Submitted URL: https://naranja.com/
Effective URL: https://www.naranja.com/
Submission: On March 18 via automatic, source alexatop100k

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 54 HTTP transactions. The main IP is 50.57.3.149, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is www.naranja.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 17th 2018. Valid for: a year.
This is the only time www.naranja.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 50.57.3.149 19994 (RACKSPACE)
9 2600:9000:200... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 172.217.16.162 15169 (GOOGLE)
1 147.75.33.239 54825 (PACKET)
1 104.244.46.112 13414 (TWITTER)
3 2a03:2880:f00... 32934 (FACEBOOK)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 147.75.83.82 54825 (PACKET)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.133 13414 (TWITTER)
1 147.75.205.49 54825 (PACKET)
2 2a03:2880:f10... 32934 (FACEBOOK)
54 18
Domain Requested by
15 www.naranja.com www.naranja.com
9 images.ctfassets.net www.naranja.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net www.naranja.com
connect.facebook.net
2 www.facebook.com
2 www.google.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 api.retargetly.com www.naranja.com
api.retargetly.com
2 tn.alfredcx.com www.naranja.com
tn.alfredcx.com
2 www.googletagmanager.com www.naranja.com
1 vars.hotjar.com static.hotjar.com
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 script.hotjar.com static.hotjar.com
1 static.ads-twitter.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 naranja.com 1 redirects
0 www.google.de Failed
54 19
Subject Issuer Validity Valid
*.naranja.com
Go Daddy Secure Certificate Authority - G2
2018-12-17 -
2020-02-15
a year crt.sh
images.contentful.com
Amazon
2018-05-04 -
2019-06-04
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2018-09-06 -
2019-09-06
a year crt.sh
www.googleadservices.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3
2019-02-08 -
2019-05-09
3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2018-06-28 -
2019-07-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-01-21 -
2019-04-21
3 months crt.sh
ssl900688.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-07-19 -
2019-05-29
10 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
www.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3
2019-02-08 -
2019-05-09
3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2018-07-19 -
2019-08-28
a year crt.sh
t.co
DigiCert SHA2 High Assurance Server CA
2018-10-30 -
2019-11-04
a year crt.sh
vars.hotjar.com
Let's Encrypt Authority X3
2019-02-08 -
2019-05-09
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.naranja.com/
Frame ID: 47C1DB00E137EA098F9380E77C5EAF69
Requests: 52 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-P8LHTVV
Frame ID: A8D7354E1EDEAD69AAF2B1F272F7EA74
Requests: 1 HTTP requests in this frame

Frame: https://tn.alfredcx.com//client-ui/link.html?host=https://tn.alfredcx.com/&lang=es&skin=link
Frame ID: 49E2E59783B164EA30AE2A58801CB8D7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d831eecf6f5411af024c3acd759add17.html
Frame ID: 53831CCA9D21A40B4146B12384066EA1
Requests: 1 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=770&src=3&url=https%3A%2F%2Fwww.naranja.com%2F&ref=&utmz=&n=Naranja&md=Somos%20Naranja%2C%20la%20principal%20emisora%20de%20tarjetas%20de%20cr%C3%A9dito%20de%20Argentina.%20%C2%A1Ped%C3%AD%20tu%20tarjeta%20ahora!.%20Promos%20en%20todo%20el%20pa%C3%ADs.%20Pr%C3%A9stamos%20online.%20Seguros...&mk=&il=0&limit_drop=2
Frame ID: 3562AEB716DEE303756AD6DFB30D24B0
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://naranja.com/ HTTP 301
    https://www.naranja.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Overall confidence: 100%
Detected patterns
  • script /zepto.*\.js/i
  • env /^Zepto$/i

Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

54
Requests

93 %
HTTPS

53 %
IPv6

16
Domains

19
Subdomains

18
IPs

4
Countries

651 kB
Transfer

1818 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://naranja.com/ HTTP 301
    https://www.naranja.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-2836626-1&cid=1449710345.1552893507&jid=1802956232&gjid=392072299&_gid=1283837951.1552893507&_u=YGBAgEAB~&z=370763476 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2836626-1&cid=1449710345.1552893507&jid=1802956232&_v=j73&z=370763476

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.naranja.com/
Redirect Chain
  • https://naranja.com/
  • https://www.naranja.com/
165 KB
44 KB
Document
General
Full URL
https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
d2246c22a047e9c9e5b5292391ff9c64ff8051d5670431056fe4489c1ba04bf1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.naranja.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
cache-control
public, max-age=600
content-type
text/html; charset=utf-8
etag
W/"29438-Kk8ngwkOtjEBXMOCqvxkps5VvxM"
vary
Accept-Encoding
date
Mon, 18 Mar 2019 07:18:25 GMT
age
0
server
Aerolab
x-cache
MISS
accept-ranges
bytes
content-encoding
gzip

Redirect headers

status
301
location
https://www.naranja.com/
server
BigIP
styles.cbcc531c261b5deab17d.css
www.naranja.com/
57 KB
41 KB
Stylesheet
General
Full URL
https://www.naranja.com/styles.cbcc531c261b5deab17d.css
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
098c1c6a94083f2c6ecb4179a39c55d42a70b2bfe34a858b62e617d320cbddd2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/styles.cbcc531c261b5deab17d.css
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
etag
W/"e52e-16982537770"
accept-ranges
bytes
logo.svg
www.naranja.com/assets/img/
2 KB
3 KB
Image
General
Full URL
https://www.naranja.com/assets/img/logo.svg
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
c13acb02285e5df6fea36db408eb9818bd5e4167cce1730eb7ed7b8d29607d9e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/logo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/svg+xml
cache-control
public, max-age=31536000
etag
W/"8c0-16982537770"
accept-ranges
bytes
sign-in.svg
www.naranja.com/assets/img/
427 B
1 KB
Image
General
Full URL
https://www.naranja.com/assets/img/sign-in.svg
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
e963a9a37c2d753cee0a431c91a1c5c41bb75e6056785864b74419ff4e6c890f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/sign-in.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/svg+xml
cache-control
public, max-age=31536000
etag
W/"1ab-16982537770"
accept-ranges
bytes
Hero-1-1366x588-C_2.png
images.ctfassets.net/yxlyq25bynna/1CrnchRk7KIGyAquaMWoos/e7cd57b0fb24f6f77e9e2beed9f2e34d/
37 KB
38 KB
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/1CrnchRk7KIGyAquaMWoos/e7cd57b0fb24f6f77e9e2beed9f2e34d/Hero-1-1366x588-C_2.png?fm=webp&q=70
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
be0b3f4626f558ac2b43819f9a23871123a08656555b9e08102946eb9561ac6b

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 19:21:33 GMT
via
1.1 varnish, 1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
server
Contentful Images API
age
4449412
etag
"b8d24025208ecff722712e45189f502b"
x-cache
Hit from cloudfront
content-type
image/webp
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
38074
x-amz-cf-id
ufcBnrDzbExR-RSZ8Gv1QnwvjCpgZsisjHO-WVaNSoXhl4PduGgEpA==
iconmonstr-facebook-1.svg
images.ctfassets.net/yxlyq25bynna/47vcW6V1POmkooKMOe0GUG/3a071249a63ee95fd6ab7cde8363d2f7/
248 B
567 B
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/47vcW6V1POmkooKMOe0GUG/3a071249a63ee95fd6ab7cde8363d2f7/iconmonstr-facebook-1.svg
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
27edc5841117cbaf3e06077e1c1c975d72c265075665d604c6bff1152bfda42e

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 20 Jan 2019 10:03:35 GMT
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
server
Contentful Images API
age
4914891
etag
"e5722e2866cc84d7c830f946a4bc6b7b"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
248
x-amz-cf-id
Lq-1mQHSzP-CxCM8bnRSQeK-Du-wAOOwJKw23G3H64rI2TDXO-7U2g==
Twitter_Bird.svg
images.ctfassets.net/yxlyq25bynna/2LKatnIqEo2g2u8eWqcCWi/a2f08ed53cc856b2f04b759f468f2310/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/2LKatnIqEo2g2u8eWqcCWi/a2f08ed53cc856b2f04b759f468f2310/Twitter_Bird.svg
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
feaf77f5f47a02935869dec67b63f4a3a0d313d6b555060828ec1528da81463d

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 20 Jan 2019 10:03:35 GMT
content-encoding
gzip
server
Contentful Images API
age
4914891
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
x-amz-cf-id
oWPeAf3GRA5qD7wvknZWybXarsUIa_AcCP7pcAtxG-UqXyH-MDLaIQ==
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
instagram.svg
images.ctfassets.net/yxlyq25bynna/7BQ7uIdUzusW8Woe0cUCmo/4571f45ed723342e32c62e87676a8f46/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/7BQ7uIdUzusW8Woe0cUCmo/4571f45ed723342e32c62e87676a8f46/instagram.svg
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
93bbf32177b8e21480fd8c1e4a9a5ee9f8ff6a301eed3a975d63e48c6a5884c1

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Feb 2019 17:25:28 GMT
content-encoding
gzip
server
Contentful Images API
age
3246778
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
x-amz-cf-id
jujRHtCkPax4kFt6hDZaK-czjHWMlHFSacZ3EWolxeLvmKDazcCOMQ==
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
YouTube_light_icon__2017_.svg
images.ctfassets.net/yxlyq25bynna/5Ob2ojzjPiIgcWaAoIgS6W/5526cd944e43b2a1bc285a9c17f069d1/
3 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/5Ob2ojzjPiIgcWaAoIgS6W/5526cd944e43b2a1bc285a9c17f069d1/YouTube_light_icon__2017_.svg
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
396f05dcb58adb3d50298623ada8cf9cdaf05d4b6e888539b540d357bc378f6c

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 23 Jan 2019 01:32:20 GMT
content-encoding
gzip
server
Contentful Images API
age
4686365
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
x-amz-cf-id
089rFZ_0TsHieMIlfcnIrr1V-djZUO9o10iDT3pRqIx5MAkKUNMuEg==
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
34227.svg
images.ctfassets.net/yxlyq25bynna/ejS1311KqOYw4SmiWWwQ4/a548b0fe7a7e58728161ff711d85c808/
1 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/ejS1311KqOYw4SmiWWwQ4/a548b0fe7a7e58728161ff711d85c808/34227.svg
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
4e41012defc269ae7b8e291278cd9347ac038baf2ed2e22ff2d4a8ebe4c0f332

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 23 Jan 2019 01:32:20 GMT
content-encoding
gzip
server
Contentful Images API
age
4686365
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
x-amz-cf-id
6YxIQwLWlRllfScQjZnjRhzsmegry2yZIRWCrvHE67QpeYIBigeuIQ==
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
runtime.9d4cd89ad4dd5d63b4c8.js
www.naranja.com/
1 KB
2 KB
Script
General
Full URL
https://www.naranja.com/runtime.9d4cd89ad4dd5d63b4c8.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/runtime.9d4cd89ad4dd5d63b4c8.js
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
etag
W/"5a0-16982537770"
accept-ranges
bytes
polyfills.59e447253ff10b48649b.js
www.naranja.com/
63 KB
29 KB
Script
General
Full URL
https://www.naranja.com/polyfills.59e447253ff10b48649b.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
5a42dead0a8ca2f43d7ae0d268d48c8ef4f3cfd3fd7eebd557be12d00d339812
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/polyfills.59e447253ff10b48649b.js
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
etag
W/"fb30-16982537770"
accept-ranges
bytes
main.d28d6881f5389c973941.js
www.naranja.com/
607 KB
196 KB
Script
General
Full URL
https://www.naranja.com/main.d28d6881f5389c973941.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
7daf2cc43016620f4b9ad27a1db033f2826f954be536d98418a03224786414a3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/main.d28d6881f5389c973941.js
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
etag
W/"97d2c-16982537770"
accept-ranges
bytes
truncated
/
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3906755a6e1dded176e99e96b171b2394e68593d1ae3f3afcbc2b97138511c3e

Request headers

Response headers

Content-Type
image/svg+xml
search.svg
www.naranja.com/assets/img/
671 B
2 KB
Image
General
Full URL
https://www.naranja.com/assets/img/search.svg
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
cadc15dcc614188ded8aa14804ea6a69a6ea2cd31a5abd65a3b535d197b4f343
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/img/search.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/svg+xml
cache-control
public, max-age=31536000
etag
W/"29f-16982537770"
accept-ranges
bytes
geometric-regular.woff2
www.naranja.com/assets/fonts/
13 KB
14 KB
Font
General
Full URL
https://www.naranja.com/assets/fonts/geometric-regular.woff2
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
c4b42f21717f1f1ea0ede361e5fc164a92c020019d920009ecd68379e9edd804
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/fonts/geometric-regular.woff2
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/styles.cbcc531c261b5deab17d.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/styles.cbcc531c261b5deab17d.css
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/font-woff2
cache-control
public, max-age=31536000
etag
W/"3388-16982537770"
accept-ranges
bytes
geometric-semibold.woff2
www.naranja.com/assets/fonts/
13 KB
14 KB
Font
General
Full URL
https://www.naranja.com/assets/fonts/geometric-semibold.woff2
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
fb4362cbf02065dd535ce191c866546e5916f13c617fa60cdfa71fa4de79dc10
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/fonts/geometric-semibold.woff2
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/styles.cbcc531c261b5deab17d.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/styles.cbcc531c261b5deab17d.css
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/font-woff2
cache-control
public, max-age=31536000
etag
W/"353c-16982537770"
accept-ranges
bytes
geometric-bold.woff2
www.naranja.com/assets/fonts/
13 KB
14 KB
Font
General
Full URL
https://www.naranja.com/assets/fonts/geometric-bold.woff2
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
a61139e03be1b4861e7ab73540a737cbe9567a29c55d4cce9fc336a6a1d16adb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/fonts/geometric-bold.woff2
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/styles.cbcc531c261b5deab17d.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/styles.cbcc531c261b5deab17d.css
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:25 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/font-woff2
cache-control
public, max-age=31536000
etag
W/"34cc-16982537770"
accept-ranges
bytes
truncated
/
15 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.naranja.com

Response headers

Content-Type
font/woff2;charset=utf-8
zepto.min.js
www.naranja.com/assets/js/
17 KB
9 KB
Script
General
Full URL
https://www.naranja.com/assets/js/zepto.min.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/main.d28d6881f5389c973941.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
c64109284b2a90c340b95066582357ca644f1a59fb9bd1112bc4b34136e8380f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js/zepto.min.js
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:26 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
etag
W/"423f-16982537770"
accept-ranges
bytes
gtm.js
www.naranja.com/assets/js/
340 B
1 KB
Script
General
Full URL
https://www.naranja.com/assets/js/gtm.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/main.d28d6881f5389c973941.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
3c6662dc5b62c1c5b1a3753195442d8218ccf805808ef4b5912744875d5f3141
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js/gtm.js
pragma
no-cache
origin
https://www.naranja.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/
Origin
https://www.naranja.com

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:26 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
etag
W/"154-16982537770"
accept-ranges
bytes
ns.html
www.googletagmanager.com/ Frame A8D7
0
0
Document
General
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-P8LHTVV
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/main.d28d6881f5389c973941.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.googletagmanager.com
:scheme
https
:path
/ns.html?id=GTM-P8LHTVV
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.naranja.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
content-encoding
br
vary
*
date
Mon, 18 Mar 2019 07:18:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
server
Google Tag Manager (scaffolding)
content-length
202
x-xss-protection
1; mode=block
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
bundle.js
tn.alfredcx.com/client-ui/
4 KB
1 KB
Script
General
Full URL
https://tn.alfredcx.com/client-ui/bundle.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/main.d28d6881f5389c973941.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:2c81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c07dd8a21543da92aa416b9057009818152484031e3212dd03aef9cd47147f

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Jan 2019 00:59:12 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
cf-ray
4b956ebfab12bebc-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-access-token, x-accepted-format
expires
Tue, 17 Mar 2020 07:18:26 GMT
lazysizes.min.js
www.naranja.com/assets/js/
7 KB
5 KB
Script
General
Full URL
https://www.naranja.com/assets/js/lazysizes.min.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/main.d28d6881f5389c973941.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
3ef181cc7897d79203b2f58a21ece09b32191f6a4bb93965b9983d39ec97f354
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js/lazysizes.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:26 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
etag
W/"1a5d-16982537770"
accept-ranges
bytes
headroom.min.js
www.naranja.com/assets/js/
5 KB
3 KB
Script
General
Full URL
https://www.naranja.com/assets/js/headroom.min.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/main.d28d6881f5389c973941.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.57.3.149 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
express.kzoinnovations.com
Software
Aerolab /
Resource Hash
0c9142d64a8885e954464bb36b402f61a97947132da732e3161b275487ae93e5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/js/headroom.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.naranja.com
referer
https://www.naranja.com/
:scheme
https
:method
GET
Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 15 Mar 2019 17:08:22 GMT
server
Aerolab
x-frame-options
SAMEORIGIN
date
Mon, 18 Mar 2019 07:18:26 GMT
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
etag
W/"14ef-16982537770"
accept-ranges
bytes
link.html
tn.alfredcx.com//client-ui/ Frame 49E2
0
0
Document
General
Full URL
https://tn.alfredcx.com//client-ui/link.html?host=https://tn.alfredcx.com/&lang=es&skin=link
Requested by
Host: tn.alfredcx.com
URL: https://tn.alfredcx.com/client-ui/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:2c81 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
tn.alfredcx.com
:scheme
https
:path
//client-ui/link.html?host=https://tn.alfredcx.com/&lang=es&skin=link
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.naranja.com/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d43a724ed2ea016bee5ac90087e41c7841552893506
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/

Response headers

status
200
date
Mon, 18 Mar 2019 07:18:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-access-token, x-accepted-format
access-control-allow-methods
GET,PUT,POST,DELETE
cache-control
public, max-age=86400
last-modified
Tue, 26 Feb 2019 18:58:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b956ec04bd4bebc-FRA
content-encoding
br
gtm.js
www.googletagmanager.com/
165 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P8LHTVV
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/assets/js/gtm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
4ba9e144e2e70c92635a5a302825d8a294b519b12dab77521dd5737ce3c6fde5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
br
last-modified
Fri, 15 Mar 2019 13:20:45 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
41400
x-xss-protection
1; mode=block
expires
Mon, 18 Mar 2019 07:18:26 GMT
home-tarjetas.png
images.ctfassets.net/yxlyq25bynna/4xRG0ZgNYQsCaG6KoWmKog/edc9a98a2dca2a6ff84070c22e5ee012/
18 KB
18 KB
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/4xRG0ZgNYQsCaG6KoWmKog/edc9a98a2dca2a6ff84070c22e5ee012/home-tarjetas.png?fm=webp&q=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
6c3d04011670bfef1622d327626c84014d7c476fe8d3e70f4a6792969c3ced04

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 18:42:45 GMT
via
1.1 varnish, 1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
server
Contentful Images API
age
4451741
etag
"0ccaa71523385ce2010d67fba0497b7b"
x-cache
Hit from cloudfront
content-type
image/webp
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
18066
x-amz-cf-id
lHCJNyyG9d0L040WkKE96hOWa1CLevRq8ozc7eXle2jCiH_PGeaqxw==
conversion_async.js
www.googleadservices.com/pagead/
25 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8LHTVV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e4a1fd6e00cce150c24e2f90beb23eedaf4a6b04c9585cc90fa7f40fd6036c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
9519
x-xss-protection
1; mode=block
server
cafe
etag
13516428191004572648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Mar 2019 07:18:26 GMT
hotjar-551172.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-551172.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8LHTVV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.239 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-28
Software
openresty /
Resource Hash
254b56cac0c0ffecc2497a36e3d11f670a928debee0eaa4c4dfb4e4984f87817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
0
status
200
access-control-max-age
600
section-io-cache
Miss
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/cd3c95c50f6dcfdc34029c8e854c3bcc
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.070
accept-ranges
bytes
section-io-id
651c7bdade7329408f91f7f5d8080384
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8LHTVV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.46.112 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
gzip
age
26279
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-tw-lon2-cr1-2-TWLON2
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1552893507.779856,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/
52 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
h4+6zCtNlK58nDaKWB89xRaxKttAuuZDjCoRYf0mIcAp/oUpbKf6HqNwHF/klSGEvvCVSYV/zR1bDMkaU6jV+Q==
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Mar 2019 07:18:26 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
15216
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader
api.retargetly.com/
14 KB
6 KB
Script
General
Full URL
https://api.retargetly.com/loader?id=770
Requested by
Host: www.naranja.com
URL: https://www.naranja.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8a43 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a32090c97263bc9dfb330afce9ba2c20eec0404c01b3d3401fc5bbc233a04c

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 07:18:27 GMT
content-encoding
gzip
content-type
application/javascript
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
200
cache-control
no-cache
cf-ray
4b956ec16fa6c2fb-FRA
expires
0
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8LHTVV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
5492
date
Mon, 18 Mar 2019 05:46:54 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Mon, 18 Mar 2019 07:46:54 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975346106/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975346106/?random=1552893506740&cv=9&fst=1552893506740&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fwww.naranja.com%2F&tiba=Naranja&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e3f430b19f5d2f94daad4889163b3b4c206eb44b34ad0f7b973ab17ec6046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
904
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/975345986/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975345986/?random=1552893506746&cv=9&fst=1552893506746&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fwww.naranja.com%2F&tiba=Naranja&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
506a98c3daad67da250b47669de18e3dcc9acc4800971a218e1bdd08339e39b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
906
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
808259462615049
connect.facebook.net/signals/config/
20 KB
7 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/808259462615049?v=2.8.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cae5834b830d162c8d668973e9ad8b130ddce68f49899762583d717f45ef270e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
0Fq3galRDuVt0d0lLWPXG1f/PuNGm+gjqs9BzuW9R263z07+LRUxnXgDV6PnHv2pNgj1HudajHfICn1cbU4gvw==
date
Mon, 18 Mar 2019 07:18:26 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/
35 B
120 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naranja.com/
Origin
https://www.naranja.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 07:18:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://www.naranja.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/
35 B
102 B
Other
General
Full URL
https://www.google-analytics.com/r/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naranja.com/
Origin
https://www.naranja.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 07:18:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://www.naranja.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-2836626-1&cid=1449710345.1552893507&jid=1802956232&gjid=392072299&_gid=1283837951.1552893507&_u=YGBAgEAB~&z=370763476
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2836626-1&cid=1449710345.1552893507&jid=1802956232&_v=j73&z=370763476
0
0

/
www.google.com/pagead/1p-user-list/975345986/
42 B
109 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/975345986/?random=1552893506746&cv=9&fst=1552892400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fwww.naranja.com%2F&tiba=Naranja&async=1&fmt=3&cdct=2&is_vtc=1&random=1706651225&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 07:18:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/975345986/
0
0

/
www.google.com/pagead/1p-user-list/975346106/
42 B
109 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/975346106/?random=1552893506740&cv=9&fst=1552892400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fwww.naranja.com%2F&tiba=Naranja&async=1&fmt=3&cdct=2&is_vtc=1&random=4005136666&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 07:18:26 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/975346106/
0
0

modules-e39a5507cbb05f5d456097501c919882.js
script.hotjar.com/
403 KB
84 KB
Script
General
Full URL
https://script.hotjar.com/modules-e39a5507cbb05f5d456097501c919882.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-551172.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.82 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-29
Software
/
Resource Hash
f5ee20343782e170511daaa30e087970a5dec8ad9ad108ed0e174d0ec583dbf3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Mar 2019 14:50:32 GMT
access-control-allow-origin
*
etag
W/"e39a5507cbb05f5d456097501c919882"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.036
section-io-origin-status
200
accept-ranges
bytes
section-io-id
d22b92385fdb04b640f9b901fd5e969d
content-length
85707
collect
www.google-analytics.com/
35 B
102 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.naranja.com/
Origin
https://www.naranja.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Mar 2019 07:18:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://www.naranja.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/
31 B
673 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxkpg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.naranja.com%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
112
pragma
no-cache
last-modified
Mon, 18 Mar 2019 07:18:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3097ac0fd48983b6aa371f6c656f5928
x-transaction
004ffbd700f0885b
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/
43 B
486 B
Image
General
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxkpg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
117
pragma
no-cache
last-modified
Mon, 18 Mar 2019 07:18:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
843fa30e94c3e2bc327e727f36414b46
x-transaction
00a2cbca005e8672
expires
Tue, 31 Mar 1981 05:00:00 GMT
ga-audiences
www.google.de/ads/
0
0

box-d831eecf6f5411af024c3acd759add17.html
vars.hotjar.com/ Frame 5383
0
0
Document
General
Full URL
https://vars.hotjar.com/box-d831eecf6f5411af024c3acd759add17.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-551172.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.205.49 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-26
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-d831eecf6f5411af024c3acd759add17.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.naranja.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/

Response headers

status
200
date
Mon, 18 Mar 2019 07:18:28 GMT
content-type
text/html
content-length
894
cache-control
max-age=31536000
last-modified
Fri, 15 Mar 2019 20:31:45 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.031
etag
W/"d831eecf6f5411af024c3acd759add17"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
c5ae601d4c0bba3f599c3e86f051a58b
2044861579133673
connect.facebook.net/signals/config/
20 KB
7 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2044861579133673?v=2.8.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d75754b043f4226351fdbbe74f13f3f039619bfbc665807acb86351036cd1cb2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
8N0gulTyefcrZaryANIdFJBybNFzNh4zb2+v6ee1HWIqDycbJcGabBsqnEkKa1OOU7saojXTp+hkdRKpE5D3zw==
date
Mon, 18 Mar 2019 07:18:27 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
248 B
Image
General
Full URL
https://www.facebook.com/tr/?id=808259462615049&ev=PageView&dl=https%3A%2F%2Fwww.naranja.com%2F&rl=&if=false&ts=1552893506934&sw=1600&sh=1200&v=2.8.42&r=stable&ec=0&o=28&fbp=fb.1.1552893506933.1383775553&it=1552893506753&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 18 Mar 2019 07:18:26 GMT
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2044861579133673&ev=PageView&dl=https%3A%2F%2Fwww.naranja.com%2F&rl=&if=false&ts=1552893507034&sw=1600&sh=1200&v=2.8.42&r=stable&ec=0&o=28&fbp=fb.1.1552893506933.1383775553&it=1552893506753&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Mar 2019 07:18:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 18 Mar 2019 07:18:27 GMT
api
api.retargetly.com/ Frame 3562
0
0
Document
General
Full URL
https://api.retargetly.com/api?id=770&src=3&url=https%3A%2F%2Fwww.naranja.com%2F&ref=&utmz=&n=Naranja&md=Somos%20Naranja%2C%20la%20principal%20emisora%20de%20tarjetas%20de%20cr%C3%A9dito%20de%20Argentina.%20%C2%A1Ped%C3%AD%20tu%20tarjeta%20ahora!.%20Promos%20en%20todo%20el%20pa%C3%ADs.%20Pr%C3%A9stamos%20online.%20Seguros...&mk=&il=0&limit_drop=2
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8a43 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
api.retargetly.com
:scheme
https
:path
/api?id=770&src=3&url=https%3A%2F%2Fwww.naranja.com%2F&ref=&utmz=&n=Naranja&md=Somos%20Naranja%2C%20la%20principal%20emisora%20de%20tarjetas%20de%20cr%C3%A9dito%20de%20Argentina.%20%C2%A1Ped%C3%AD%20tu%20tarjeta%20ahora!.%20Promos%20en%20todo%20el%20pa%C3%ADs.%20Pr%C3%A9stamos%20online.%20Seguros...&mk=&il=0&limit_drop=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.naranja.com/
accept-encoding
gzip, deflate, br
cookie
__cfduid=de20e9ac164b68723e6b965836b8eb69e1552893506
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.naranja.com/

Response headers

status
200
date
Mon, 18 Mar 2019 07:18:27 GMT
content-type
text/html
set-cookie
_rlid=34f71332-12e0-4394-93b9-42cbb0f3bfab; domain=.retargetly.com; path=/; expires=Sat, 14 Sep 2019 07:18:27 GMT _rlsnc=0; domain=.retargetly.com; path=/; expires=Mon, 18 Mar 2019 07:18:27 GMT _rlmp1=10||1552893508&&11||1552893508; domain=.retargetly.com; path=/; expires=Sat, 14 Sep 2019 07:18:27 GMT
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
pragma
no-cache
expires
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4b956ec48fedc2fb-FRA
content-encoding
gzip
pos700__1_.png
images.ctfassets.net/yxlyq25bynna/2dXF2BefbaskIcCscEkkum/a17efef9bc727070a1a0a475b29da4fc/
15 KB
15 KB
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/2dXF2BefbaskIcCscEkkum/a17efef9bc727070a1a0a475b29da4fc/pos700__1_.png?fm=webp&q=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
6ab776c0c7d5ecfe65ec299db7b649fd0cae351ae2a1c48dc325497481f433e4

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 25 Jan 2019 18:42:44 GMT
via
1.1 varnish, 1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
server
Contentful Images API
age
4451743
etag
"fed54f140afb6baeeb0366576444d764"
x-cache
Hit from cloudfront
content-type
image/webp
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
14920
x-amz-cf-id
UnlUuix9h2JbkKZQ2id3v6ZgqFHfVHTk426gEk8Nb6EVcH_E7Bnb4Q==
sitio-fuera-naranja.png
images.ctfassets.net/yxlyq25bynna/29xgiOvEmceMUskk4wycsC/78e0d95f099c0882feaecce8b8fcc931/
647 B
962 B
Image
General
Full URL
https://images.ctfassets.net/yxlyq25bynna/29xgiOvEmceMUskk4wycsC/78e0d95f099c0882feaecce8b8fcc931/sitio-fuera-naranja.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c51744dac6c7d5fdf045ec61e31588a1a119f2a8c8ee836f1a6e3b94fdfd0050

Request headers

Referer
https://www.naranja.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 20 Jan 2019 10:03:34 GMT
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
server
Contentful Images API
age
4914894
etag
"de1cabf9f92d01dae8f3397781e87b7e"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
access-control-allow-origin
*
content-length
647
x-amz-cf-id
ud03JYWRd3nzWwEAhIDp-UPxwj0lfCW41J_wkWO5XvPkHgjAlc6XAg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2836626-1&cid=1449710345.1552893507&jid=1802956232&_v=j73&z=370763476
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/975345986/?random=1552893506746&cv=9&fst=1552892400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fwww.naranja.com%2F&tiba=Naranja&async=1&fmt=3&cdct=2&is_vtc=1&random=1706651225&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/975346106/?random=1552893506740&cv=9&fst=1552892400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3b2&sendb=1&frm=0&url=https%3A%2F%2Fwww.naranja.com%2F&tiba=Naranja&async=1&fmt=3&cdct=2&is_vtc=1&random=4005136666&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2836626-1&cid=1449710345.1552893507&jid=1802956232&_v=j73&z=370763476&slf_rd=1&random=1849329133

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| __zone_symbol__loadfalse object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__mousewheelfalse object| __zone_symbol__scrollfalse object| __zone_symbol__touchmovefalse object| __zone_symbol__resizefalse object| __zone_symbol__offlinefalse object| __zone_symbol__onlinefalse object| __zone_symbol__messagefalse function| __zone_symbol__ON_PROPERTYload object| dataLayer function| Zepto function| $ object| lazySizesConfig object| lazySizes object| __zone_symbol__scrolltrue object| __zone_symbol__resizetrue object| __zone_symbol__hashchangetrue function| Headroom object| google_tag_manager function| postscribe function| hj object| _hjSettings function| twq function| fbq function| _fbq number| _rl_cn string| _rl_ptc object| _rl_ids object| _rely object| scripts boolean| pageviewPresent boolean| gaclassicPresent boolean| nogaclassic string| GoogleAnalyticsObject function| ga object| __zone_symbol__appinstalledfalse function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| twttr object| _w object| _d string| eventMethod function| eventer string| messageEvent object| mockingbird function| docReady function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' www.google-analytics.com images.ctfassets.net tn.alfredcx.com www.googletagmanager.com *.hotjar.com; font-src 'self' data: static.hotjar.com; frame-src 'self' api.retargetly.com bid.g.doubleclick.net dis.us.criteo.com gum.criteo.com tn.alfredcx.com vars.hotjar.com www.googletagmanager.com www.googletagmanager.com/ns.html www.youtube.com; img-src 'self' data: images.ctfassets.net *.google-analytics.com *.hotjar.com stats.g.doubleclick.net *.gstatic.com *.criteo.net *.facebook.com *.google.com *.google.com.ar t.co *.ytimg.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com www.youtube.com static.ads-twitter.com googleads.g.doubleclick.net *.hotjar.com *.retargetly.com tn.alfredcx.com *.criteo.com *.criteo.net *.facebook.net *.twitter.com *.google.com *.googleapis.com *.googletagmanager.com *.googleadservices.com 'unsafe-eval' 'unsafe-inline' https://s.ytimg.com; style-src tagmanager.google.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.retargetly.com
connect.facebook.net
googleads.g.doubleclick.net
images.ctfassets.net
naranja.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
t.co
tn.alfredcx.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.naranja.com
www.google.com
www.google.de
104.244.42.131
104.244.42.133
104.244.46.112
147.75.205.49
147.75.33.239
147.75.83.82
172.217.16.162
2600:9000:200d:dc00:12:94b3:c380:93a1
2606:4700:10::6814:8a43
2606:4700:30::6812:2c81
2a00:1450:4001:808::2008
2a00:1450:4001:814::2002
2a00:1450:4001:816::200e
2a00:1450:4001:824::2004
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
50.57.3.149
098c1c6a94083f2c6ecb4179a39c55d42a70b2bfe34a858b62e617d320cbddd2
0c9142d64a8885e954464bb36b402f61a97947132da732e3161b275487ae93e5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
254b56cac0c0ffecc2497a36e3d11f670a928debee0eaa4c4dfb4e4984f87817
27edc5841117cbaf3e06077e1c1c975d72c265075665d604c6bff1152bfda42e
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3906755a6e1dded176e99e96b171b2394e68593d1ae3f3afcbc2b97138511c3e
396f05dcb58adb3d50298623ada8cf9cdaf05d4b6e888539b540d357bc378f6c
3c6662dc5b62c1c5b1a3753195442d8218ccf805808ef4b5912744875d5f3141
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3ef181cc7897d79203b2f58a21ece09b32191f6a4bb93965b9983d39ec97f354
46c07dd8a21543da92aa416b9057009818152484031e3212dd03aef9cd47147f
4ba9e144e2e70c92635a5a302825d8a294b519b12dab77521dd5737ce3c6fde5
4e41012defc269ae7b8e291278cd9347ac038baf2ed2e22ff2d4a8ebe4c0f332
506a98c3daad67da250b47669de18e3dcc9acc4800971a218e1bdd08339e39b2
5a42dead0a8ca2f43d7ae0d268d48c8ef4f3cfd3fd7eebd557be12d00d339812
6ab776c0c7d5ecfe65ec299db7b649fd0cae351ae2a1c48dc325497481f433e4
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
6c3d04011670bfef1622d327626c84014d7c476fe8d3e70f4a6792969c3ced04
7daf2cc43016620f4b9ad27a1db033f2826f954be536d98418a03224786414a3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93bbf32177b8e21480fd8c1e4a9a5ee9f8ff6a301eed3a975d63e48c6a5884c1
9f6e3f430b19f5d2f94daad4889163b3b4c206eb44b34ad0f7b973ab17ec6046
a61139e03be1b4861e7ab73540a737cbe9567a29c55d4cce9fc336a6a1d16adb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
be0b3f4626f558ac2b43819f9a23871123a08656555b9e08102946eb9561ac6b
c13acb02285e5df6fea36db408eb9818bd5e4167cce1730eb7ed7b8d29607d9e
c4b42f21717f1f1ea0ede361e5fc164a92c020019d920009ecd68379e9edd804
c51744dac6c7d5fdf045ec61e31588a1a119f2a8c8ee836f1a6e3b94fdfd0050
c64109284b2a90c340b95066582357ca644f1a59fb9bd1112bc4b34136e8380f
cadc15dcc614188ded8aa14804ea6a69a6ea2cd31a5abd65a3b535d197b4f343
cae5834b830d162c8d668973e9ad8b130ddce68f49899762583d717f45ef270e
d2246c22a047e9c9e5b5292391ff9c64ff8051d5670431056fe4489c1ba04bf1
d75754b043f4226351fdbbe74f13f3f039619bfbc665807acb86351036cd1cb2
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e4a1fd6e00cce150c24e2f90beb23eedaf4a6b04c9585cc90fa7f40fd6036c2b
e963a9a37c2d753cee0a431c91a1c5c41bb75e6056785864b74419ff4e6c890f
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ee20343782e170511daaa30e087970a5dec8ad9ad108ed0e174d0ec583dbf3
f9a32090c97263bc9dfb330afce9ba2c20eec0404c01b3d3401fc5bbc233a04c
fb4362cbf02065dd535ce191c866546e5916f13c617fa60cdfa71fa4de79dc10
feaf77f5f47a02935869dec67b63f4a3a0d313d6b555060828ec1528da81463d