bemestarglobal.fun Open in urlscan Pro
2606:4700:3030::6812:3ce3 Public Scan

URL:
https://bemestarglobal.fun/
Submission: On December 01 via api (December 1st 2020, 3:54:22 am UTC) from BR

Summary HTTP 141 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 141 HTTP transactions. The main IP is 2606:4700:3030::6812:3ce3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bemestarglobal.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time bemestarglobal.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
70	2606:4700:303... 2606:4700:3030::6812:3ce3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
10	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
141	14

70 2606:4700:3030::6812:3ce3 (United States)

ASN13335 (CLOUDFLARENET, US)

bemestarglobal.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

971c1d5879351affb372f6baca1150b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	bemestarglobal.fun bemestarglobal.fun	2 MB
25	googlesyndication.com 971c1d5879351affb372f6baca1150b2.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	210 KB
15	ampproject.org cdn.ampproject.org	291 KB
12	gstatic.com fonts.gstatic.com	158 KB
11	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	151 KB
4	google.com 1 redirects adservice.google.com www.google.com	461 B
3	googleapis.com fonts.googleapis.com	3 KB
1	google.nl adservice.google.nl	803 B
0	bemestarglobal.com.br Failed www.bemestarglobal.com.br Failed
141	9

	Domain	Requested by
70	bemestarglobal.fun	bemestarglobal.fun
20	tpc.googlesyndication.com	bemestarglobal.fun cdn.ampproject.org securepubads.g.doubleclick.net tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
12	fonts.gstatic.com	fonts.googleapis.com
10	securepubads.g.doubleclick.net	bemestarglobal.fun securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com	1 redirects bemestarglobal.fun
3	fonts.googleapis.com	bemestarglobal.fun securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	bemestarglobal.fun
1	971c1d5879351affb372f6baca1150b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
0	www.bemestarglobal.com.br Failed	bemestarglobal.fun
141	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.nl GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://bemestarglobal.fun/
Frame ID: 21A47AF05B49430194FE8A392452655C
Requests: 94 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 3F72BD37A4D26756888726A47FBB75FB
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: C6CAE4BBEA2A28818DC96AC7531E4A1F
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: D2F971FAA47A75ED3047FCA203B4DB2B
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: DC639480C03CA83EB1F50AF25463BE4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

141
Requests

99 %
HTTPS

92 %
IPv6

9
Domains

13
Subdomains

14
IPs

2
Countries

3112 kB
Transfer

5611 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

141 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bemestarglobal.fun/ 189 KB
23 KB 955ms
929ms Document
text/html 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.1.19

Resource Hash

581dcb4deaceeec55414897296ce6379dd52b92ff4249826da55fd254612df88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: bemestarglobal.fun
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d5d5aa64bc412752cd3cdba39786b885b1606794842; expires=Thu, 31-Dec-20 03:54:02 GMT; path=/; domain=.bemestarglobal.fun; HttpOnly; SameSite=Lax PHPSESSID=r44tusl7r7gd4ihor5docc992s; path=/
cache-control: private
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
x-powered-by: PHP/7.1.19
link: <https://bemestarglobal.fun/wp-json/>; rel="https://api.w.org/" <https://bemestarglobal.fun/>; rel=shortlink
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 06be08a949000064f192280000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b7r0xM94E6asZR0OC6BZTmeOQOcPiRMlQFGYU8d1t3FBEcG4JNnUmYNQ2FodneYiRP3pHMRf9rxLlSYMvtUU6fBkfwn7QOgSdlfryJsKoyKhSnsma3BvsbaOfx%2Fa9xM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fa9dd554a9364f1-FRA
content-encoding: br

GET
H2 200 style.min.css
bemestarglobal.fun/wp-includes/css/dist/block-library/ 40 KB
6 KB 380ms
377ms Stylesheet
text/css 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/css/dist/block-library/style.min.css?ver=5.3.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Jun 2020 12:54:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8b2ff262ef3fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2FUJ1EIwhukUclwPr%2F8nCP4wdJ8hk0%2FVvX%2BS33pCeJyVL%2FRddRS9oiFa55xUe9xQuE%2FEVf5qzo0tHOOzMD9BI2QCEfRhyVScLqJawibTdDBidxMzto33H3tE%2BPWd0%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd5b1b1a64f1-FRA
cf-request-id: 06be08acf0000064f1a8940000000001

GET
H2 200 styles.css
bemestarglobal.fun/wp-content/plugins/contact-form-7/includes/css/ 2 KB
861 B 260ms
258ms Stylesheet
text/css 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:46:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"805369fd78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1c1%2Fy0BquStTkUyvxFSIh8WV%2BoYZR2KsjPtDyKPAO1aLJUr4n6gOHslA%2B19GrhTV%2BD3zA9dDDo%2FUmEFEUkHjE4vShwO5g5Ue6yceWivk3TGf%2BQCiBVC3wjlIYNngvdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd5b1b1b64f1-FRA
cf-request-id: 06be08acf0000064f1b0b7a000000001

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 19ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d44be7cfec3d2c29db1f35a1c5c20fa6db250e512f90deaeb9f2454fe04f578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 03:54:03 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Tue, 01 Dec 2020 03:54:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Dec 2020 03:54:03 GMT

GET
H2 200 style.css
bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/ 1 MB
106 KB 852ms
851ms Stylesheet
text/css 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/style.css?ver=8.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ad804e0729dda90e8b0792923635af46f6b3dfb6e82124125f00ca54ac642c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:22:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80d6a69f078d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1pdbrxFrYy7TAAtggTslfEzhvyrpSwUb%2BOf%2F5yyMeAZCtJuSyeDoBDlQITMo0gUZefPLQG0%2F4PTIlnhisRZ7RG3S5VmEypnMDR%2Fog%2BJmk5EJ05kf3LpgcJ3dMYVIq2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd5b1b1c64f1-FRA
cf-request-id: 06be08acf0000064f195b34000000001

GET
H2 200 demo_style.css
bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/includes/demos/health/ 3 KB
864 B 258ms
257ms Stylesheet
text/css 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/includes/demos/health/demo_style.css?ver=8.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fdfb70b5a7b86d40db5e3651f5d66a444ce99fced7303dbef0025a368f2aae7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:22:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80a9758f078d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FlUiqt8BR%2BFz6CIO03d3OaRalR8iC4cOMG%2FZbzeTex05p4FRcHbeePKkhtdMMCn1my5DCGF02MWOiBzBjvKzFEkG9nTcymfn9v2U99sOlhavBZgK9yOZfSn2HgQNvd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd5b1b1d64f1-FRA
cf-request-id: 06be08acf1000064f18e0ff000000001

GET
H2 200 jquery.js Show response
bemestarglobal.fun/wp-includes/js/jquery/ 95 KB
32 KB 497ms
496ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2019 18:17:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0de96251664d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XJWQG77vVBN8PG0twP9bz3QsTfdkvix1mMjIKTB226E1nEuViy5MaSQU%2BgBEKjHPaU%2Bcle%2Br1gzmlO7XEBMIMvUEwdVD7HIQlRcE%2B8mATwiAc9P0z4I3CeQ4lIeFOLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd5b1b1e64f1-FRA
cf-request-id: 06be08acf1000064f17302a000000001

GET
H2 200 jquery-migrate.min.js Show response
bemestarglobal.fun/wp-includes/js/jquery/ 10 KB
4 KB 254ms
253ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:13:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"032bad0ee78d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WIiAyDAnx40XglusytUAPLv%2FBpae19HYkTrk9%2FcPMVLma2ptwoYdIWAXeKBa2jmK40nkC3ZjR2coP%2BqFSzWmjTDXCqzrfbdsiHhvJB6NJctskBcOplhP%2FDisKRK%2BDhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd5b1b1f64f1-FRA
cf-request-id: 06be08acf1000064f17423c000000001

GET
H2 200 wp-emoji-release.min.js Show response
bemestarglobal.fun/wp-includes/js/ 14 KB
5 KB 273ms
257ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:43:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"094e07a78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aYchWmKY1Y6XR3zQVxg9r0q9BrkF42RgiGYHC7Qxn5QUKM0ltyLc4n73soh%2FoE873v5cpS9yvirbWP7UheMiP4UWxaHdcWv6ixK42dj07Tb2apyJAr6fFE6X9gZUN3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd617ba264f1-FRA
cf-request-id: 06be08b0f2000064f17e2a3000000001

GET
H2 200 bem-estar-global.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 5 KB
5 KB 273ms
257ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/bem-estar-global.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dc18212454be4bb2ea30886bafa0b509032813706773649174da0305ea5cfa6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4960
cf-request-id: 06be08b0f1000064f1a423a000000001
last-modified: Wed, 29 Jan 2020 19:43:26 GMT
server: cloudflare
etag: "0c3755fdcd6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B986hYMO%2FInKtGJXsGGluY0aYTJkDemtrglbQ0yCFzKxikrLMcaN8iZpntGuii5568na%2FUGlGzrfsdwhLTUVj8JGfmHNKJ%2BcVssEmF12%2Bj0L%2F%2FYYh3I3p8jfUGaafzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd617ba364f1-FRA

GET
H2 200 Alergia-1200x600-1-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 6 KB
6 KB 269ms
253ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/Alergia-1200x600-1-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ea0952a594d985f20247de8733d28aceefc477a16d440f72112fd6615b0637

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 5841
cf-request-id: 06be08b0f2000064f1a423b000000001
last-modified: Sat, 15 Feb 2020 02:47:28 GMT
server: cloudflare
etag: "b785f542aae3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l9NuxG6omPNbkvXerQk7RO2Vsd7O%2FoxjxKv9xlT%2B8%2FklY0PaugA0jd2mCPU0aKSMQJh0y7YT1bGWVKLMkqj5UgiirqYPPE7guFFAtEkd7H9x2Jm5pdSykHOHNCZqDfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618ba464f1-FRA

GET
H2 200 esgotamento-mental-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 8 KB
8 KB 269ms
253ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/esgotamento-mental-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67d6ff9cdaf8e44146217d2171df6de56ba6678c3df0ea57158646c33958ce0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 8187
cf-request-id: 06be08b0f1000064f1a8949000000001
last-modified: Tue, 28 Jan 2020 21:40:20 GMT
server: cloudflare
etag: "07ab78923d6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ym%2BRI9C%2BOdJ4k3vaTCtqb1TFEAaa7GCW%2B1T25p8OMIeiEYN2eOLbzNYKsfZn%2BwlFGZtiymY0ry7tKJLiNIjRgjHnHYbUhMNW%2B1SE2Cg7O%2FXfvt%2FKVmbB2Q4LAy38mLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618ba564f1-FRA

GET
H2 200 alimentos-para-o-cerebro-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 12 KB
12 KB 270ms
255ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-para-o-cerebro-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d304ddd6609387906e306e6a81d3810e8d54ede8042b7bd3f87b164ddc2b2139

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 12345
cf-request-id: 06be08b0f1000064f1b0b82000000001
last-modified: Tue, 28 Jan 2020 15:05:24 GMT
server: cloudflare
etag: "0d2cc5decd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9lfiZItQwEOlr8GNWzqVbwyTzVDIYcwJNxr1KkHm7Bg1Caex5Cht47FuuLe7ByjtsznZdQUD3qxMs0Ze%2BGGZkiGg5fHEbEDNCeBHU1g0uEHPsDywdWm7S5%2FqKyly7dA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618ba664f1-FRA

GET
H2 200 imagem27-01-2020-23-01-06-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 56 KB
57 KB 389ms
373ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/imagem27-01-2020-23-01-06-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b9ddc5158dd66c8c64fdd7e2b47bf5a071dd2038ae97e84dcb2ddf9af0ca72

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 57819
cf-request-id: 06be08b0f2000064f173032000000001
last-modified: Mon, 27 Jan 2020 23:00:12 GMT
server: cloudflare
etag: "0e68e8765d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bB6Sr7xhW0FuPzEsLQQSgAjlvMkUWFuRMEkKX%2FiFrAhIr4movBzP4ERUOGWGaaGpNvX6oaSrx9%2BB3Z2gS%2Flnutz2rFZWkzvkA14SrjqnYss559oPX2DoCFckNlZpZJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618ba764f1-FRA

GET
H2 200 surto-de-dengue-em-2020-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 11 KB
11 KB 267ms
252ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/surto-de-dengue-em-2020-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2598484ecad2996835fb9552bb3beeae9b24642f262eddd708a440d1c91f1b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 11120
cf-request-id: 06be08b0f2000064f195b3f000000001
last-modified: Mon, 27 Jan 2020 22:18:09 GMT
server: cloudflare
etag: "80a6bba75fd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9lbXB%2Bg2tGd8c38Q3%2Fjnqh4Xb%2FHtu4bUuS20VFPkgmc4MXPNJrOxxePZ9t1K%2BKiQSST2Mi6tLFizqLB5hsn3E%2BXNy%2BkC%2BGkOQWeDq%2FD23PvuGTuXjLvWhExxig7%2FpT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618ba864f1-FRA

GET
H2 200 dia-mundial-da-alimentacao-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 7 KB
7 KB 270ms
255ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/dia-mundial-da-alimentacao-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17192d14b518552f7c75db83c6134a13d155207bc1feb99cefc04a8b2587797c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7119
cf-request-id: 06be08b0f2000064f18e108000000001
last-modified: Tue, 28 Jan 2020 03:22:54 GMT
server: cloudflare
etag: "03b713a8ad5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h2mmH%2BJ5Zpzq63TA3yh%2FROW1cUsNWOGxv2UXXnVxppZzmR%2FEJOU4d%2BT%2FBfcMopzfilwheXYvA2VSAzdkK7TPzFx9NR72yrUGnTHGMDuDQ3p8Y6nP%2FSJpGKEHxVe4PIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618ba964f1-FRA

GET
H2 200 carne-vermelha-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 10 KB
10 KB 266ms
251ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/carne-vermelha-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d120a0d4e4b4531ca4981e3e176056e571454d03664246609593ea2ef0df8a23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 9741
cf-request-id: 06be08b0f3000064f174245000000001
last-modified: Tue, 28 Jan 2020 02:45:42 GMT
server: cloudflare
etag: "0f11885d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lR%2FRTG461Rn9wsOTQgjoiNtKTqK0wki8HRC7Ne5GSr8H%2FWCDgQOx2Cu3qyeBUCA%2BD5YZ8DfNJu%2FJIPsWCDk%2FeCdercAoXOU7u41jRLDzgWv9CyYR%2Bofo%2Fpo9NcnGZ98%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618baa64f1-FRA

GET
H2 200 cerveja-engorda-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 4 KB
4 KB 266ms
251ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/cerveja-engorda-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9167963c0a983cc4060aa79e8be838a95a615d9841ff20c9c623dcf9787ed60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4273
cf-request-id: 06be08b0f3000064f192293000000001
last-modified: Tue, 28 Jan 2020 01:49:26 GMT
server: cloudflare
etag: "057d02b7dd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KImeDN0uatpFR9P9WRM667t1iUbnVALypfMMMjFDo4n%2FSUSnl9H5NY5WjFO1Mr0vXRFtGLyMxKTYIQRqf3wAYYlmVZdhms0lwXdJpbUDGWVy58S89evsBsmiuxJQMNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bab64f1-FRA

GET
H2 200 alimentos-para-idosos-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 17 KB
17 KB 392ms
378ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-para-idosos-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec7505b9cfcae8ca3528aea18906b30c70f00ff2f4601f0feccd858db830b4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 17501
cf-request-id: 06be08b0f3000064f1ac085000000001
last-modified: Tue, 28 Jan 2020 00:59:28 GMT
server: cloudflare
etag: "0d8dd3076d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zc1X0It3V414kaNeSNoRPAs%2FClvy%2F8hoFaYGs3MTkEGVe6qZORFncpDZVoqoK7GaSnFRJ7AAta9VM4X973CUQ1hRdq8XqWV1XcGiJDPWJUq9urUWRkI234nMqTuCUAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bac64f1-FRA

GET
H2 200 rotulo-de-alimento-anvisa-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 48 KB
49 KB 389ms
375ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/rotulo-de-alimento-anvisa-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3db7e3828bc6cb9feb6d2f77ca2c53cb56510f6ce37b636bccdf6bbb6314abe5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 49619
cf-request-id: 06be08b0f3000064f1a104a000000001
last-modified: Mon, 27 Jan 2020 22:35:00 GMT
server: cloudflare
etag: "0256262d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TVaoD9POQ7hEsZ5U9owRe1trl4YheOmbwS5YwOAu%2BiRZLsSNZel8gE4XWeFpU0sAmxo1vDjPQGlgdqxgN4YemhX2NWV66%2FnvQGY6cCVbGhw74rN%2BAmq9NEuS%2FrW9F8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bad64f1-FRA

GET
H2 200 download-1-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 8 KB
8 KB 275ms
261ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/download-1-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7671dc771f1b919246554263f7dba1e9254ffb127813246bc2e5fe7c3fed55d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7757
cf-request-id: 06be08b0f4000064f19a048000000001
last-modified: Tue, 11 Feb 2020 03:16:56 GMT
server: cloudflare
etag: "8e2951b789e0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TssXt5h13XmglEU%2FDlclJ6YXStubwOT8ST9h1dUNESf%2BoIOHxDw9gl%2BOd72KhLRbFjjCkkf%2FBbloV7xBpXWe6fCo1dpA8hfawZuZQGeS0SlojkHN8PrOQAeI9qwnC5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bae64f1-FRA

GET
H2 200 alongamentos-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 9 KB
9 KB 274ms
260ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/alongamentos-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788b813ee69620dc1c52f2ca56f9e9740ccff4983cefd8103682bf36b67d5825

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 9130
cf-request-id: 06be08b0f4000064f176136000000001
last-modified: Thu, 06 Feb 2020 23:03:28 GMT
server: cloudflare
etag: "fe4897a441ddd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c6cAYSgAwvXQeIZr1wzi4yQ%2FT02EUQkFKHXusYz5Da5iPfj7dkZfyF0dlQYnKUK%2BnSxsc7Lowd8xfnbvPiu01p8hDmG88Ic1Svs6Q%2Bt8M2vjS9%2FOj6oNNfX4y%2F9XbcU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618baf64f1-FRA

GET
H2 200 m3-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
7 KB 283ms
269ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m3-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e77f3c7a238f9edafe7235e2f3ab2daece91c04ac4ce5d3655db9e11d1d8001

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6760
cf-request-id: 06be08b0f5000064f1a92be000000001
last-modified: Mon, 03 Feb 2020 22:48:08 GMT
server: cloudflare
etag: "bdf44a1e4dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=btQywPxcfaGJNqDAu%2FPsDrd5uxeVZg4gFYMm3jyZUmdFdY0bhRLXneCgc4dXlTOFSzQbC4UqL0aWh7DnX0R%2Fe0bKCR%2FT1UmcM%2BDl%2F3cCDRNK%2FopACRTerHlKncxxBok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb064f1-FRA

GET
H2 200 8007-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 4 KB
4 KB 272ms
259ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8007-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

215ac8ba68fd4d0dccc241ebfed79871510048b5dc8ebd81ad3153e0e7a64ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 3812
cf-request-id: 06be08b0f5000064f19925b000000001
last-modified: Mon, 03 Feb 2020 21:27:00 GMT
server: cloudflare
etag: "ca8288abd8dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M41NkwPT8rnjCnylMjbiYOoaf5gzH9aDtP%2BSrT8HlLQSC8bEDL5PXihNraIoBfU4Wv5b3wGv1yEofogTE9biGQnDN59JfsgofFj5SIY684TtRzp8RLQzHGWBhaFlvCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb164f1-FRA

GET
H2 200 8-dicas-para-cuidar-do-bem-estar-dos-idosos-no-verao-1-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 6 KB
6 KB 271ms
257ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8-dicas-para-cuidar-do-bem-estar-dos-idosos-no-verao-1-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf7de96eefe4e4343a183dcdb2b749a6f58b5a4d2f2c7a504214abbde94f365

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6309
cf-request-id: 06be08b0f5000064f173827000000001
last-modified: Mon, 03 Feb 2020 21:04:01 GMT
server: cloudflare
etag: "b712b475d5dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7FSambRrLWB5i7uFBbaW0IeFgDTHKwrWjdTmbD%2FXeRGoqc6j1qLyv3T5sWpSFAdCf9S74DnEFUEG91o7BZQzgQGN0iZJF1j15V28ummDqvTR2BMg08zuwyEq4aMfPOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb264f1-FRA

GET
H2 200 m2-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/02/ 31 KB
31 KB 402ms
389ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m2-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7574fa9f17d50faef16fcdaeef26f281417a24086d7f15abea950f8185f07b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 31602
cf-request-id: 06be08b0f7000064f1a318f000000001
last-modified: Mon, 03 Feb 2020 22:41:41 GMT
server: cloudflare
etag: "c04daa1ae3dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dVYjY3OCdW3wczqO2AwP6r8naEOv%2Bb8zF1lAkQmU%2FyuS6mF5AT8VFQvxVN8SrCYJpEUj7fqqBI3REQjfAh19faR59OMl%2FSD3XDrhTXoiksqBdxSoQ5RgpJNflyztmXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb364f1-FRA

GET
H2 200 m1-218x150.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 6 KB
7 KB 268ms
255ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m1-218x150.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a33ede08db57ecf67b9c46291b98795fe5338c443531096831a90bdfa487e70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 6369
cf-request-id: 06be08b0f6000064f1a423c000000001
last-modified: Mon, 03 Feb 2020 21:47:55 GMT
server: cloudflare
etag: "993b697dbdad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5AteRrl1PluIrWlS0qeOlDhnza3gFf3HZRAqiZLD4cMTGXAB7MK%2FhJ%2F5yUO5zdULkOzkTHcKr8O5aQKGLyXxHAft%2BrO5dG9dXJSMjbmGVw7XIyqV%2F8PwDhLYlrQRl9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb564f1-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 92ms
30ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2e527a3483125d104275304b1fe7dcd1e83ac2bbc1ea65a94eea2184e513cdd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "710 / 108 of 1000 / last-modified: 1606134076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18520
x-xss-protection: 0
expires: Tue, 01 Dec 2020 03:54:04 GMT

GET
H2 200 consumo-de-sal-324x160.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 7 KB
7 KB 271ms
259ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/consumo-de-sal-324x160.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c92335e28e4831921773ad25dc4c31d39fdc3971da4bafb2920625407f17b2cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7200
cf-request-id: 06be08b0f6000064f1a894a000000001
last-modified: Mon, 27 Jan 2020 16:35:41 GMT
server: cloudflare
etag: "80ac2bd02fd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M%2FSFjF7mpei50ErOdkiXL2bjcQ1nBkBnkAJkxtT9AQmM8bwwST5F1NmqaeolfrOPBDPR9%2BofLeQ%2BrJ4i09g6SGYosfEI80IEfxUG3x08fu%2BbLeU2xJ4WKy9WxGnDckY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb664f1-FRA

GET
H2 200 imagem26-01-2020-20-01-53.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 42 KB
42 KB 386ms
374ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/imagem26-01-2020-20-01-53.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

233cd32d5d9208fed2591583130d6f4fe3e2635dd306e365d482c20e13eea5a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 42940
cf-request-id: 06be08b0f6000064f1b0b83000000001
last-modified: Sun, 26 Jan 2020 20:38:54 GMT
server: cloudflare
etag: "03dd9f88d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KXQfGRlooLyyoJwXzDkHhAadoxW%2BycoWlZLEk4qYBHuf%2B9clA5IWShbIi33R3cNyi5CKQrWIvmzZ6Iig%2FdzzTc4lL%2BsyMmNIwguv82VzzOgUlhYjPASkhEISah7Jo%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb764f1-FRA

GET
H2 200 quinoa-amaranto-beneficios-680x385.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 585 KB
587 KB 391ms
379ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/quinoa-amaranto-beneficios-680x385.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ce19e7237d1dd90477f1c5a16841089f731053c49236ea06c6503620e54f29

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 599513
cf-request-id: 06be08b0f7000064f173033000000001
last-modified: Mon, 27 Jan 2020 04:44:22 GMT
server: cloudflare
etag: "0178171ccd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GoVAiB0t8w3hdJtILZEhELyRqHBmc873Ou2ikl3K8mZZ46xkG7J0HpnPSxYUqNf%2BAqaUv%2BK5ATIIDS8vGnpF5ek6NpBE1GLbwxuuWcO6raH9v7Cs3PpYKGG5uEfR6Ms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb864f1-FRA

GET
H2 200 dieta-detox-para-figado-funciona-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 4 KB
5 KB 274ms
262ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/dieta-detox-para-figado-funciona-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de87543f874b15e11d4342e8d0d833c2e8d5860d8669137e49369413c7d3e76a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4425
cf-request-id: 06be08b0f7000064f195b40000000001
last-modified: Sun, 26 Jan 2020 19:15:48 GMT
server: cloudflare
etag: "0caf937dd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n99XC%2F6oF8Mbn9%2B2j7HoO4O2m4Nsob055AIJxf5nBVdt%2Bxxyne9AUtBlmCPIHpi2njlWKYWETAEzaY75RM%2Br7yBvKUnBC91Zvkz8epERmewaK8eJct1hD2AhVIHcqIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bb964f1-FRA

GET
H2 200 vacina-febre-amarela-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 3 KB
3 KB 284ms
273ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/vacina-febre-amarela-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8192c37e90decbb76076dfb5e3de4482e96126fd370deb09aeabbf4050c1b24

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 2729
cf-request-id: 06be08b0f7000064f18e109000000001
last-modified: Mon, 27 Jan 2020 17:47:08 GMT
server: cloudflare
etag: "0f66bcb39d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tpsJlDhhy%2Bd2OslMKNxGZQR7nK%2BpjPK61CxEOu1LVrVZ8N51NWDZ1VvCbyRq5WLYgjcD%2BnJWJQQEzCqVsGc0zAIi6CgoVmfVj3W4IQ8uhDgY7%2Fqdgi%2BTC7Ga2HzfFLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bba64f1-FRA

GET
H2 200 recall-fandangos-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 12 KB
12 KB 271ms
260ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/recall-fandangos-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5062c980491c0f1df06545a8b3c65e247e8955f3e35793a12c3853ddbee5cb8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 11853
cf-request-id: 06be08b0f8000064f195361000000001
last-modified: Mon, 27 Jan 2020 19:26:27 GMT
server: cloudflare
etag: "803343ab47d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FEHfS0sbHBMFTDKBV9bHyGu7oa%2FkWJiVjKLtcxFGg38S%2F9ryYBFEhwbdn7FRABC2IY3AlBIIUDxZGrG1xw5n54NI3SW3QV9O%2FAsC7gIBr%2F3XxlPvz9xK9HQZa%2F0iOYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bbb64f1-FRA

GET
H2 200 mulher-praticando-corrida-na-rua-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 51 KB
51 KB 387ms
376ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/mulher-praticando-corrida-na-rua-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928c9e2fb4906531b454d8cc95e0ec568849840bf43f99a79b6a3d1d9801cf80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 52298
cf-request-id: 06be08b0f8000064f174246000000001
last-modified: Mon, 27 Jan 2020 08:24:41 GMT
server: cloudflare
etag: "806aa438ebd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NfDEUfNLArtaarYBqBdyP%2B6JSJ4fh4fen5vKtWvDkFaWr5ZIkYC51bu5kTzharLj0hLLQbNCaMiz6qcb9%2Bsx9JzL7SsfWaS197kgvMK4oLVS7MNJbfPSYeNzDd1soBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bbc64f1-FRA

GET
H2 200 alimentos-e-bebidas-que-causam-manchas-nos-dentes-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 7 KB
7 KB 279ms
268ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-e-bebidas-que-causam-manchas-nos-dentes-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9091ad8ab447fd9b230306e328c9a397f39eba4a7570c9ee2545ae487f5f35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7152
cf-request-id: 06be08b0fb000064f174247000000001
last-modified: Mon, 27 Jan 2020 01:22:53 GMT
server: cloudflare
etag: "8014e64bb0d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C0Q7%2BTq%2Fx4DhPeDb4mQyPAlPQQ3RPYQcy0R8JLOZ1J5AJoO%2B5nuZNXtk9DXUUYbzEkscpL2dcFD%2FNOnLjP3tPgTizUMC%2Farl%2B1y3LBRHvHP5gJov3X3Wn4G%2B%2FtwI5js%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bbd64f1-FRA

GET
H2 200 cha-e-bom-pra-que-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 5 KB
6 KB 270ms
260ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/cha-e-bom-pra-que-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073e4a2140fd115de1b6050dc1dcaa7577df5fde701a040036559988d89028eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 5271
cf-request-id: 06be08b0f9000064f1ac086000000001
last-modified: Mon, 27 Jan 2020 01:37:27 GMT
server: cloudflare
etag: "80e5d754b2d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q5yo9zonbmTgvWflPP1mATRf9k5i4V1XfkeV67TRky0L%2FOVZKLUgsHoZuph8tflVkCtDwlnvu0s1oEpP9lf0wgeIQ2wDJygO%2BVzwq0WNe4RyWSTMB8lihbcr7t145rE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bbe64f1-FRA

GET
H2 200 imagem26-01-2020-20-01-53-150x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 31 KB
31 KB 386ms
376ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/imagem26-01-2020-20-01-53-150x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11400cce67fa1ad9d5d9a92732b5b8f1070a61f5f9c9900a81514221c9c58160

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 31575
cf-request-id: 06be08b0f9000064f1a104b000000001
last-modified: Sun, 26 Jan 2020 20:38:54 GMT
server: cloudflare
etag: "03dd9f88d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q5hniRbSq2e5DEobwibcZLZnUnQ6i1FEIU6sKhPGAdFptIPwo%2FlTXSfWb%2FfmOl1WZtOEairPvjlw1Fj83Y3JfQhi95yXRgtGAh8U%2BoW7MQmzAaMko8p8u0c4FMFFFiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bbf64f1-FRA

GET
H2 200 alimentos-e-bebidas-que-causam-manchas-nos-dentes-150x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 5 KB
5 KB 277ms
267ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-e-bebidas-que-causam-manchas-nos-dentes-150x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f58fadf98755f93eda944af2298c8df78f17ae6d70736be373e6f194b183587

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4939
cf-request-id: 06be08b0f9000064f176137000000001
last-modified: Mon, 27 Jan 2020 01:22:53 GMT
server: cloudflare
etag: "8014e64bb0d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wwRvs1quBXUngHrDDluCw4GQBUxlbSZcxpfOJqU%2BYY%2BF%2BkvT1qqrduBoiPocMopIETiXd9Jqaot9r6R4BcKss5%2F56JAwWBH6ctQbbfVKWCrWYSXMLxehEyunRuLLGLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc164f1-FRA

GET
H2 200 esgotamento-mental-150x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 8 KB
8 KB 273ms
263ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/esgotamento-mental-150x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30be37b01cb5ef44586548e57e83820c96df9bba423c84adcb4c10396b737517

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7706
cf-request-id: 06be08b0fa000064f17505d000000001
last-modified: Tue, 28 Jan 2020 21:40:20 GMT
server: cloudflare
etag: "07ab78923d6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7ksmaLd%2FXiablsjhTUE7z2121LOkYG1IsfDdAi8F%2FA2Mvp%2FcMiRR6OlFPc2e%2FzRvTRrjrX%2FiAkq6V1UlVsFKue%2B1HBllJXZhSh6jQs%2FQW%2F1%2B8bXrHpBJ37wK9XxzuMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc264f1-FRA

GET
H2 200 como-proteger-os-olhos-do-sol-150x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 21 KB
21 KB 385ms
377ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/como-proteger-os-olhos-do-sol-150x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

872bd85ff3da101d9f97b11635ecbaa0f87c6b670539fd1ca2aef688771d11d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 21536
cf-request-id: 06be08b0fa000064f19925c000000001
last-modified: Sun, 26 Jan 2020 19:14:19 GMT
server: cloudflare
etag: "8077edce7cd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3AF8uuyulRAkEAOp1%2BC5sZ30SrsRF5dPLJhfJ0hr6C4hZdi0Xqddf1yFMdHvWXNxDlthnBQMwMv9pdLUhFnzQTvnK4NkMaMGFHySuD38p8SSI3yPO%2BoJlpTuwSSoONg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc364f1-FRA

GET
H2 200 recall-fandangos-150x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 8 KB
9 KB 274ms
267ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/recall-fandangos-150x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf20eda28fec100f3340eea8f5084aa42dcc0f49760fc5779e4e770d788cfa7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 8667
cf-request-id: 06be08b0fa000064f19a049000000001
last-modified: Mon, 27 Jan 2020 19:26:27 GMT
server: cloudflare
etag: "803343ab47d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BO2CjwIM7fMH8EtP9e%2Bm7c%2F%2Fu3XNSD0Qg5OseE3Wy29bNAk3KQNpkv9v9SE%2B5t8S6QHBBW6uAQHFIhA5B4FVZkrD8uFt%2BbBQvKQFTwQnHXwcCUQZOLD7CxAS2w6yVig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc464f1-FRA

GET
H2 200 consumo-de-sal-150x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 4 KB
5 KB 277ms
269ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/consumo-de-sal-150x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9432a445935c4b88bab281c92457d2b2574e2224c3cdaf7b77bc1839c876660b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4266
cf-request-id: 06be08b0fb000064f173828000000001
last-modified: Mon, 27 Jan 2020 16:35:41 GMT
server: cloudflare
etag: "80ac2bd02fd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4dRdBdcKKveypjWzqByqzqktRZZ3kSr%2FNJ%2FQ3Gf1ySDlMmQzw4YpUDigYUmRW65bFMqwuYwnZ0UcrpStpdhyt595DaQwkvBR%2FG4g1AzR%2FeptOvfUvMhjjS50CHuwG44%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc564f1-FRA

GET
H2 200 imagem27-01-2020-12-01-08-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 21 KB
21 KB 390ms
383ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/imagem27-01-2020-12-01-08-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff60d1af33b7ff4e1b4477e7ee47dc0ab642e274613715de7d5613ecc5cb9b2e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 21431
cf-request-id: 06be08b0fb000064f1a423d000000001
last-modified: Mon, 27 Jan 2020 12:34:11 GMT
server: cloudflare
etag: "80237513ed5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=70KmaeUCwJWljVwhrgojIevIYu%2BeTetoSIJTroCP%2FEsF4jpf63OARMRIhfrlawUq3MB8yEB12vaVy1QgpI%2BSUB5IdFRH2%2BG%2BSmd2I1njg75bGlUdQvsn4wmakxPbJgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc664f1-FRA

GET
H2 200 pq-o-cabelo-fica-branco-218x150.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 10 KB
10 KB 277ms
270ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/pq-o-cabelo-fica-branco-218x150.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d78326bb7242d59e5f1b35a8da2507a49c2e96c9adb1c97402beb878fd51e5f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 10221
cf-request-id: 06be08b0fb000064f17e2a5000000001
last-modified: Sun, 26 Jan 2020 20:52:13 GMT
server: cloudflare
etag: "80bc1a7c8ad4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QDq5swcjM32mSCiDx0%2F1B9Iuu3MBVJNeVjaoU2Yym8%2BN%2By04Jf9tg%2BeyaAELv8R7VNYcByc64tjGHN4LtbNkQOCVjgdBEc2jxrCB8c%2BEOpFlS8aK58dcCFiRIoiutLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc764f1-FRA

GET
H2 200 mulher-deitada-na-grama-transmitindo-paz-218x150.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 73 KB
73 KB 803ms
796ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/mulher-deitada-na-grama-transmitindo-paz-218x150.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0953d87aeadb41bfc1009d11bd1b506780b50342e61988bcfe6a28ed4973f39f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 74539
cf-request-id: 06be08b0fb000064f1a894b000000001
last-modified: Mon, 27 Jan 2020 20:15:34 GMT
server: cloudflare
etag: "0b7cf874ed5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b5TZ4OW0B0Rs8eO%2Br6rgvdnJfnk7f6jbBwTNIRDcAMoEWCX2cwwByzZ4QHDLfqL0sBv4sc4Pqs8u62GltHGvHuDV%2Bq1Oi%2FBScCFCYboBolSzXZeLGX7GIKhCgMIwnaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc864f1-FRA

GET
H2 200 selenio-para-evitar-osteoporose-324x235.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 49 KB
49 KB 392ms
385ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/selenio-para-evitar-osteoporose-324x235.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0041041f1591c65fb3722acef1f6eefe4f62ad3e389a2adacef4e9f0006b07a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 50031
cf-request-id: 06be08b0fc000064f173034000000001
last-modified: Mon, 27 Jan 2020 14:31:04 GMT
server: cloudflare
etag: "0488671ed5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HQwVgbTRsZDQkatXIXv9tts6DdaT%2BEh8MPwXjTt%2BTbe3LSXJpOA6implH8XuHPFLJDqQk43ece2OAqqPyBbLEzALzn03C4Y6824xbgJcRtYzeS8aw8GTvdv7tgOFDt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bc964f1-FRA

GET
H2 200 vitamina-d-e-bom-pra-que-100x70.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 3 KB
4 KB 272ms
265ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/vitamina-d-e-bom-pra-que-100x70.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9df3598840f444f6c93febdcb2f48ffdb34272986f0f02a9138b32fcc03420a2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 3347
cf-request-id: 06be08b0fc000064f1b0b84000000001
last-modified: Sun, 26 Jan 2020 19:21:09 GMT
server: cloudflare
etag: "80804ec37dd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Eupr5LOi2aU%2BbYwg%2FQCMk5HNApHkyWy282ZAMZ5WNCR9HD5RB2O3HUBllMVJPWaiFEOmyLPUJR0Nt1hiDLP7ZqpgCKMzdgmJzpzMAQVH%2BhxS6qRRI%2BcEW%2FSPQROXPiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bca64f1-FRA

GET
H2 200 violencia-domestica-100x70.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 2 KB
2 KB 272ms
266ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/violencia-domestica-100x70.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24802f5e78146d75d2055c55cd6c65cbae26bfeb1d06bcf60f2f596f82821b53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 1758
cf-request-id: 06be08b0fc000064f195b41000000001
last-modified: Mon, 27 Jan 2020 04:30:54 GMT
server: cloudflare
etag: "013e68fcad4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c212GqLzyZyOpsoGYSPijMZQUlvJc6laoPH%2BWZlA854uoGZ5vO5ThwOsa2YN5gK2AzgS2ynEdYzbsxFrD68oymU0mIMZztYpQUQWA5hCBGpBKqRxJl0vxe6SZgG8OWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bcb64f1-FRA

GET
H2 200 imagem27-01-2020-19-01-11-100x70.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 19 KB
19 KB 391ms
385ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/imagem27-01-2020-19-01-11-100x70.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cb80c9617aace4ffae4b6a1a12d1ac4b218207ef4f3fee54209164f7ecdefe2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 19407
cf-request-id: 06be08b0fd000064f18e10a000000001
last-modified: Mon, 27 Jan 2020 19:45:17 GMT
server: cloudflare
etag: "8084cb4c4ad5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AEZgjjUKesdfpgWqwBDtZV4eoL8Aw%2BDXukBUnybbgnnwScDg8%2BELlOfeROvOEFrrQDLE4Cc9f8rwskCJei%2FYMy0t6eSyYboK17HCewocKlspKj5bvYYH99Xr7co27%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bcc64f1-FRA

GET
H2 200 leites-vegetais-100x70.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 8 KB
9 KB 278ms
271ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/leites-vegetais-100x70.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69239253d70d4ec337e803b6d8fdb1b16d4740636d1e419853becbf72d53641b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 8293
cf-request-id: 06be08b0fd000064f195362000000001
last-modified: Mon, 27 Jan 2020 00:00:20 GMT
server: cloudflare
etag: "042aec3a4d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V7sVHb2g6mIkK5o6gHx7gRuhgCe3gRy5GVN7ueeodyYSCZu8qMwK8DYsx7zAxcns%2BagR2YNyRdG5MZKmVvLW%2FaqMNzUYzul%2B6a9V3mRO5F8f7FMBO0oYjaiMPaU1GQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bcd64f1-FRA

GET
H2 200 como-ter-sono-324x160.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 3 KB
3 KB 269ms
263ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/como-ter-sono-324x160.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32ddd1b40fb14832498568a328bd8c0e1fb362ca0bcdd634637656c15d68f98c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 3052
cf-request-id: 06be08b0fd000064f174248000000001
last-modified: Sun, 26 Jan 2020 19:12:46 GMT
server: cloudflare
etag: "0cb7e977cd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aoTPCPevFA%2FCdp6nGeyDNYgKiL1Bn2WiO29F6BfA7n3MCZs6K7TfAuTlIsGVF8OwujOta%2BnbFtsDvSbYnyiRj5ypHisvR2hT3E3wdx4NIyzK%2FiN5HnROwivmXsG53sg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bce64f1-FRA

GET
H2 200 Alergia-1200x600-1-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
7 KB 275ms
269ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/Alergia-1200x600-1-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea04284a237406470e07671892ef250652f5effcb1b05ba03ba8f0b91ae86b0f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7262
cf-request-id: 06be08b0fe000064f192294000000001
last-modified: Sat, 15 Feb 2020 02:47:28 GMT
server: cloudflare
etag: "ebf0543aae3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hGhuiWOVGKnafP0M0P4EDrMudazHdxX%2F4ObmbmzY3UaxIGfZ8EVfTdYhYlf1ytcjEKn3wEW0IoCkuegvJqnf8z30gZrVA4P85v0q7g3vQIplXW9aEN1tTShgboXwv5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bcf64f1-FRA

GET
H2 200 download-1-275x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 9 KB
10 KB 272ms
266ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/download-1-275x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6659642c4cda14e9e9366d5c4fcf9fdf421db786ebee18948e6bec07ab31462c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 9538
cf-request-id: 06be08b0fe000064f1ac087000000001
last-modified: Tue, 11 Feb 2020 03:16:56 GMT
server: cloudflare
etag: "b4d254b789e0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BcTonhoB7Or8hC2DWKOI2r1VGKO1JsX8yAElDvCx%2BB035XJlBGYMSFNynltMK0KYMpE3X7Ewki%2BkCn6rvmXx9C78sxKeya%2Bo0lqd%2BL5oPZ49Tm9zC1E%2Bn8RK41AW3K0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd064f1-FRA

GET
H2 200 alongamentos-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 12 KB
13 KB 269ms
263ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/alongamentos-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7dad86ca119299aa0677d6e374ab4f868f8fb3aebad5e1e572e3c9daab91ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 12698
cf-request-id: 06be08b0fe000064f1a104c000000001
last-modified: Thu, 06 Feb 2020 23:03:28 GMT
server: cloudflare
etag: "70e99ea441ddd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MteK0dpddqeuQkKws6JJOySBSdZr95s1xsl5BGGGe7HoLPa5NNfApGRDzXXKf3vhkhiyYTsdYU9UEVqmLzHTzfx6F4bKOOtGc2bAU6ZNH%2B9DHf5rocBP0AcIBeDaNnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd164f1-FRA

GET
H2 200 m3-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 11 KB
11 KB 276ms
270ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m3-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1230ca571a79f4bf29245b4ea6abbd99834461fd37d9cbe597fb1bc955b95a04

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 11223
cf-request-id: 06be08b0ff000064f176138000000001
last-modified: Mon, 03 Feb 2020 22:48:08 GMT
server: cloudflare
etag: "52f0551e4dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bb%2FbPHlYfD0GvdH7H3RnEoW%2BJUQDG3g0g5NB6LmzYmEWU%2Fr%2FparZpjd3xtqMQoMM9gFlOXEKLOBlWOHhffhybsVw%2FcLBDJjepMvnqcQ1G%2F8mCdAEdjTCIwPqlFZo1OI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd264f1-FRA

GET
H2 200 m2-324x160.png
bemestarglobal.fun/wp-content/uploads/2020/02/ 48 KB
48 KB 387ms
381ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m2-324x160.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2819a8960e6500a74f45ba78ef007d64b04604e9f51b2e8895f842a52893fd74

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 48720
cf-request-id: 06be08b0ff000064f18f8aa000000001
last-modified: Mon, 03 Feb 2020 22:41:41 GMT
server: cloudflare
etag: "4456c11ae3dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BzotePP9MBr%2F4mqkKONiElGZU96qZHOSOl%2BM2H6sV2ZzJyK299%2BaKHb2sOATumYSKgj%2B7L6psTzqpLhGv7XJfW9oT8ee4T101YcgAfUi%2BghrfRBg54ZqCI%2Fd4OiAvH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd364f1-FRA

GET
H2 200 m1-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
7 KB 267ms
262ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/m1-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62fef6c7e0e4de569c7e2a271193cab4a4dac629503df75093265639fd93bd1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7042
cf-request-id: 06be08b100000064f17505e000000001
last-modified: Mon, 03 Feb 2020 21:47:55 GMT
server: cloudflare
etag: "a678bf97dbdad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2oPIV6YlHXglTSxH1aLRnTv30Vxd5CiYpNhrlIuRplfNfJ6lsVEZ12v82QPpsBQqIOojoCChQmQAMTzWH1nWu%2FWjY%2BBXTLxe%2BP45fI%2Fw9QAnKohfkDfT%2FawkS3iIyo0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd464f1-FRA

GET
H2 200 8007-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 4 KB
4 KB 277ms
272ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8007-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c86783af68588ef60acc0ba2149c546e1f0abf132b5b35648fb3af87d637f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 4082
cf-request-id: 06be08b100000064f1a92c0000000001
last-modified: Mon, 03 Feb 2020 21:27:00 GMT
server: cloudflare
etag: "3bb9babd8dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u76ZjWqW7k%2B8GU8y1QBXotBzBgEhIA8ZQTR%2FbtFPwAKsKCbfohiJg4yWsc%2BCdp14lsjbvAqQN1%2BWdjX09Qev1WySjz5f1N70Wvbnf5DNF8XQLT6b3xSrl9u42wq5en4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd564f1-FRA

GET
H2 200 8-dicas-para-cuidar-do-bem-estar-dos-idosos-no-verao-1-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
8 KB 277ms
272ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/8-dicas-para-cuidar-do-bem-estar-dos-idosos-no-verao-1-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d450f3bc065ae3a613269957140e3183c36dcb8e13658cfcd90e83f800ec615

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7414
cf-request-id: 06be08b100000064f19a04a000000001
last-modified: Mon, 03 Feb 2020 21:04:01 GMT
server: cloudflare
etag: "e194c075d5dad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sMWwrSyJgcuXujSlmMnNN16OHUCR1XPalZ729r36ZnHduny8OycNDJrJ4mSNJuHkC6dCS02wQ%2B0nlLIDrrPZfpALYlnF86Ri1IuWQhEx1xf8TuF%2FGo5ifdqRJ1RuRqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd664f1-FRA

GET
H2 200 saude-bem-estar.jpg1_-324x160.jpg
bemestarglobal.fun/wp-content/uploads/2020/02/ 7 KB
7 KB 277ms
273ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/02/saude-bem-estar.jpg1_-324x160.jpg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffaa77713f0e6251a44c92284921b1ef3b3b375264d6311a0161dff2ddfbc53e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 7215
cf-request-id: 06be08b101000064f173829000000001
last-modified: Mon, 03 Feb 2020 20:22:25 GMT
server: cloudflare
etag: "1421f6a5cfdad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wubVCqBxjD3t7pnNBayB%2FlNhU4cLfxfmCgjL5xPrxlvt7DAaYYf9Ve%2ByqG3ocOl9cgYPA%2B6Ecz%2Bj1jL7fDxirqYlrB9hPMb36Xj7mXus2zVOgGo%2BP9%2FIHqJa6Jc5%2FFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd764f1-FRA

GET
H2 200 esgotamento-mental-324x160.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 12 KB
12 KB 280ms
275ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/esgotamento-mental-324x160.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec70430d7840a8c54f42db530d9fd04cecb409dd23bb14acd099b994ad6e4e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 12284
cf-request-id: 06be08b101000064f1a423e000000001
last-modified: Tue, 28 Jan 2020 21:40:20 GMT
server: cloudflare
etag: "07ab78923d6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=30smFK1Cz7JcBHjEFK6Uny4xk7gX1%2BPobziPZwZjTqji38sRHIbAPD%2Ff8sEc%2FO7eKkEZDutGP%2FodXvw9XeUHsVTYIR0eWvVKJbAdVFSuSHGHE%2BKHZkDsi3TOciFgcr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd618bd964f1-FRA

GET
H2 200 email-decode.min.js Show response
bemestarglobal.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06be08aee5000064f18e102000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ijpW4Pwl5Zzp5D8qzSj6O9KvK6mrL9W7DSbfX0beWHeO7tNMKDpTEwvW0G585IDcvHd1Hbki8nEqWYVn3DnL8QROgDwi0NRZi7USMkxgDGTM5RPNNqSByHkeIE9vPsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fa9dd5e3b5164f1-FRA
expires: Thu, 03 Dec 2020 03:54:03 GMT

GET
H2 200 scripts.js Show response
bemestarglobal.fun/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 384ms
384ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:46:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"805369fd78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ej8J43ZPt42ddELELuF%2BsdeQsQJxS2Z3XGZhMcMC5j5v5KG%2Bc6pZVlxO7h1in1BACD%2BGsnyHQ6uE9%2FnbKD9687hv6eZzqHaEjKQOrcBQnT9VeAXvYuvN8oM2urCPLZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd5e4b5564f1-FRA
cf-request-id: 06be08aef3000064f1a92b9000000001

GET
H2 200 tagdiv_theme.min.js Show response
bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/js/ 203 KB
46 KB 614ms
614ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/js/tagdiv_theme.min.js?ver=8.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57aaa20be325e520dc5700769644f698b4edb96c44287656317c403629d37ebc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:22:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"80d6a69f078d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8ooM1IsGNJnUsVyMXf%2BFbNAaxuxB9r3LZEq8nm%2Bm9ogcEPrf3bKwNEGaMGGnr%2Ffv6fGTYFfa8JsAhbC5wz45BD2ltSj4YuLBazHlukCZMsku%2Feeydg0xaotNKzogA74%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd60bb9264f1-FRA
cf-request-id: 06be08b070000064f195360000000001

GET
H2 200 comment-reply.min.js Show response
bemestarglobal.fun/wp-includes/js/ 2 KB
1 KB 254ms
254ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/comment-reply.min.js?ver=5.3.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:43:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8057aa7c78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FH11VLW4qvKuMwGAlHDw%2Brez2nJCvcsw0tcbbQzG%2FAsh39Uoq92J6AMpr5aeCAwIevFFOAC3sunyW93vvdc7b0xxWoPZ0jlD1P%2FnzW6OCIE8hhapWTCkzxFZsf2nOuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd612b9a64f1-FRA
cf-request-id: 06be08b0bf000064f19a045000000001

GET
H2 200 wp-embed.min.js Show response
bemestarglobal.fun/wp-includes/js/ 1 KB
957 B 275ms
258ms Script
application/javascript 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-includes/js/wp-embed.min.js?ver=5.3.6

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 26 Jan 2020 18:43:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8057aa7c78d4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U1AstWJJL7M0nYTjp7TEOqLykafje96JhY0JjCM9VuCQc7BwGfR9qj3WpHYc1xJO0nNuDRwQbLcHuCKdVuPMkVZJ5rRyfMLBJ1aV3xw67PcgcDqS8zx9tXHptIoxcs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd617ba164f1-FRA
cf-request-id: 06be08b0f0000064f17e2a2000000001

GET 10.jpg
www.bemestarglobal.com.br/wp-content/uploads/2018/11/ 0
0

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 newspaper.woff
bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/images/icons/ 18 KB
12 KB 388ms
387ms Font
font/x-woff 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/images/icons/newspaper.woff?14

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/style.css?ver=8.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d730d958599587aee3ee598871cc31de21c73d08a2d45dc437e62438ae753a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://bemestarglobal.fun
Referer: https://bemestarglobal.fun/wp-content/themes/Newspaper/Newspaper/style.css?ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 10 Nov 2018 12:22:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"013dd7f078d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h2%2FWUDehOO7Lf11R98o2SQLdMpvNV9NyaaVTQ3UWQ4R3upomskOJOBqeRSmMqD7xsqW%2BKaehrJrljd%2BKHw90cQ1B2hnM0DJiIIzHweLvy1ho1V12MVgS%2BwdNSs5OuYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/x-woff
cache-control: private, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fa9dd618bda64f1-FRA
cf-request-id: 06be08b105000064f1a894d000000001

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v18/ 41 KB
42 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v18/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 20:00:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 20:45:21 GMT
server: sffe
age: 546811
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42444
x-xss-protection: 0
expires: Wed, 24 Nov 2021 20:00:33 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 578007
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 24 Nov 2021 11:20:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 11:20:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 578008
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 24 Nov 2021 11:20:36 GMT

GET
H3-Q050 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 11:20:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:34 GMT
server: sffe
age: 405205
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:20:39 GMT

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 11:20:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 405200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:20:44 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 20:01:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 546773
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Wed, 24 Nov 2021 20:01:11 GMT

GET
H3-Q050 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 78ms
50ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Tue, 01 Dec 2020 03:54:04 GMT

GET
H2 200 hamburguer-vegetal-534x453.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 203 KB
204 KB 371ms
370ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/hamburguer-vegetal-534x453.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c0291abf473623c8a57ed5623c9842d6508512b033fb1e4158919d74309db6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 208129
cf-request-id: 06be08b1b4000064f17e2a7000000001
last-modified: Sun, 26 Jan 2020 19:31:16 GMT
server: cloudflare
etag: "05a1b2d7fd4d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AjQaZyRDhdA7HZL6Ll3HrZO0IiadmDkxeDVO7JljtbNDt%2F06rlck7G8pkFTDblxZSi4I2yk%2B5wRy5tcps7dpM7FxkJe6H%2B4EXcg94clxKoKvbPb5R5I5ribL8Ugj7%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd62bbed64f1-FRA

GET
H2 200 nutrientes-de-cenoura-e-beterraba-534x453.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 288 KB
289 KB 371ms
370ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/nutrientes-de-cenoura-e-beterraba-534x453.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb149a716fed343e15296bc8e47cc2c9d5159eaba0673c15358c775b533fb34a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 295265
cf-request-id: 06be08b1b8000064f1b0b86000000001
last-modified: Mon, 27 Jan 2020 12:30:03 GMT
server: cloudflare
etag: "8057a37fdd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k3HCmHCpCZsBdiwR9wNxSRqmd3pW72x3WwMF0kT3hrkNOlwNF9d4m5z2rWp24PX99bnZbNnlxi2a7fvGNFNvtrGBbqLAzCGydBvNNf9IQ5jpdeZrh23NlROadOmjisg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd62bbee64f1-FRA

GET
H2 200 alimentos-para-idosos-534x453.png
bemestarglobal.fun/wp-content/uploads/2020/01/ 123 KB
124 KB 376ms
376ms Image
image/png 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/alimentos-para-idosos-534x453.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adf3f89f9645c1cbcb72215af484ff29ff7098fb2b1b94b18ea2493dd130756

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 126150
cf-request-id: 06be08b1b8000064f195b43000000001
last-modified: Tue, 28 Jan 2020 00:59:28 GMT
server: cloudflare
etag: "0d8dd3076d5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kVGALeP4G%2F2gFN5gbTeFYI5%2F5l9ELgYHjMs38nXC3FTZidYdhcsxlSPYN1lNu8ACqqcPrAFvJxw%2FpeYuap0X1xJBmq20mphDMWg4%2FO8%2BuKqzCfVf7ZUFzK3s%2FtmuSZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd62bbef64f1-FRA

GET
H2 200 surto-de-dengue-em-2020-534x462.jpeg
bemestarglobal.fun/wp-content/uploads/2020/01/ 59 KB
59 KB 373ms
373ms Image
image/jpeg 2606:4700:3030::6812:3ce3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemestarglobal.fun/wp-content/uploads/2020/01/surto-de-dengue-em-2020-534x462.jpeg

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6812:3ce3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd08d7c252ea08ccdbcded2b8842eb1e2ffc6a7a81bccb12847e80b12fd9b72

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:04 GMT
vary: Accept-Encoding
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 60018
cf-request-id: 06be08b1b8000064f18e10c000000001
last-modified: Mon, 27 Jan 2020 22:18:09 GMT
server: cloudflare
etag: "80a6bba75fd5d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JF5mmV9CPGmxfcl2COSMCtWF9nG%2BgD1ZknLmuNopxoCgJFAH%2Bz2OBWiI9TBn7%2FKV5SODecTC46JCrovJW517JgQen25k%2FyhNppDgMr4I0s5z64YKr%2F0hiCeBBnlOn2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private
accept-ranges: bytes
cf-ray: 5fa9dd62bbf064f1-FRA

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 405207
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:20:37 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 12:20:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 574405
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Wed, 24 Nov 2021 12:20:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
803 B 52ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=bemestarglobal.fun

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bemestarglobal.fun

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Dec 2020 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 233ms
233ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3105778105252190&correlator=1295787990687507&output=ldjh&impl=fif&eid=21068727%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201201&iu_parts=112081842%2Cbemestarglobal.fun_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606794844768&dlt=1606794843370&idt=1370&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=242&adks=1782806715&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=46&icsg=66759343&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x294&msz=970x250&ga_vid=657372218.1606794845&ga_sid=1606794845&ga_hid=2131914701&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

0892c899ba1a14851f363f2fb20a1ea600e3214b85aea6b1a9640828f8ef8f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12045
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
971c1d5879351affb372f6baca1150b2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 72ms
14ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://971c1d5879351affb372f6baca1150b2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 577ms
576ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3105778105252190&correlator=1295787990687507&output=ldjh&impl=fif&eid=21068727%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201201&iu_parts=112081842%2Cbemestarglobal.fun_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606794844779&dlt=1606794843370&idt=1370&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=944&adks=2957025746&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=46&icsg=66759343&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x324&msz=336x280&ga_vid=657372218.1606794845&ga_sid=1606794845&ga_hid=2131914701&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e0a6a2006bbcbdcadfb4bf7a6ef1691caa73315f7a3978f3ec92f140e20ffc8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11977
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
319 B 671ms
670ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3105778105252190&correlator=1295787990687507&output=ldjh&impl=fif&eid=21068727%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201201&iu_parts=112081842%2Cbemestarglobal.fun_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606794844782&dlt=1606794843370&idt=1370&frm=20&biw=1600&bih=1200&oid=3&adxs=1022&adys=1268&adks=2437563706&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=46&icsg=66759343&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x294&msz=300x250&ga_vid=657372218.1606794845&ga_sid=1606794845&ga_hid=2131914701&fws=4&ohw=1600&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

229f621d6fc2c67ec1193980ab502e18ba5280558a96fcba72f54066fa75444a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 395ms
394ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3105778105252190&correlator=1295787990687507&output=ldjh&impl=fif&eid=21068727%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201201&iu_parts=112081842%2Cbemestarglobal.fun_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606794844785&dlt=1606794843370&idt=1370&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=3567&adks=1955363119&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=46&icsg=66759343&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x134&msz=728x90&ga_vid=657372218.1606794845&ga_sid=1606794845&ga_hid=2131914701&fws=4&ohw=1600&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

611f958ccc3c4cfe2797bb9a3e1aa114bed37ffad9bf6fcb82e59f94f0cd7062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10203
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
265 B 795ms
795ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3105778105252190&correlator=1295787990687507&output=ldjh&impl=fif&eid=21068727%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201201&iu_parts=112081842%2Cbemestarglobal.fun_fluidx250&enc_prev_ius=%2F0%2F1&prev_iu_szs=1600x250&eri=4&cookie_enabled=1&cdm=bemestarglobal.fun&bc=31&abxe=1&dt=1606794844789&dlt=1606794843370&idt=1370&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=906&adks=4192923982&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbemestarglobal.fun&loc=https%3A%2F%2Fbemestarglobal.fun%2F&dssz=46&icsg=66759343&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=1600x-1&ga_vid=657372218.1606794845&ga_sid=1606794845&ga_hid=2131914701&fws=516&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

d6022659d9ce29adc141a28a9690777ea6374445bc9409e4ed2ce16dabeaafc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bemestarglobal.fun
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 3F72 180 KB
51 KB 30ms
5ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 496145
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:05:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3F72 13 KB
5 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 471171
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:01:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3F72 90 KB
27 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 495805
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:10:40 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3F72 3 KB
1 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 470070
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3F72 41 KB
13 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 470070
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3F72 6 KB
1 KB 39ms
25ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 03:19:57 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Tue, 01 Dec 2020 03:54:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Dec 2020 03:54:05 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8289743350306432690/ Frame 3F72 46 KB
47 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8289743350306432690/downsize_200k_v1?w=600&h=314

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1de756f93ca398980811000479ef7da3e32f550934e40cb2afa8f1c24f328e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 15:35:56 GMT
x-content-type-options: nosniff
age: 303489
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47551
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 14:46:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Nov 2021 15:35:56 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7326737923541744954/ Frame 3F72 11 KB
11 KB 15ms
14ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7326737923541744954/downsize_200k_v1?w=300&h=300

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1c42fa7f04aad2e82ddfd78030765cb5155818f2fc5919226d3c9b39875e6e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 22:48:33 GMT
x-content-type-options: nosniff
age: 18332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11118
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 12:42:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Nov 2021 22:48:33 GMT

GET
DATA 200
OK truncated
/ Frame 3F72 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3F72 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5512b150c2e82e059e6eff51da81d94f675c3ad8f388fb910dca8520f1a6c11

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F72 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
age: 24256
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 01 Dec 2020 21:09:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F72 344 B
562 B 12ms
11ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58836
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Dec 2020 11:33:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3F72 0
0 14ms
13ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmXVP24B7LqQYOg4OGOwyaRW8KHR9dm5LwAcJfkvQKEmSxAwpY8kWa5yKd5ywsywcwAUrB
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3F72 0
0 34ms
34ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ7uKXL7FX8XZMsGC3gOp-ZDYBo_486Rgtoq0ys4Mtr24jYwOEAEgquzAI2CRhJOF_BegAaGV8u0CyAEJqQLysh6RVwS0PuACAKgDAcgDCqoE1wFP0OFuw5BwuHDLvJxuqSN3pE7Whxw2b8_meRuw2FjPonyp5z-vTHHNrg-c_z66FZDtK6HLH4OhMKSqSixYgjiPsYm5cuIIEWn9WbZiPNEfxmAo7uyFtCKJF4E4vyG1tGFmB68aCx1PheJpZOAwasGPk__lBpAgL6D5qrH_h5uDCRCTbnI9Jq99w6sKySC2CslfDz4lrlmGXu65wexkHkPHW4hSdLkbDR98Wuxzg3qKWU9bNE-BtrQSOBgH10ievlsWZZx6mxA_01eZmFlhTjwMrc0r5QXjxMAEyp364Z8D4AQBkgUECAQYAZIFBAgFGASgBi6AB8fqjZIBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB_DgG6gH7paxAqgHpr4bqAfs1RvYBwDyBwQQg88G0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi05MTI5NTk5ODg3OTM5MjMwgAoDyAsB2BMLiBQBmBYBshcaChgIARIUcHViLTgzMDk3NzM4MDg2NjEzNDY&sigh=gOTL9DTWkGU&template_id=484&tpd=AGWhJmthALA4sTFWNERoHS3QzBYa96BF0J_3tEIqAJyoQUgmPg
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3F72 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 20:05:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 114541
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Mon, 29 Nov 2021 20:05:04 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3F72 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 20:01:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 546774
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Wed, 24 Nov 2021 20:01:11 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F72 3 KB
3 KB 35ms
21ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
age: 24256
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 01 Dec 2020 21:09:49 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F72 344 B
439 B 35ms
21ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58836
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Dec 2020 11:33:29 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame C6CA 180 KB
51 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 496145
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:05:00 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C6CA 13 KB
5 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 471171
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:01:14 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C6CA 90 KB
27 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 495805
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:10:40 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C6CA 3 KB
1 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 470070
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C6CA 41 KB
13 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 470070
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6CA 3 KB
3 KB 25ms
19ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
age: 24256
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 01 Dec 2020 21:09:49 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6CA 344 B
369 B 27ms
22ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58836
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Dec 2020 11:33:29 GMT

GET
DATA 200
OK truncated
/ Frame C6CA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f759f0cd3cd013064711f0ec057bee00fe64feae3059c4064a0426e485b9bf

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 5271849128449594679
tpc.googlesyndication.com/simgad/ Frame C6CA 50 KB
50 KB 51ms
48ms Image
image/gif 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5271849128449594679

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52120c212eb3a033030470e3f5ad42276ff2bcf482173347f940d975ddd0adb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51160
x-xss-protection: 0
last-modified: Wed, 04 Nov 2020 09:58:53 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:54:05 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C6CA 0
0 32ms
32ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw8wtXL7FX_7MPNaBjuwPluqDiAaGvauCYMTwqJ6PDciLhZ4LEAEgquzAI2CRhJOF_BfIAQOpAkM2Q5l7BrQ-4AIAqAMByAMIqgTCAU_QcAJfxT5iZH6UV-luhMCr3wFOE1YlsSTn1JtJ9VXVRNAfHXAXKoH_dseYLuZfUuUZsox1DyBwgogMh-V3kHTJPVvJY1oxcoOGO8X9Ne8HZnN1LMg2lUBs8KNr79tYXeseRiYq7nV74_lFhXyQuMt0NZCmJ39dk_IXT-tWNtvc2FLm3MEzxCt4jp3mJRQRbxNZXUdyDiwyfpIavVING3CmMb5qOUyjwtMTfQj31WdKQXyujq-U04oJdY4rRPMWDjXXwATPu8exoAPgBAGSBQQIBBgBkgUECAUYBKAGA4AH_eL6mQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ6dMB0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi05MTI5NTk5ODg3OTM5MjMwgAoDyAsB2BMNshcaChgIARIUcHViLTgzMDk3NzM4MDg2NjEzNDY&sigh=9-74sDWnOns&tpd=AGWhJmvLErvUgoaUARMGHqYRyohfgCciqceFAvspdYFawMhiUA
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C6CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 01 Dec 2020 03:54:05 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 5271849128449594679
tpc.googlesyndication.com/simgad/ Frame C6CA 50 KB
50 KB 8ms
7ms Image
image/gif 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5271849128449594679

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52120c212eb3a033030470e3f5ad42276ff2bcf482173347f940d975ddd0adb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51160
x-xss-protection: 0
last-modified: Wed, 04 Nov 2020 09:58:53 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Dec 2021 03:54:05 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6CA 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
age: 24256
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 01 Dec 2020 21:09:49 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6CA 344 B
369 B 7ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58836
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Dec 2020 11:33:29 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame D2F9 180 KB
50 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 496145
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:05:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:05:00 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D2F9 13 KB
5 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 471171
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:01:14 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D2F9 90 KB
27 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 495805
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 10:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 10:10:40 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D2F9 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 470070
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D2F9 41 KB
13 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 470070
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 25 Nov 2020 17:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Nov 2021 17:19:35 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame D2F9 6 KB
700 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 02:13:40 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Tue, 01 Dec 2020 03:54:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Dec 2020 03:54:05 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D2F9 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
age: 24256
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 01 Dec 2020 21:09:49 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D2F9 344 B
369 B 8ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58836
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Dec 2020 11:33:29 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/14217298518464448134/ Frame D2F9 14 KB
15 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14217298518464448134/2076313506083323656

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2ee7e25025eabfc4a75d6b66a5f190d369292fb88838d42cbcc7374690de7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 02:55:35 GMT
x-content-type-options: nosniff
age: 89910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14776
x-xss-protection: 0
last-modified: Fri, 17 May 2019 06:51:17 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Nov 2021 02:55:35 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12743039112434546017/ Frame D2F9 5 KB
5 KB 11ms
10ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12743039112434546017/downsize_200k_v1

Requested by

Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

855c208939d6b56bcd38c40137aadc7befd136c3cb8caab548c14b27c1477929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 28 Nov 2020 00:40:25 GMT
x-content-type-options: nosniff
age: 270820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4847
x-xss-protection: 0
last-modified: Thu, 18 Oct 2018 13:04:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Nov 2021 00:40:25 GMT

GET
DATA 200
OK truncated
/ Frame D2F9 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D2F9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed46ec86c55056c10c8ea381d5966eec9456c2a31a6382e5c30cfb72ee947ba2

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame D2F9 0
0 14ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdn9Pul5NyTLAbmDPpBK42R7wBeZhaeo9femM7wja-s82KOM64B6s6gi1nTz7R1E1usi_h
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D2F9 0
0 32ms
32ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoHoSXb7FX8OLCqGB3gPSzIHoCvnErMpc76TftvgH2dkeEAEgquzAI2CRhJOF_BegAfyTmLoDyAEJqQIEPk5l0AK0PuACAKgDAcgDCqoE2gFP0MTW-49H5ME2d2Fy2WHYErJMQKqkSD_LspgTMCll531XdNS4cwLBzXwTGrG7csUAVpqGIg2oKZbiI47FUWLt0rRBuFRYHLrVjNgjAgQzzcq2pdoH3RJBkGsiiZJSmr4d0TQK2kHTs-2NBOPu_rAyBmxP5hnrWtUOyBCszNgQP8RBjR_sXI-cfWpyI3Xtby_xN5-8pw-PDGvhVsRrX0ckhGS3NmT-IplzePP_toqa3in8jWhiOSKLwVyIh4hi9QYScDkY_Q3mXpN1WnwIcjKZU05UC-SJuR-VF8AEvPX-xHbgBAGSBQYIBBgBUAGSBQYIBRgEUAGSBQYIBRgYUAGSBQcIBRioAVABoAYugAfs6-dFqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEP6pDtIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tOTEyOTU5OTg4NzkzOTIzMIAKA8gLAdgTDYgUB7IXGgoYCAESFHB1Yi04MzA5NzczODA4NjYxMzQ2&sigh=0n-uqaNes8M&template_id=484&tpd=AGWhJmtZsC7WL-Lk1R1cKkrfrfa7JVVD3gmB4SQoAuEtX9S7DQ
Requested by: Host: bemestarglobal.fun
URL: https://bemestarglobal.fun/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D2F9 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 20:01:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 546774
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Wed, 24 Nov 2021 20:01:11 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D2F9 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bemestarglobal.fun
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 20:05:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 114541
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Mon, 29 Nov 2021 20:05:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 36ms
18ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15fc7c871d026df918aaaf18cb0407ef69eb86b5a17a1d3a8185288d13b7c9d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Dec 2020 03:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6498
x-xss-protection: 0

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D2F9 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 21:09:49 GMT
x-content-type-options: nosniff
server: cafe
age: 24256
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 01 Dec 2020 21:09:49 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D2F9 344 B
369 B 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 30 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58836
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 01 Dec 2020 11:33:29 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:54:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 01 Dec 2020 03:54:05 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame DC63 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bemestarglobal.fun/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bemestarglobal.fun/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 12318
date: Tue, 01 Dec 2020 03:06:05 GMT
expires: Wed, 01 Dec 2021 03:06:05 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2880
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 14ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=3105778105252190&bg=!LS6lLg7NAAUoamvQKFhrjtzYGfhx7AIAAACZUgAAAApoAQcKAZBb3azRwsGqeHuWQ0Lemxi5Y9VjJTPsXs74431gzrxJ0pGNZN2oB4Ar-UO4SIszWLqDa86sMJXtxY-sCYLWPABt70_go9LfCxUUDyAV7ccSK29UsEYKBhgb_lLpxxftWOSUiWHYF3W_wrl1jQ9a-y9YS7qG7g5tG-soR6wiHvAyxFsVzApzsS10H_cQwwVpt5NS_M9kjN18DF2y5eIgqjPTCYKCN9TbLjmJmTWK2SrD3MG4B4UC1h92OxJFa9WNXLVPbZzGBCNMN-dJQO1SC7rJcLGVVlzfnZoLfjmhGDAQCho23fav22V92S4-VhK0qJshRSTm9Zjpcx3xa2qLWsjbbgPmddHvjqHrVx2vJE6LP7mY7ex-0WmiNkC8fQglk2g5GMOd9IBW45Ht_n-xdj_iwuz23CRBEpfRdT2_iJcYzyVt6vdEMDA_Ql3iiXqKcM7HNqf5rqz4O612t05Xj-_gpgU8eZXSdGgsDvGgmkKOz55frPBfTI0QHaaZ55Q893Yl9eFjEwNs0I0cOCEXz3bbmQG71Q6Qr4AqDnZ_YlGwo3JZVYdGUNtsepdfOM0lxfJGFgmBJ7e5ZPbTpy2JWBsQvSF559Wk1CimDQFQ9qNUwydIGDKafjuiYHQLfIWZP2bkbR2lZ7poKXo66kCpCDMu0bW2kqtkEEALAik5C6JNCnKZZhHLQX5J1L3LtTgvIqdVPzMEgWIE-I2d5SKK90aGbBTA3zeI8MhTbk7EFzb3_HkzXQMae3SiLiOi5f6QY8cPltdNVhA9lZha68E_9tM9J9y2G77nNNhigWiLhg_6CMckTQsUQkUkKGYZjvCF0EqyqUA0BUMVDe4VYPIb8JDHyRRTMoHh5jIfDfyuln32xd2T9R0xyFhIiPDXQWilIR_WCiokpuT7PZK4_8dMf9WlwI8qEWT0j1S4Qr_lVuy4lLmBjoSd4Q6I9Cwp_RUHQ6vFRUdY4rNk1AfNTTaO9M88rxuw4ZYRWxWJkencHfiUYk61BfNlBOkePZkrWKpRUjNX0uXriBo8_ytqPvDMULLyD26_ygfWnLh-WvMzz_v2ZUiPAdFIuaX_XjSTUUpp5us43ZjtMvgWuIUuM0ZdQ58pjhWJIfUwSPK2oD01gnU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 03:54:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3F72 42 B
94 B 18ms
17ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv20KN4iidoyikinzKTWqPY9bhdzQsCWI4JtYwk2m5UVRfY02IWc12SCLzFcvdpQyACwRIQ1eLRgEsb1m6f00iCrFiML0rG9bwi6QTUlxCwMQz6Mnv3lhSWrXGX-w&sai=AMfl-YQTHHtHnycQnXkllUS4NPpybyQNXk0yvKysqCaVlJKWzG1ULcPf5b6pnBpxwYsmhh-RYkve8bMa0G7uvn0xwO-mbvKSZMvPH0JsCUeY15LRu_8_KFwp4iQeKrYEL7Sx&sig=Cg0ArKJSzBZ-bhCDWIYMEAE&cid=CAASPeRoD2dnUfzpBYCsHUOjg64oYRG_TWjIvkix1OrpnKTjPKwzlo8A4MOJDAtsh4hIeVl4RxD8nEWxSl9e4Zc&id=ampim&o=315,242&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=147&tls=1147&g=100&h=100&tt=1148&r=v&avms=ampa&adk=1782806715

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 03:54:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D2F9 42 B
66 B 21ms
21ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuupAvpPJVCB3_0ttsq2q9XSvsKI9DymvEfyrAIEj0ddvambgCGXdbeeV0SXnylR22xXnQcBKcDKMnB9_AjS2XS9KZ_V2bDq1tj2qVmDWFu2HnYgSBxBo4-dypHiahxeQxMQtE8T_IxTLL1IkOaZChU&sai=AMfl-YSZ2UAmIPfaDjWU6OY0uhKzYFyxXVpRuBN_dOJS5d0HIx9CEOmumG-DOo-MBetndUPWFCacmpe40pkxP4buWVzsyGIVzzApm8f9Ma7_xxiPPgcK8kdFJVtEq3Yf6HrM&sig=Cg0ArKJSzHfBYfRMunSMEAE&cid=CAASPeRon9qOhpv5BVH1AxhRUXmswGBdf0LpNhybnvxkJoVxEbJm9VtfdhUKOT7vZE1skPlnwVBb-JTdOBkeV-I&id=ampim&o=1010,944&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=112&tls=1112&g=91.42857193946838&h=91.42857193946838&tt=1112&r=v&avms=ampa&adk=2957025746

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bemestarglobal.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 03:54:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bemestarglobal.com.br
URL: https://www.bemestarglobal.com.br/wp-content/uploads/2018/11/10.jpg

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bemestarglobal.fun/	1970-01-19 23:41:30	Name: __gads Value: ID=c7a3036dbb181ad2-2234474e4eb900ab:T=1606794844:S=ALNI_MZS60MNREUUiLQLZhU-pZS2fWvPjg
bemestarglobal.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: r44tusl7r7gd4ihor5docc992s
.bemestarglobal.fun/	1970-01-19 15:03:06	Name: __cfduid Value: d5d5aa64bc412752cd3cdba39786b885b1606794842

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://bemestarglobal.fun/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://bemestarglobal.fun/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://bemestarglobal.fun/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://bemestarglobal.fun/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

971c1d5879351affb372f6baca1150b2.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
bemestarglobal.fun
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bemestarglobal.com.br
www.google.com
www.bemestarglobal.com.br
216.58.206.2
2606:4700:3030::6812:3ce3
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:816::2001
2a00:1450:4001:81a::2004
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::2001
2a00:1450:4001:820::2001
2a00:1450:4001:820::200a
2a00:1450:4001:825::2002
0041041f1591c65fb3722acef1f6eefe4f62ad3e389a2adacef4e9f0006b07a1
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
073e4a2140fd115de1b6050dc1dcaa7577df5fde701a040036559988d89028eb
0892c899ba1a14851f363f2fb20a1ea600e3214b85aea6b1a9640828f8ef8f36
0953d87aeadb41bfc1009d11bd1b506780b50342e61988bcfe6a28ed4973f39f
0a33ede08db57ecf67b9c46291b98795fe5338c443531096831a90bdfa487e70
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f58fadf98755f93eda944af2298c8df78f17ae6d70736be373e6f194b183587
11400cce67fa1ad9d5d9a92732b5b8f1070a61f5f9c9900a81514221c9c58160
1230ca571a79f4bf29245b4ea6abbd99834461fd37d9cbe597fb1bc955b95a04
15fc7c871d026df918aaaf18cb0407ef69eb86b5a17a1d3a8185288d13b7c9d1
17192d14b518552f7c75db83c6134a13d155207bc1feb99cefc04a8b2587797c
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1ad804e0729dda90e8b0792923635af46f6b3dfb6e82124125f00ca54ac642c1
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
215ac8ba68fd4d0dccc241ebfed79871510048b5dc8ebd81ad3153e0e7a64ea1
21c86783af68588ef60acc0ba2149c546e1f0abf132b5b35648fb3af87d637f0
229f621d6fc2c67ec1193980ab502e18ba5280558a96fcba72f54066fa75444a
233cd32d5d9208fed2591583130d6f4fe3e2635dd306e365d482c20e13eea5a4
24802f5e78146d75d2055c55cd6c65cbae26bfeb1d06bcf60f2f596f82821b53
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2819a8960e6500a74f45ba78ef007d64b04604e9f51b2e8895f842a52893fd74
2c9091ad8ab447fd9b230306e328c9a397f39eba4a7570c9ee2545ae487f5f35
2d450f3bc065ae3a613269957140e3183c36dcb8e13658cfcd90e83f800ec615
2e527a3483125d104275304b1fe7dcd1e83ac2bbc1ea65a94eea2184e513cdd1
30be37b01cb5ef44586548e57e83820c96df9bba423c84adcb4c10396b737517
32ddd1b40fb14832498568a328bd8c0e1fb362ca0bcdd634637656c15d68f98c
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3db7e3828bc6cb9feb6d2f77ca2c53cb56510f6ce37b636bccdf6bbb6314abe5
3dc18212454be4bb2ea30886bafa0b509032813706773649174da0305ea5cfa6
3ec70430d7840a8c54f42db530d9fd04cecb409dd23bb14acd099b994ad6e4e3
3ec7505b9cfcae8ca3528aea18906b30c70f00ff2f4601f0feccd858db830b4f
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bf20eda28fec100f3340eea8f5084aa42dcc0f49760fc5779e4e770d788cfa7
4e77f3c7a238f9edafe7235e2f3ab2daece91c04ac4ce5d3655db9e11d1d8001
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
52120c212eb3a033030470e3f5ad42276ff2bcf482173347f940d975ddd0adb2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57aaa20be325e520dc5700769644f698b4edb96c44287656317c403629d37ebc
581dcb4deaceeec55414897296ce6379dd52b92ff4249826da55fd254612df88
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
611f958ccc3c4cfe2797bb9a3e1aa114bed37ffad9bf6fcb82e59f94f0cd7062
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6659642c4cda14e9e9366d5c4fcf9fdf421db786ebee18948e6bec07ab31462c
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
67d6ff9cdaf8e44146217d2171df6de56ba6678c3df0ea57158646c33958ce0a
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
69239253d70d4ec337e803b6d8fdb1b16d4740636d1e419853becbf72d53641b
6adf3f89f9645c1cbcb72215af484ff29ff7098fb2b1b94b18ea2493dd130756
6d78326bb7242d59e5f1b35a8da2507a49c2e96c9adb1c97402beb878fd51e5f
6fdfb70b5a7b86d40db5e3651f5d66a444ce99fced7303dbef0025a368f2aae7
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7671dc771f1b919246554263f7dba1e9254ffb127813246bc2e5fe7c3fed55d1
788b813ee69620dc1c52f2ca56f9e9740ccff4983cefd8103682bf36b67d5825
7cb80c9617aace4ffae4b6a1a12d1ac4b218207ef4f3fee54209164f7ecdefe2
7d730d958599587aee3ee598871cc31de21c73d08a2d45dc437e62438ae753a3
83ce19e7237d1dd90477f1c5a16841089f731053c49236ea06c6503620e54f29
855c208939d6b56bcd38c40137aadc7befd136c3cb8caab548c14b27c1477929
872bd85ff3da101d9f97b11635ecbaa0f87c6b670539fd1ca2aef688771d11d5
8b7dad86ca119299aa0677d6e374ab4f868f8fb3aebad5e1e572e3c9daab91ee
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
928c9e2fb4906531b454d8cc95e0ec568849840bf43f99a79b6a3d1d9801cf80
9432a445935c4b88bab281c92457d2b2574e2224c3cdaf7b77bc1839c876660b
9d44be7cfec3d2c29db1f35a1c5c20fa6db250e512f90deaeb9f2454fe04f578
9df3598840f444f6c93febdcb2f48ffdb34272986f0f02a9138b32fcc03420a2
a1c42fa7f04aad2e82ddfd78030765cb5155818f2fc5919226d3c9b39875e6e9
a1f759f0cd3cd013064711f0ec057bee00fe64feae3059c4064a0426e485b9bf
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5062c980491c0f1df06545a8b3c65e247e8955f3e35793a12c3853ddbee5cb8
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a9167963c0a983cc4060aa79e8be838a95a615d9841ff20c9c623dcf9787ed60
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b62fef6c7e0e4de569c7e2a271193cab4a4dac629503df75093265639fd93bd1
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8192c37e90decbb76076dfb5e3de4482e96126fd370deb09aeabbf4050c1b24
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
c2598484ecad2996835fb9552bb3beeae9b24642f262eddd708a440d1c91f1b2
c2ee7e25025eabfc4a75d6b66a5f190d369292fb88838d42cbcc7374690de7c6
c4b9ddc5158dd66c8c64fdd7e2b47bf5a071dd2038ae97e84dcb2ddf9af0ca72
c92335e28e4831921773ad25dc4c31d39fdc3971da4bafb2920625407f17b2cc
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d120a0d4e4b4531ca4981e3e176056e571454d03664246609593ea2ef0df8a23
d304ddd6609387906e306e6a81d3810e8d54ede8042b7bd3f87b164ddc2b2139
d6022659d9ce29adc141a28a9690777ea6374445bc9409e4ed2ce16dabeaafc4
d7574fa9f17d50faef16fcdaeef26f281417a24086d7f15abea950f8185f07b8
de87543f874b15e11d4342e8d0d833c2e8d5860d8669137e49369413c7d3e76a
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e0a6a2006bbcbdcadfb4bf7a6ef1691caa73315f7a3978f3ec92f140e20ffc8c
e1c0291abf473623c8a57ed5623c9842d6508512b033fb1e4158919d74309db6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5512b150c2e82e059e6eff51da81d94f675c3ad8f388fb910dca8520f1a6c11
e6ea0952a594d985f20247de8733d28aceefc477a16d440f72112fd6615b0637
ea04284a237406470e07671892ef250652f5effcb1b05ba03ba8f0b91ae86b0f
eb149a716fed343e15296bc8e47cc2c9d5159eaba0673c15358c775b533fb34a
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ed46ec86c55056c10c8ea381d5966eec9456c2a31a6382e5c30cfb72ee947ba2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1de756f93ca398980811000479ef7da3e32f550934e40cb2afa8f1c24f328e5
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
fcd08d7c252ea08ccdbcded2b8842eb1e2ffc6a7a81bccb12847e80b12fd9b72
fcf7de96eefe4e4343a183dcdb2b749a6f58b5a4d2f2c7a504214abbde94f365
ff60d1af33b7ff4e1b4477e7ee47dc0ab642e274613715de7d5613ecc5cb9b2e
ffaa77713f0e6251a44c92284921b1ef3b3b375264d6311a0161dff2ddfbc53e
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

bemestarglobal.fun Open in urlscan Pro 2606:4700:3030::6812:3ce3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

141 Requests

99 %HTTPS

92 %IPv6

9 Domains

13 Subdomains

14 IPs

2 Countries

3112 kBTransfer

5611 kBSize

3 Cookies

0 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bemestarglobal.fun Open in urlscan Pro
2606:4700:3030::6812:3ce3 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

99 %
HTTPS

92 %
IPv6

9
Domains

13
Subdomains

14
IPs

2
Countries

3112 kB
Transfer

5611 kB
Size

3
Cookies

141 HTTP transactions
6 data transactions