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bemestarglobal.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: uac0ntet6qg595if61d006hts6
			.bemestarglobal.fun/	1970-01-19 15:00:24	Name: __cfduid Value: de58271f4f5ed5c68f6380d8abebf02fc1606632654

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://bemestarglobal.fun/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://bemestarglobal.fun/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://bemestarglobal.fun/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27d12952e6b5db3949cfff233a942cf4.safeframe.googlesyndication.com
adservice.google.ch
adservice.google.com
bemestarglobal.fun
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bemestarglobal.com.br
www.google.com
www.googletagservices.com
www.bemestarglobal.com.br
216.58.206.2
2606:4700:3030::6812:3ce3
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:816::2001
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2001
2a00:1450:4001:820::200a
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
073e4a2140fd115de1b6050dc1dcaa7577df5fde701a040036559988d89028eb
0a33ede08db57ecf67b9c46291b98795fe5338c443531096831a90bdfa487e70
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e552d5a8ffbd69838d044cbd32f74eff1cc9db4653ee4ea49e72bd854ec0cb2
1052a775a53a42b82f3a91ee1d74876c92e40cdb78ff3beb50098e343e0ac87d
1230ca571a79f4bf29245b4ea6abbd99834461fd37d9cbe597fb1bc955b95a04
17192d14b518552f7c75db83c6134a13d155207bc1feb99cefc04a8b2587797c
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1ad804e0729dda90e8b0792923635af46f6b3dfb6e82124125f00ca54ac642c1
1cea8e617f9eb5737ee5e9ebb7a408fc540c43f060e73484587de2fa8144aa94
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20cf47e0735b3d4c7c5931a0d3d09516c825b21673c37db5c8464fcacab03a00
215ac8ba68fd4d0dccc241ebfed79871510048b5dc8ebd81ad3153e0e7a64ea1
21c86783af68588ef60acc0ba2149c546e1f0abf132b5b35648fb3af87d637f0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266330fad0319c25944f535a0d99af4c7b365d83dd27348a26a58e5b40c14584
2819a8960e6500a74f45ba78ef007d64b04604e9f51b2e8895f842a52893fd74
2946d0b6261c3d9c02821f77df0bc7fe1b4df534087c5e6070a53e99298b3e4f
2c9091ad8ab447fd9b230306e328c9a397f39eba4a7570c9ee2545ae487f5f35
2d450f3bc065ae3a613269957140e3183c36dcb8e13658cfcd90e83f800ec615
3151e97d93d37f3865331b4227a42a09575453a53d0bb048497abaae4f419a30
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3db7e3828bc6cb9feb6d2f77ca2c53cb56510f6ce37b636bccdf6bbb6314abe5
3dc18212454be4bb2ea30886bafa0b509032813706773649174da0305ea5cfa6
3decd6ebbe8b9a062a96cb7c4b684f4c8e21c322b3ec5454a1a9233b63b1b186
3ec70430d7840a8c54f42db530d9fd04cecb409dd23bb14acd099b994ad6e4e3
3ec7505b9cfcae8ca3528aea18906b30c70f00ff2f4601f0feccd858db830b4f
3ece9a39f21243d2c5e3610a4163e2af8243833d0be9985542856b969726025a
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
477b0e7861ac1d9839b0326df78955e784f7134a90b85be1c83ebb41e5b4cb27
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bd565c807733a1065ac29160deba1aef9cdfa5dc2a9993526e00fbdba7e1c1f
4e77f3c7a238f9edafe7235e2f3ab2daece91c04ac4ce5d3655db9e11d1d8001
4fcc1688e284e98e2c21c5c992bda15f7dda511ba71b2fb6cdb23d09ae0a9943
509af098731fc8b9e89fed339fbd1322abd8f1906e5f6a35c8f5449d976133ec
50c48477149acdcf2812be497babed6d269b75c9bf4b324e99f5a9ed67ef732f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57aaa20be325e520dc5700769644f698b4edb96c44287656317c403629d37ebc
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5daec01dc1c415dfa28aa132ada582e1d1bf5a4dc51bf0525c4727eecefe2f21
5e5bef8dd9eaf947c440d7e9a1b7e39759dcf6c45d7457e12e320aa5c847f57a
62088c453247242a61cf21ea995a1886ed38c737d631e104b4b55d8187e15bf2
637dcd44e3416fd3cab76616f4c3a5f49445728300e84117d758f142bc9234c6
6659642c4cda14e9e9366d5c4fcf9fdf421db786ebee18948e6bec07ab31462c
6659b2fc7bfbcbf251223063004052c8d03ebab643e4d708e20533e374eee195
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
67d6ff9cdaf8e44146217d2171df6de56ba6678c3df0ea57158646c33958ce0a
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
6a09f2f5523650a471891e7a29bfebe86508b695736d37aa605a191bae76d094
6fdfb70b5a7b86d40db5e3651f5d66a444ce99fced7303dbef0025a368f2aae7
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7671dc771f1b919246554263f7dba1e9254ffb127813246bc2e5fe7c3fed55d1
7734eb44b8ac16410e4dcdf327f0ff6083c80eb56a215f266bf350a6c2270000
788b813ee69620dc1c52f2ca56f9e9740ccff4983cefd8103682bf36b67d5825
7d730d958599587aee3ee598871cc31de21c73d08a2d45dc437e62438ae753a3
80dd0dfbeb45640bb5946e60073021c362bfb95bd911b0d46ca37fdf17354921
8b7dad86ca119299aa0677d6e374ab4f868f8fb3aebad5e1e572e3c9daab91ee
90bf8ad394e8cc9f996f7f710dee0c57a220ab165d86de204e616b7ec7b114ef
96bde909ae4cc990a493f1710fecad71b900a408d17a10248d619cf3ab9804d8
9d44be7cfec3d2c29db1f35a1c5c20fa6db250e512f90deaeb9f2454fe04f578
9d6b7ee4706064c1d53596c96b12b0b21358d237120e957fd40a73ea2aa3588a
9f4f9f30a75b799c301f0c56b6320276d5bd36efee7598be7e2360dc24d6c9db
a310751daf9c3a3e16dd621ec0ffd4167ca4814631a4355ff3e2a60161c82115
a3a252576cec8eba1e895b3d1b033089ea775c6579aab91989c2517236f48f13
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a9167963c0a983cc4060aa79e8be838a95a615d9841ff20c9c623dcf9787ed60
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b62fef6c7e0e4de569c7e2a271193cab4a4dac629503df75093265639fd93bd1
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8d71331ca21ef9691a7db1f7665d41f0a102f6990ae882ca857c20d99f7acae
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
c2598484ecad2996835fb9552bb3beeae9b24642f262eddd708a440d1c91f1b2
c4b9ddc5158dd66c8c64fdd7e2b47bf5a071dd2038ae97e84dcb2ddf9af0ca72
c65499f6247c0aa95bd6c075cb9397eac020a033d696464a283e353919b87572
cdb8b3957b40dde4f132034ec94d63d46954cbd94da028b3f7a5b72d158a7e7e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf5306b9533b6a1355580032fab8edb38024d73f436170be0efc1a6e387588ba
d120a0d4e4b4531ca4981e3e176056e571454d03664246609593ea2ef0df8a23
d304ddd6609387906e306e6a81d3810e8d54ede8042b7bd3f87b164ddc2b2139
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d7574fa9f17d50faef16fcdaeef26f281417a24086d7f15abea950f8185f07b8
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ea0952a594d985f20247de8733d28aceefc477a16d440f72112fd6615b0637
ea04284a237406470e07671892ef250652f5effcb1b05ba03ba8f0b91ae86b0f
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00557e18dcbae607f348a1e71d938cab7cf74358b71a5a3b9b6c5908e3308d0
f03be224508dba099c541c85a1d6b6fc74e6f13f9d433ef86d520c2f56a128a9
f0a38812ce10a0393ed5b543ae1da42cfbe38b715ad0c8c4a277529b926aef96
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
fcf7de96eefe4e4343a183dcdb2b749a6f58b5a4d2f2c7a504214abbde94f365
fd1b6a9fd96e413ec94022bcd1bf9cf3a4d705d08da80daa03264914c34f9fc2
ffaa77713f0e6251a44c92284921b1ef3b3b375264d6311a0161dff2ddfbc53e
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

bemestarglobal.fun Open in urlscan Pro 2606:4700:3030::6812:3ce3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

120 Requests

99 %HTTPS

91 %IPv6

10 Domains

14 Subdomains

12 IPs

2 Countries

2432 kBTransfer

4748 kBSize

2 Cookies

0 Outgoing links

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bemestarglobal.fun Open in urlscan Pro
2606:4700:3030::6812:3ce3 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

99 %
HTTPS

91 %
IPv6

10
Domains

14
Subdomains

12
IPs

2
Countries

2432 kB
Transfer

4748 kB
Size

2
Cookies

120 HTTP transactions
3 data transactions