omaranhense.com Open in urlscan Pro
191.6.208.42 Public Scan

URL:
https://omaranhense.com/
Submission: On November 19 via api (November 19th 2020, 10:37:45 am UTC) from BR

Summary HTTP 343 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 41 IPs in 12 countries across 34 domains to perform 343 HTTP transactions. The main IP is 191.6.208.42, located in Brazil and belongs to IPV6 Internet Ltda, BR. The main domain is omaranhense.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 23rd 2020. Valid for: 3 months.

This is the only time omaranhense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	191.6.208.42 191.6.208.42	28299 (IPV6 Inte...) (IPV6 Internet Ltda)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	35.244.156.216 35.244.156.216	15169 (GOOGLE) (GOOGLE)
37	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	192.95.31.56 192.95.31.56	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
34	143.204.201.94 143.204.201.94	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81a::2006	15169 (GOOGLE) (GOOGLE)
2 8	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700:303... 2606:4700:3034::ac43:b802	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2 4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
6	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
3	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	52.218.88.235 52.218.88.235	16509 (AMAZON-02) (AMAZON-02)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
3	184.24.15.122 184.24.15.122	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.79.88.155 104.79.88.155	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3037::6812:25b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
343	41

41 191.6.208.42 (Brazil)

ASN28299 (IPV6 Internet Ltda, BR)
PTR: web135.kinghost.net

omaranhense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.156.216 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 216.156.244.35.bc.googleusercontent.com

api.nobeta.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.95.31.56 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns510949.ip-192-95-31.net

api.grumft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 143.204.201.94 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-94.fra53.r.cloudfront.net

sandflos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df2c4561db00ee4e25db5fb0f96a3acc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
110bf6a8955da4cf6922b00c5aeb860b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9a60858b45671c2f6d85dad3dd473999.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fac4e62f6b84b87301cd74aea4ef4bf3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.37.53.17 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:b802 (United States)

ASN13335 (CLOUDFLARENET, US)

data.gblcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.gblcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, US)

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.37 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)

adpone-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.218.88.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Switzerland)

ASN34010 (YAHOO-IRD, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.24.15.122 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-15-122.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.79.88.155 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-155.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6812:25b9 (United States)

ASN13335 (CLOUDFLARENET, US)

feed.buzzcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	googlesyndication.com pagead2.googlesyndication.com ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com tpc.googlesyndication.com df2c4561db00ee4e25db5fb0f96a3acc.safeframe.googlesyndication.com 110bf6a8955da4cf6922b00c5aeb860b.safeframe.googlesyndication.com 9a60858b45671c2f6d85dad3dd473999.safeframe.googlesyndication.com fac4e62f6b84b87301cd74aea4ef4bf3.safeframe.googlesyndication.com e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com	626 KB
52	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	801 KB
41	omaranhense.com omaranhense.com	825 KB
34	sandflos.com sandflos.com	38 KB
31	ampproject.org cdn.ampproject.org	587 KB
15	google.com 3 redirects adservice.google.com www.google.com	3 KB
11	googletagservices.com www.googletagservices.com	269 KB
9	adnxs.com ib.adnxs.com acdn.adnxs.com	4 KB
8	scorecardresearch.com 2 redirects sb.scorecardresearch.com	6 KB
6	openx.net adpone-d.openx.net eu-u.openx.net	1 KB
6	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	177 B
6	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	3 KB
6	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	5 KB
5	google.de adservice.google.de www.google.de	2 KB
4	criteo.net static.criteo.net	97 KB
4	criteo.com bidder.criteo.com gum.criteo.com	435 B
4	google-analytics.com www.google-analytics.com	19 KB
4	grumft.com api.grumft.com	14 KB
3	amazonaws.com s3-eu-west-1.amazonaws.com	42 KB
3	smartadserver.com prg.smartadserver.com	3 KB
3	adpone.com hb.adpone.com	282 KB
3	creativecdn.com prebid-us.creativecdn.com	507 B
3	gblcdn.com data.gblcdn.com server.gblcdn.com	8 KB
3	2mdn.net s0.2mdn.net	208 KB
3	googletagmanager.com www.googletagmanager.com	114 KB
2	google.be adservice.google.be	2 KB
2	gstatic.com fonts.gstatic.com	18 KB
1	buzzcdn.com feed.buzzcdn.com
1	yahoo.com cms.analytics.yahoo.com
1	mathtag.com 1 redirects pixel.mathtag.com	565 B
1	advertising.com adserver-us.adtech.advertising.com	265 B
1	googleadservices.com partner.googleadservices.com	437 B
1	nobeta.com.br api.nobeta.com.br	15 KB
1	googleapis.com fonts.googleapis.com	1 KB
343	34

	Domain	Requested by
45	tpc.googlesyndication.com	omaranhense.com securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com cdn.ampproject.org
41	omaranhense.com	omaranhense.com
36	securepubads.g.doubleclick.net	omaranhense.com securepubads.g.doubleclick.net sandflos.com www.googletagservices.com
34	sandflos.com	omaranhense.com sandflos.com
31	cdn.ampproject.org	securepubads.g.doubleclick.net pagead2.googlesyndication.com
21	pagead2.googlesyndication.com	omaranhense.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
11	www.googletagservices.com	pagead2.googlesyndication.com api.grumft.com api.nobeta.com.br securepubads.g.doubleclick.net
9	www.google.com	3 redirects omaranhense.com securepubads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com omaranhense.com
8	sb.scorecardresearch.com	2 redirects omaranhense.com
6	ib.adnxs.com	s0.2mdn.net hb.adpone.com
6	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	static.criteo.net	s0.2mdn.net static.criteo.net
4	ad.doubleclick.net	2 redirects omaranhense.com
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com omaranhense.com
4	api.grumft.com	omaranhense.com api.grumft.com
3	eu-u.openx.net	hb.adpone.com
3	ads.pubmatic.com	hb.adpone.com
3	eus.rubiconproject.com	hb.adpone.com
3	acdn.adnxs.com	hb.adpone.com
3	s3-eu-west-1.amazonaws.com	omaranhense.com s3-eu-west-1.amazonaws.com
3	adpone-d.openx.net	hb.adpone.com
3	hbopenbid.pubmatic.com	hb.adpone.com
3	fastlane.rubiconproject.com	hb.adpone.com
3	prg.smartadserver.com	hb.adpone.com
3	hb.adpone.com	omaranhense.com s3-eu-west-1.amazonaws.com
3	prebid-us.creativecdn.com	s0.2mdn.net
3	bidder.criteo.com	s0.2mdn.net
3	s0.2mdn.net	api.nobeta.com.br
3	www.googletagmanager.com	omaranhense.com api.grumft.com www.googletagmanager.com
2	e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	server.gblcdn.com	data.gblcdn.com
2	adservice.google.be	securepubads.g.doubleclick.net
2	tag.navdmp.com	api.grumft.com tag.navdmp.com
2	ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	feed.buzzcdn.com	data.gblcdn.com
1	gum.criteo.com	static.criteo.net
1	cms.analytics.yahoo.com	omaranhense.com
1	sync.navdmp.com	omaranhense.com
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	omaranhense.com
1	cm.g.doubleclick.net	1 redirects
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	fac4e62f6b84b87301cd74aea4ef4bf3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	9a60858b45671c2f6d85dad3dd473999.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	omaranhense.com
1	110bf6a8955da4cf6922b00c5aeb860b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adserver-us.adtech.advertising.com	s0.2mdn.net
1	df2c4561db00ee4e25db5fb0f96a3acc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	data.gblcdn.com	omaranhense.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api.nobeta.com.br	omaranhense.com
1	fonts.googleapis.com	omaranhense.com
343	57

This site contains links to these domains. Also see Links.

Domain
www.tvn.tv.br
www.autopecasstore.pt
www.maranhaoesportes.com
themegrill.com
wordpress.org
server.gblcdn.com

Subject Issuer	Validity	Valid
omaranhense.com Let's Encrypt Authority X3	`2020-10-23` - `2021-01-21`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
api.nobeta.com.br GTS CA 1D2	`2020-11-05` - `2021-02-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
api.grumft.com Let's Encrypt Authority X3	`2020-09-28` - `2020-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
sandflos.com Amazon	`2020-09-23` - `2021-10-23`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-26` - `2021-05-26`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.be GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh

This page contains 76 frames:

Primary Page: https://omaranhense.com/
Frame ID: 3F84B8F889382588368798B33B3DFFC6
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: E494E41CE0432ADF6873FEEC4CB042B3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6C45E0A2E54D7CA23B4F826254C4B125
Requests: 11 HTTP requests in this frame

Frame: https://sandflos.com/stats?i=ruxdvsbvrcgoqtu1xn&a=e39390f63a1e51ba0a7bcfa3d1cbc55e1&cb=8280081605782244848
Frame ID: 50F153A195B4F6F619B3AD5FFF93038A
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/syncro?i=ruxdvsbvrcgoqtu1xn&a=00f69c80ddd0e196733907a6f1ff40fd1&cb=7315561605782244850
Frame ID: 0699F2230AB1368C171B0A30113DD88C
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/sync?i=ruxdvsbvrcgoqtu1xn&a=a0a4b9824988218a8a26c80f136d90b01&cb=9493611605782244851
Frame ID: C393B409A0E3EAC7CEFB9EC3D8FC54C3
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/user?i=ruxdvsbvrcgoqtu1xn&a=9ce8b39977d63632ced6e3947fca53281&cb=5803761605782244852
Frame ID: 204BBBF3BF2E0D98B2795A88AD40E13A
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/counter?i=ruxdvsbvrcgoqtu1xn&a=918514c4e2ffc2458fdd4891fcaafad67&cb=8754621605782244854
Frame ID: 3976E3C8B28B81AFA7FF8302B330E4BD
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/usersync?i=ruxdvsbvrcgoqtu1xn&a=33e1f8482e889c99e252f0fec7f079db7&cb=3778261605782244855
Frame ID: 4B9957DE8AB6B5B5509A718A6FD64299
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/stat?i=ruxdvsbvrcgoqtu1xn&a=85594ff5eff4dfb33a431ad9f79f716e3&cb=0300931605782244856
Frame ID: 5F3370754CBA4973E9F0277BA621C434
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/syncro?i=ruxdvsbvrcgoqtu1xn&a=7ba2c02a8ad0959ba0b7a41c1b66d76e9&cb=2169651605782244858
Frame ID: 8D62A5C54C1620F28099B8BEBB191C3F
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/syncro?i=ruxdvsbvrcgoqtu1xn&a=0992291fa6ccee7a26b123ecedbd55f35&cb=1486071605782244859
Frame ID: 3251C5EBC5A35FFBE970E9847AF6FF25
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/async_usersync?i=ruxdvsbvrcgoqtu1xn&a=e0ef1d3f359871e93e9bf6fa97a0ad929&cb=5456621605782244860
Frame ID: 8523E435C4E25D383148877A5F60E370
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/stats?i=ruxdvsbvrcgoqtu1xn&a=29f5dcb88f9637d6cd892e54d5167afe3&cb=6661201605782244861
Frame ID: 2BC38F5E0CEEE754AAF915A366341E73
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/usync?i=ruxdvsbvrcgoqtu1xn&a=d543570f19c6b2de8f6a3a1c35f396c07&cb=2731291605782244862
Frame ID: 2D964E45336533058EA438151C7781E3
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/count?i=ruxdvsbvrcgoqtu1xn&a=2bdc637421b5ff5be9867dc01d403cde9&cb=1190071605782244864
Frame ID: E9F3E0538FF5ADC4C7DBC678A69AB753
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/count?i=ruxdvsbvrcgoqtu1xn&a=eaccb7336a1ceff07b2c4fed03a2e1661&cb=8002431605782244865
Frame ID: 100CD22F95C8BC973BEC7E9AF46B06DC
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/user?i=ruxdvsbvrcgoqtu1xn&a=e76bd0b0c79e033cbb79775d4ab543c89&cb=0900101605782244866
Frame ID: DCECF8EECE6C204B3720EFFCE54EC65B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=90&slotname=6592835142&adk=3043659451&adf=3614600137&pi=t.ma~as.6592835142&w=728&lmt=1605782244&psa=0&format=728x90&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782244763&bpp=12&bdt=549&idt=116&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8697468774093&frm=20&pv=2&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=202042417824&dssz=44&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=18727ukk5J&p=https%3A//omaranhense.com&dtd=134
Frame ID: 7F0EAB8E99DE726454CBD96241338192
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 26C6ABFA1D07359D811A08516EA49FBD
Requests: 11 HTTP requests in this frame

Frame: https://sandflos.com/count?i=c4im3yhdlmn8a2029ntt&a=54e2bbd1285efcfe6bbe63de4b596a785&cb=6203941605782244935
Frame ID: 874808EDA35D6C51EA01E3A6E5F78BDF
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/usync?i=c4im3yhdlmn8a2029ntt&a=caa1f0a13a630cc744f7de9eb03a37b61&cb=9743841605782244937
Frame ID: 6ABC7508AE6C2170488F1C06CD374D5D
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/syncro?i=c4im3yhdlmn8a2029ntt&a=b67556de1e38981131d24d40ce1174d95&cb=2473601605782244938
Frame ID: BE80E63711DDEA118CE1B4DE6577BCE1
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/syncro?i=c4im3yhdlmn8a2029ntt&a=b32c65a30776f7313f348926dec0e7f69&cb=3614671605782244939
Frame ID: 1D05C95DFBC5E61D876B3E16FBD0506C
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/usync?i=c4im3yhdlmn8a2029ntt&a=52fde360a6eefd8e1cab633f47ad0e663&cb=5947201605782244959
Frame ID: 94AD087D4EA66438593CDCF21688CA62
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/usync?i=c4im3yhdlmn8a2029ntt&a=27e9709e687d9aba2493e24904a0b1467&cb=0115541605782244961
Frame ID: 0C138C248055D280EF3DEF4A5A355A0A
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/user?i=c4im3yhdlmn8a2029ntt&a=1a363d662a0ae1a6cc5ffbab906765757&cb=9617501605782244963
Frame ID: 25550A28A1BF1D392AED81D5CDE087AB
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/usync?i=c4im3yhdlmn8a2029ntt&a=83ff63af209e45598cf2f111f6786b6f9&cb=3895901605782244964
Frame ID: 3DB25FC836E6E92CBC6485F1F774864A
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/stat?i=c4im3yhdlmn8a2029ntt&a=cc2b663770aeea348d11bbc244bb88af9&cb=7564881605782244965
Frame ID: 449C6B1206E93B642CA9866599618624
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/stat?i=c4im3yhdlmn8a2029ntt&a=bb73d238463f6f89e075cc1ff68a969b3&cb=5708801605782244966
Frame ID: D5D17CF83B3308E5A80F5D3BCAD2259A
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/sync?i=c4im3yhdlmn8a2029ntt&a=28e9f1ec48f2b394a11e30a6de73abcb1&cb=0644211605782244967
Frame ID: 9561778DDCB3FC0C3359AE97FFE2FDC2
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/counter?i=c4im3yhdlmn8a2029ntt&a=711cf67cdff420f56fda25c9b62d889c9&cb=7930351605782244969
Frame ID: 3163C5C162159B83D1EDB60D47BBBF55
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/async_usersync?i=c4im3yhdlmn8a2029ntt&a=3352997c9fb86f3175899458fbbac4667&cb=1101201605782244970
Frame ID: D99EAC132CEC925D9323B2BA2161E148
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/stats?i=c4im3yhdlmn8a2029ntt&a=ab77823e3ad2b6ebd34aa8d65c410ead5&cb=8387491605782244971
Frame ID: A1ADBC1F11BBC08AB2DB347400275CFD
Requests: 1 HTTP requests in this frame

Frame: https://sandflos.com/count?i=c4im3yhdlmn8a2029ntt&a=f31cc0503119c640194c908f3bfc892e1&cb=3793671605782244973
Frame ID: 3223AD19684C507E49678A3C7963A4C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=620085199&adf=1143458965&pi=t.ma~as.5394759653&w=300&lmt=1605782244&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782244776&bpp=2&bdt=561&idt=208&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=8998135440032&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=2967&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FetKZEIubF&p=https%3A//omaranhense.com&dtd=213
Frame ID: 37BD01DE731865464E289E15C44EB845
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Frame ID: 600AED5AF4907246E22EBC080D4152D0
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Frame ID: 9C43F095CAB2EC3BDBC2ED447BFCA71A
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Frame ID: 4731C22802D18C8B86D89C682FACD50E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&adk=1812271804&adf=3025194257&lmt=1605782245&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fomaranhense.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245498&bpp=61&bdt=1284&idt=61&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&prev_fmts=728x90%2C300x250&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=143085233946623&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&dtd=107
Frame ID: 1577B9F409A62E059EF7E28FF7951350
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=2829751114&adf=3422312891&pi=t.ma~as.5394759653&w=300&lmt=1605782245&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245071&bpp=2&bdt=857&idt=2&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&prev_fmts=728x90%2C300x250%2C0x0&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=572340935786492&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=cZTIwZ8ECZ&p=https%3A//omaranhense.com&dtd=721
Frame ID: 6E56012CE14E23CF89E8C8CFF3C31AD8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 0B0659E1E58795ECEE81E1252612B9EE
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: E44E9CADF1300DEBF33FC61D6E02B021
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: A8C6F988AD0244CA6E148E775CA942B1
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyFVjt421lwV-VK6JKC9uH07auP0a35gD-Zjd64UJ8v1BQcXtKh56gf3wjd67iXpUhS1gU7rbEtBXAfvadWq5Mgi4wpMwPqODDOAC5BSCBavpcX1GwJ6ap1zbApifb5EdK39KjZB-JRtVi1YNzkVdgvV4EECAxXq2TQ7gbi1cUGdvdDsCO27vvAZLqSmLOsV21gIUwtWXRJ6-qxhmPx1AnwWrH9MBkkb9IWTlUoekpBj_dHpPwtE-a3qrbSbkqfgMF-tYB6k2xt5V32-fPAlQ&sig=Cg0ArKJSzGcn72ykN2iiEAE&adurl=
Frame ID: FBA07AE23FCB8854B03E5644CB5590FD
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKTlIECGvjKmnRzQpegYdHFRU72PkqfjwPuSU-g_Ex8juW9ZXhYlKis6w5tl_p4K7dwfJv_LNVyamO5wKq2pODghNaFXdEoA0rD5kbpvAlEndvHp3-xjgPg3_DLMOlLfE1l_BV3IgDYRdqParrO-o_w8pQayHlngf2KgmBt2T-yleQ9My9hOmqzFm-Nh_payrRoEkd0DH4UN-uUBBewIkwvYumakvPI-9ZoRAA4opAui_kc3_mG-gagkkFfxd3WSzT0fSY71FJl1yvrJrkYgwaamTGwb6L&sig=Cg0ArKJSzHtLj6Mizet7EAE&urlfix=1&adurl=
Frame ID: B77A57ED8E04AC5CFC64E8CDCB3AD3B2
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 7B8866BDF3E38D4A26918DCD54FCAB8D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 88883C28CCA81FD2815E9525756C05CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C9375AF86F4568C951B67F6F8BDBB97D
Requests: 1 HTTP requests in this frame

Frame: https://e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: D81AE50BCCEA176EDD5B85F569FFD6AA
Requests: 1 HTTP requests in this frame

Frame: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Frame ID: 60866B6C89F61690A7E6DC2DE92272D2
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 52723E287EE156AC80FEA9AD51EB83CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 69C314EAF964269BC30271C2A04AD165
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=omaranhense.com
Frame ID: 4BECC01F48B2EB49C6A7582AFE667D4B
Requests: 1 HTTP requests in this frame

Frame: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral040.js
Frame ID: 6BE8FBF56D2B7B36920FA729156E4943
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 9EB1D443B71C707A13E8C008764F41BF
Requests: 1 HTTP requests in this frame

Frame: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/adidas_300x250.jpg
Frame ID: 11B93B46F87B1CB86AB2FB05623634F3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 5C2A883ED1FA141EED39F74CA66288BA
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIjvxoIQIDx6iMURRumn_1vJRGcAuGM2CukEgXM_kHuYYafd-azkchIV3KxnbU2-LFtFfoCbwhXdnItdbtSuj_OqTgInvjrLvbyI2qldroXvEy7LN15CCBV9NQuKYjtxiCgXfiSIgUxaiQcFQrbhHWx6RznFUITFOMQgwXJljlrIxtPINA3QE6faNj9nRO_Ql-HvuE_eRfzShUDC9rmUJ8uhicV75KkONF6QVlqevxLbIqaz1rhM20Z1EzY2AnSWNU_9L4DhNp4Nz96cTSffn54qM&sig=Cg0ArKJSzARdvI2HB-m_EAE&adurl=
Frame ID: 4E52FCE9F7C044D293596C6EAC295D0F
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8B7813D35033CDF72B6CC3D324E38576
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 18EBF4E9849425933AC8518AA54EF561
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 194477078832D226BF69C78D68A2E833
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: B258B309B091926B6BC7C2EDAC21FE7E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 3198F4B6A53D98751E2C5E41A4D9587A
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3610267492ABE827D78710301839DCD1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 22998CB986192D56EBCE2F58A796CBBF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 63065209CC8479D684F3EE7CB84D0214
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B8414F6FDA59C9B66ADE5DBE2D931F6F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Frame ID: 17CFE0B5C170690FBF83733B6927E685
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F7D8F921020DDFECF43C2FF315DDA868
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 67B656183BFF1BAED3DE7681FADB0934
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BA7F1FBB0136308130CE283A9DB4853F
Requests: 1 HTTP requests in this frame

Frame: https://ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6002042A8D0C2B1E84D8BF260DA84D65
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 7D4FE848709EF4710592D6C51E61FB48
Requests: 15 HTTP requests in this frame

Frame: https://feed.buzzcdn.com/1/365_00947411/DE/desktop/3_0_0_x_2_5_0/sgehtdt4g3srthvjyufvrbyrb68i?campaign=1
Frame ID: 4AAE91F23686486B43E9F57F53874737
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=1390757383&adf=3772463256&pi=t.ma~as.5394759653&w=300&lmt=1605782260&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245076&bpp=1&bdt=861&idt=1&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C0x0%2C300x250&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=572340935786492&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-2U_1__L6s8zDIICTVyb43qoAlJJKNATjpZtsgct3ApRneaSgjIJkhCxc2hxmtpQ%2CAGkb-H-U4YpZLw882zMdYOv19gWv_ZKgN1s1Dky-yoahRnXUoLG_cT7-zs7T7uckDEZE8Q%2CAGkb-H-ZFF4MYswfJsiHaYfW9g4qS0NCnwRuiXE704yeVNl7PprcbQwhKR26npFA41G4Pg&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4rLNljX51C&p=https%3A//omaranhense.com&dtd=15434
Frame ID: B7314FFFE496589DDF748A08EC3E5378
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tag\.navdmp\.com/i

Page Statistics

343
Requests

100 %
HTTPS

50 %
IPv6

34
Domains

57
Subdomains

41
IPs

12
Countries

3994 kB
Transfer

9683 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tvn.tv.br/
Title:

Search URL Search Domain Scan URL

URL: https://www.autopecasstore.pt/marcas-de-carros/opel-pecas
Title: AutopecasStore.PT

Search URL Search Domain Scan URL

URL: https://www.maranhaoesportes.com/
Title: Maranhão Esportes

Search URL Search Domain Scan URL

URL: https://themegrill.com/themes/colormag
Title: ThemeGrill

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://server.gblcdn.com/pool/r?c=a8a2a4d0-92d3-11ea-bae0-33090187a0e9&pubid=7895a300-9126-11ea-a2b3-876aecb6db10&wid=aae86bd0-9126-11ea-a2ff-7f7f47e0c227

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24645037.282703885;dc_trk_aid=476405798;dc_trk_cid=138017996;ord=1494378667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=; HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24645037.282703885;dc_pre=COvq74K1ju0CFVztuwgdu7EKxQ;dc_trk_aid=476405798;dc_trk_cid=138017996;ord=1494378667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;

Request Chain 155

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24842908.286398644;dc_trk_aid=480256884;dc_trk_cid=140464175;ord=3052152199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=; HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24842908.286398644;dc_pre=CPjwk4O1ju0CFdCVdwodZNQLYw;dc_trk_aid=480256884;dc_trk_cid=140464175;ord=3052152199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;

Request Chain 165

https://sb.scorecardresearch.com/b?c1=2&c2=28130334&ns__t=1605782246862&ns_c=UTF-8&ns_if=1&cv=3.5&c8=NoBeta%20%7C%20M%C3%ADdia%20Digital&c7=https%3A%2F%2Fomaranhense.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=28130334&ns__t=1605782246862&ns_c=UTF-8&ns_if=1&cv=3.5&c8=NoBeta%20%7C%20M%C3%ADdia%20Digital&c7=https%3A%2F%2Fomaranhense.com%2F&c9=&cs_ak_ss=1

Request Chain 166

https://sb.scorecardresearch.com/b?c1=2&c2=28130334&ns__t=1605782246864&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fomaranhense.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=28130334&ns__t=1605782246864&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fomaranhense.com%2F&c9=&cs_ak_ss=1

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 193

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 205

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=55333923245 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=55333923245&google_gid=CAESEOTLBvMRfSVZjRSUm4LBO24&google_cver=1

Request Chain 239

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=b0b85fb6-4ae7-4400-bbae-7525ace50ffd

343 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
omaranhense.com/ 88 KB
16 KB 1657ms
701ms Document
text/html 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 79dfca067f5c1fe24b2866f0ab0f0848a63269cdb59ef8a8a0c708070b5347d4

Request headers

:method: GET
:authority: omaranhense.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:23 GMT
server: Apache
link: <https://omaranhense.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
x-mod-pagespeed: Powered By KingHost and mod_pagespeed
cache-control: max-age=0, no-cache
content-encoding: gzip
content-length: 15827
content-type: text/html; charset=UTF-8

GET
H2 200 style.min.css
omaranhense.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 221ms
215ms Stylesheet
text/css 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 02 Sep 2020 02:26:25 GMT
server: Apache
etag: "d293-5ae4b5cb9f027-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=1800
accept-ranges: bytes
content-length: 7907
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 theme.min.css
omaranhense.com/wp-includes/css/dist/block-library/ 2 KB
807 B 216ms
212ms Stylesheet
text/css 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 09:25:51 GMT
server: Apache
etag: "8aa-5acaac61cff61-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=1800
accept-ranges: bytes
content-length: 729
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 style.css
omaranhense.com/wp-content/themes/colormag/ 78 KB
13 KB 221ms
217ms Stylesheet
text/css 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/style.css?ver=2.0.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 8d8b7d9526adafbe2a3b3742896253a8aea6d7f85c016d5fc2257ea1c6eb01f0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 13:16:25 GMT
server: Apache
etag: "13954-5b22e27945ced-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=1800
accept-ranges: bytes
content-length: 13171
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 font-awesome.min.css
omaranhense.com/wp-content/themes/colormag/fontawesome/css/ 30 KB
7 KB 217ms
213ms Stylesheet
text/css 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.0.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 13:16:25 GMT
server: Apache
etag: "791c-5b22e279051c5-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=1800
accept-ranges: bytes
content-length: 7057
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.3

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0548a34e1f94e73ba30c13a14a5c4351d28230779b06f1b6f6ea3e0e148ed7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:00:12 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Thu, 19 Nov 2020 10:37:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:24 GMT

GET
H2 200 style.css
omaranhense.com/wp-content/plugins/meks-easy-ads-widget/css/ 592 B
396 B 213ms
210ms Stylesheet
text/css 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/plugins/meks-easy-ads-widget/css/style.css?ver=2.0.4
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 558306120cd54b9bb7193b5a7b4209b9e29c0a639d298da2b0e906fbdc05e946

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Fri, 17 Jul 2020 21:08:03 GMT
server: Apache
etag: "250-5aaa98d805594-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=1800
accept-ranges: bytes
content-length: 249
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 jquery.js Show response
omaranhense.com/wp-includes/js/jquery/ 95 KB
33 KB 406ms
404ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2019 19:58:26 GMT
server: Apache
etag: "17a69-591d3bea27c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 33776
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 55ms
34ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-73889565-1

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06e27bce964eedb04e27d122e180bb3d6dbc09fc3a57a590c278e97677996723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38817
x-xss-protection: 0
last-modified: Thu, 19 Nov 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Nov 2020 10:37:24 GMT

GET
H2 200 nobetaads&id=omaranhense.inter Show response
api.nobeta.com.br/ 81 KB
15 KB 423ms
155ms Script
application/javascript 35.244.156.216
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nobeta.com.br/nobetaads&id=omaranhense.inter
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.156.216 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.156.244.35.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c6122a59f3f3e287109cd607ac31495520f1e00addb9ad8b7742f5308d2e0c67

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 13:45:33 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=604800
alt-svc: clear
content-length: 15470

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
18 KB 112ms
59ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

c98a883fb402e6f164c622903ad4ebd6722044747d753e35137542efa375c9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 909 of 1000 / last-modified: 1605740934"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18258
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:24 GMT

GET
H2 200 cropped-cropped-omaranhense-3-1-1.png
omaranhense.com/wp-content/uploads/2019/11/ 9 KB
9 KB 211ms
209ms Image
image/png 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2019/11/cropped-cropped-omaranhense-3-1-1.png
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 7a28ac7c9b8732a7cab4ba1b2de94a0bba02413760bdfe93456aa59940718393

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Thu, 18 Jun 2020 10:15:08 GMT
server: Apache
etag: "24ea-5a8590d10b477"
vary: User-Agent
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 9450
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86b34decfab5ee3b8db9b14455db492beaf07692e705eb17ae164185c22dcbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45471
x-xss-protection: 0
server: cafe
etag: 1457983499044672765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 10:37:24 GMT

GET
H2 200 FULL-BANNER-728x90pixels.png
omaranhense.com/wp-content/uploads/2020/10/ 61 KB
61 KB 211ms
210ms Image
image/png 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/10/FULL-BANNER-728x90pixels.png
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: ffeec369712524be873682adfb4b62f7147f1a1756a7ad82c0ef2efcdfba0e60

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Sat, 31 Oct 2020 23:47:59 GMT
server: Apache
etag: "f257-5b30024a6d55b"
vary: User-Agent
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 62039
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 wp-emoji-release.min.js Show response
omaranhense.com/wp-includes/js/ 14 KB
5 KB 224ms
223ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 09:25:52 GMT
server: Apache
etag: "37a6-5acaac6291909-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4671
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 18b76f7dc6b22e4ff985b2e5034dd5c7.js Show response
api.grumft.com/gt/ZONA_IAB_300x250_1/ 9 KB
2 KB 343ms
108ms Script
application/javascript 192.95.31.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.grumft.com/gt/ZONA_IAB_300x250_1/18b76f7dc6b22e4ff985b2e5034dd5c7.js
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.31.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns510949.ip-192-95-31.net
Software: nginx /
Resource Hash: 8c3b09ea8686ebd52952dbafdf0e59735b3be8c15ffe2161752529d464ccc268

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 17:21:54 GMT
server: nginx
etag: W/"5f9afa32-2319"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 19 Nov 2021 10:37:24 GMT

GET
H2 200 18b76f7dc6b22e4ff985b2e5034dd5c7.js Show response
api.grumft.com/gt/ZONA_IAB_300x250_2/ 9 KB
2 KB 326ms
108ms Script
application/javascript 192.95.31.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.grumft.com/gt/ZONA_IAB_300x250_2/18b76f7dc6b22e4ff985b2e5034dd5c7.js
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.31.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns510949.ip-192-95-31.net
Software: nginx /
Resource Hash: 35f3adce819c8f95305902ef0e55913f1f18ff1b49557c58c5b67c5fa3d96e5d

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 17:21:54 GMT
server: nginx
etag: W/"5f9afa32-2319"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 19 Nov 2021 10:37:24 GMT

GET
H2 200 jquery.bxslider.min.js Show response
omaranhense.com/wp-content/themes/colormag/js/ 23 KB
6 KB 226ms
223ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.0.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 13:16:25 GMT
server: Apache
etag: "5d92-5b22e279412b5-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 6152
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 jquery.newsTicker.min.js Show response
omaranhense.com/wp-content/themes/colormag/js/news-ticker/ 3 KB
1 KB 225ms
222ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.0.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 13:16:25 GMT
server: Apache
etag: "d6d-5b22e2793ff2d-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1077
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 navigation.min.js Show response
omaranhense.com/wp-content/themes/colormag/js/ 2 KB
711 B 213ms
210ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/js/navigation.min.js?ver=2.0.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 13:16:25 GMT
server: Apache
etag: "61f-5b22e279412b5-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 655
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 jquery.fitvids.min.js Show response
omaranhense.com/wp-content/themes/colormag/js/fitvids/ 2 KB
830 B 224ms
221ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.0.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 13:16:25 GMT
server: Apache
etag: "6da-5b22e2793eba5-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 774
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 skip-link-focus-fix.min.js Show response
omaranhense.com/wp-content/themes/colormag/js/ 325 B
297 B 224ms
221ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.0.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 13:16:25 GMT
server: Apache
etag: "145-5b22e2794169d-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 242
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 colormag-custom.min.js Show response
omaranhense.com/wp-content/themes/colormag/js/ 3 KB
1 KB 224ms
222ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.0.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: b9688a4c98767ad95142d380bec770f7705c30c1c88a871240e9c40427d9d177

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 13:16:25 GMT
server: Apache
etag: "b05-5b22e27940ae5-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1088
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 wp-embed.min.js Show response
omaranhense.com/wp-includes/js/ 1 KB
847 B 225ms
222ms Script
application/javascript 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
last-modified: Tue, 31 Mar 2020 21:11:25 GMT
server: Apache
etag: "59a-5a22d02a2b940-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 769
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://omaranhense.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 11:20:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 343008
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Mon, 15 Nov 2021 11:20:36 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://omaranhense.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:20:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 170206
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:20:38 GMT

GET
H2 200 t.js Show response
sandflos.com/ 18 KB
18 KB 137ms
70ms Script
application/javascript 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash: 78d4605b0d3a28d67150c9f23e510281d227061e7346d07846c72a822140f69a

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: o3g-Cm_dxrC9DEMaPK9ZkxUTfSX1pHtlaoahZWRJ5XibhVe8lN71uA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 t.js Show response
sandflos.com/ 18 KB
18 KB 132ms
84ms Script
application/javascript 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash: 6f0c437826bfe0fa4014a50ab6551f78c3d15d2e8e0348161a573cf527707920

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: mukgRuaxiXHw5RrTvwXVd-qC9obtCnmqTO-NtFsi1DY_bxzb56dXqg==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 fontawesome-webfont.woff2
omaranhense.com/wp-content/themes/colormag/fontawesome/fonts/ 75 KB
76 KB 210ms
209ms Font
application/octet-stream 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.0.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://omaranhense.com
Referer: https://omaranhense.com/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.0.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
server: Apache
etag: "12d68-5b22e27906d1d"
vary: User-Agent
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 77160
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 bbbcbc85-fd3f-48dd-ba00-5a5f171d0a98-800x445.jpeg
omaranhense.com/wp-content/uploads/2020/11/ 58 KB
59 KB 335ms
330ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/bbbcbc85-fd3f-48dd-ba00-5a5f171d0a98-800x445.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 257bb2b733ae94efcb800660280b8b5ac3a98293175d973d71b75d5f35acd7be

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Thu, 19 Nov 2020 10:31:55 GMT
server: Apache
etag: "e918-5b4733ca8f0df"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 59672
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 unnamed-2020-11-18T174406.273-800x445.jpg
omaranhense.com/wp-content/uploads/2020/11/ 61 KB
62 KB 338ms
333ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/unnamed-2020-11-18T174406.273-800x445.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: a2ad2669d499ad74cb6cba2677faa6267832a5f21b47660f7543c1daf2386d61

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Wed, 18 Nov 2020 22:07:39 GMT
server: Apache
etag: "f5ea-5b468d6f3a8b6"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 62954
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Detran-1-1-800x445.jpg
omaranhense.com/wp-content/uploads/2020/11/ 60 KB
60 KB 336ms
331ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Detran-1-1-800x445.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 324fffb5ff903d92572dfe7ceac90b24c36aa26e7c15c9fc6f36fdc13a071550

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Wed, 18 Nov 2020 18:46:39 GMT
server: Apache
etag: "efbf-5b4660823eaec"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 61375
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 FOTO-2_Suzano_imperatriz-800x445.jpg
omaranhense.com/wp-content/uploads/2020/11/ 92 KB
92 KB 335ms
330ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/FOTO-2_Suzano_imperatriz-800x445.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 19256ce6a7cc028af4e55b27751fb06bbd1629163404bbf576a13fa8342b203f

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Tue, 17 Nov 2020 19:51:21 GMT
server: Apache
etag: "16e78-5b452d1b1450e"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 93816
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Secma-1-800x445.jpeg
omaranhense.com/wp-content/uploads/2020/11/ 93 KB
94 KB 343ms
339ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Secma-1-800x445.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 49ae691f9a910bf1a4ac55e67ec1d47a359fc1926f5bc2086577f328598c6c0b

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Tue, 17 Nov 2020 19:39:12 GMT
server: Apache
etag: "174a1-5b452a631cd5e"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 95393
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Foto-392x272.jpg
omaranhense.com/wp-content/uploads/2020/11/ 24 KB
24 KB 338ms
334ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Foto-392x272.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 27ccbcc1e3ff73d89d8ce22583640dff6e8ca91cf45d860c158d08df220029b4

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Thu, 19 Nov 2020 08:24:28 GMT
server: Apache
etag: "5f55-5b47174d5fe8c"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 24405
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 WhatsApp_Image_2020-11-17_at_15.56.36-392x272.jpeg
omaranhense.com/wp-content/uploads/2020/11/ 20 KB
21 KB 334ms
329ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/WhatsApp_Image_2020-11-17_at_15.56.36-392x272.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: e82cc27d3ecef35d2b35af24efc81dfe281f5c0db966903af59495f42460a07e

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Wed, 18 Nov 2020 11:15:02 GMT
server: Apache
etag: "51f9-5b45fb9024ad9"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 20985
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 WhatsApp-Image-2020-11-17-at-15.49.05-2-392x272.jpeg
omaranhense.com/wp-content/uploads/2020/11/ 23 KB
23 KB 334ms
330ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/WhatsApp-Image-2020-11-17-at-15.49.05-2-392x272.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: d0af456dcaac42be1ae8d48dbd1d4587e3decf85b9b1b14c08a5054e43a77c6a

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Tue, 17 Nov 2020 19:46:54 GMT
server: Apache
etag: "5c66-5b452c1c5307e"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 23654
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 82d7a5037b33b4cf640a371f4be85bd5-392x272.jpeg
omaranhense.com/wp-content/uploads/2020/11/ 10 KB
10 KB 338ms
334ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/82d7a5037b33b4cf640a371f4be85bd5-392x272.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 8ed1ac2159be7c2aa7384a494bef89572790b84c866d8ab47e24fd70da498f6d

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Tue, 17 Nov 2020 14:11:42 GMT
server: Apache
etag: "2648-5b44e13005adb"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 9800
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Foto-1-Yglesio-declara-apoio-a-Braide-390x205.jpg
omaranhense.com/wp-content/uploads/2020/11/ 37 KB
37 KB 335ms
331ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Foto-1-Yglesio-declara-apoio-a-Braide-390x205.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: c0974c808e5d633cc12d9df686eb404acfed6283207cbeb21bd89a28877ce19d

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Wed, 18 Nov 2020 17:49:16 GMT
server: Apache
etag: "9359-5b4653aee12dc"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 37721
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Foto-1-Vereadores-e-candidatos-de-varios-partidos-confirmam-apoio-a-Braide-130x90.jpg
omaranhense.com/wp-content/uploads/2020/11/ 5 KB
5 KB 336ms
332ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Foto-1-Vereadores-e-candidatos-de-varios-partidos-confirmam-apoio-a-Braide-130x90.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: b3ebecd5d8e968b9a3b337b9323d7a86ece0675d7e794bec2ff65ca4b9a0885a

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Wed, 18 Nov 2020 17:15:17 GMT
server: Apache
etag: "1384-5b464c1647cbc"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4996
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Senadora-Eliziane-Gama-e-o-candidato-a-prefeito-Duarte-130x90.jpg
omaranhense.com/wp-content/uploads/2020/11/ 3 KB
3 KB 335ms
331ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Senadora-Eliziane-Gama-e-o-candidato-a-prefeito-Duarte-130x90.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 340188f3c05dea80cd4f2735f635c4f989085917b5e4e2ba933fe1defbb1a392

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Tue, 17 Nov 2020 19:10:18 GMT
server: Apache
etag: "acc-5b4523edb9291"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 2764
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Foto-1-Braide-recebe-apoio-de-deputados-estaduais-130x90.jpg
omaranhense.com/wp-content/uploads/2020/11/ 29 KB
29 KB 411ms
408ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Foto-1-Braide-recebe-apoio-de-deputados-estaduais-130x90.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 2e417791592213c3890a6df05cbd30c59275fcb2387f97ed61243a757f7ea4a9

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Tue, 17 Nov 2020 17:30:49 GMT
server: Apache
etag: "7331-5b450db0e1fdb"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 29489
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Secap-Bomb-2-390x205.jpeg
omaranhense.com/wp-content/uploads/2020/11/ 21 KB
21 KB 335ms
331ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Secap-Bomb-2-390x205.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 708c923e63fd1811649b33480f4dda7d79cb3b9e603e2ef974c7bb4711891208

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Fri, 13 Nov 2020 17:43:39 GMT
server: Apache
etag: "52bb-5b40091a246fb"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21179
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 unnamed-2020-11-13T105516.042-130x90.jpg
omaranhense.com/wp-content/uploads/2020/11/ 4 KB
4 KB 335ms
331ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/unnamed-2020-11-13T105516.042-130x90.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 118e84b97888a53422dc91afd08dcf38a6dbee38e72078ae42bea14fff6907ac

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Fri, 13 Nov 2020 17:40:06 GMT
server: Apache
etag: "f9b-5b40084efc9fb"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 3995
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 26616_escola_digna_matoes_do_norte_14_6892985764296089918-130x90.jpeg
omaranhense.com/wp-content/uploads/2020/11/ 3 KB
3 KB 336ms
332ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/26616_escola_digna_matoes_do_norte_14_6892985764296089918-130x90.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 499f5098c72bd9cc54cd27e20405899e88a6003f054cb2148d8d0245ffeefede

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Thu, 12 Nov 2020 22:05:06 GMT
server: Apache
etag: "a2c-5b3f01ac85ccd"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 2604
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Seduc-ap-1-130x90.jpeg
omaranhense.com/wp-content/uploads/2020/11/ 4 KB
4 KB 335ms
332ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/Seduc-ap-1-130x90.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 99ad627f3ccd08cb9f2753893bbc197034b2131ec039e931864320ea4cc1ec8a

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Thu, 12 Nov 2020 17:23:47 GMT
server: Apache
etag: "f49-5b3ec2cbb41fe"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 3913
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 26668_ses_26668_img_5761485250869224946_4151188500717972425-390x205.jpg
omaranhense.com/wp-content/uploads/2020/11/ 21 KB
21 KB 336ms
333ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/11/26668_ses_26668_img_5761485250869224946_4151188500717972425-390x205.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: a731d54a01f50973cc4d76c62c8c2ccb645ff90c8baf7aa8e8ae515c6460399e

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Tue, 17 Nov 2020 13:27:07 GMT
server: Apache
etag: "525c-5b44d73885e8b"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21084
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Mapa-1-130x90.jpeg
omaranhense.com/wp-content/uploads/2020/10/ 5 KB
5 KB 336ms
333ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/10/Mapa-1-130x90.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: c0e32e72414b99b9ac262187c3f96e3520b549720eb0aff7ceb5303d87f36c4a

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Wed, 28 Oct 2020 18:46:22 GMT
server: Apache
etag: "12ac-5b2bf947683dc"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4780
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 Recomendac%CC%A7o%CC%83es_Ma%CC%81scara-130x90.jpg
omaranhense.com/wp-content/uploads/2020/09/ 5 KB
5 KB 341ms
338ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/09/Recomendac%CC%A7o%CC%83es_Ma%CC%81scara-130x90.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 4b2b86009f9e7cb19ca59279daf7db511e38bef7866d3807e476151e25daacc9

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Tue, 29 Sep 2020 17:24:40 GMT
server: Apache
etag: "1238-5b0770edcfb94"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 4664
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 SES-drive-1-130x90.jpeg
omaranhense.com/wp-content/uploads/2020/09/ 3 KB
4 KB 336ms
333ms Image
image/jpeg 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/wp-content/uploads/2020/09/SES-drive-1-130x90.jpeg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: 49acb615d61e40a2c6fcda6ab7013f5166a18c02877a6f9d01d7e6d8e0c38720

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
last-modified: Fri, 18 Sep 2020 18:40:40 GMT
server: Apache
etag: "df9-5af9ad66a94b1"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
content-length: 3577
expires: Sat, 19 Dec 2020 10:37:24 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 231 KB
87 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 10:37:24 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame E494 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Nov 2020 01:33:36 GMT
expires: Thu, 03 Dec 2020 01:33:36 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 32628
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-73889565-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2880
date: Thu, 19 Nov 2020 09:49:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 19 Nov 2020 11:49:24 GMT

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 97ms
69ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:24 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
387 B 46ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1252375684&t=pageview&_s=1&dl=https%3A%2F%2Fomaranhense.com%2F&ul=en-us&de=UTF-8&dt=O%20Maranhense%20%E2%80%93%20Not%C3%ADcias%20de%20S%C3%A3o%20Lu%C3%ADs%20%7C%20Not%C3%ADcias%20do%20Maranh%C3%A3o%7C%20Pol%C3%ADtica%20%7CEsporte%20%7CPlant%C3%A3o%20Policial%7C%20Loterias%7C%20Apostas%20%7CCovid-19%7C%20Boletim%20Epidemiol%C3%B3gico.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=733884078&gjid=976083382&cid=37356990.1605782245&tid=UA-73889565-1&_gid=939594363.1605782245&_r=1&gtm=2oub41&tc=x&z=241216575

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6C45 55 KB
18 KB 56ms
56ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

5e82a59adf76cb16514416b98f9a094bfe7aaad130c9bfb06a4a82c4db45798c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 519 of 1000 / last-modified: 1605741003"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18247
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:24 GMT

GET
H2 200 stats
sandflos.com/ Frame 50F1 0
0 57ms
56ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/stats?i=ruxdvsbvrcgoqtu1xn&a=e39390f63a1e51ba0a7bcfa3d1cbc55e1&cb=8280081605782244848
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /stats?i=ruxdvsbvrcgoqtu1xn&a=e39390f63a1e51ba0a7bcfa3d1cbc55e1&cb=8280081605782244848
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: meFUdv6IIQunp0IrLt37CS2mdslkBlOPavuw8WWDXSBGTopXzzkFZQ==

GET
H2 200 syncro
sandflos.com/ Frame 0699 0
0 57ms
57ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/syncro?i=ruxdvsbvrcgoqtu1xn&a=00f69c80ddd0e196733907a6f1ff40fd1&cb=7315561605782244850
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /syncro?i=ruxdvsbvrcgoqtu1xn&a=00f69c80ddd0e196733907a6f1ff40fd1&cb=7315561605782244850
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 1drRuTnnwSp8BusvakViQ2--jYou8FnhP6pcw7sSRz3T1ME5K28bYQ==

GET
H2 200 sync
sandflos.com/ Frame C393 0
0 59ms
59ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/sync?i=ruxdvsbvrcgoqtu1xn&a=a0a4b9824988218a8a26c80f136d90b01&cb=9493611605782244851
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /sync?i=ruxdvsbvrcgoqtu1xn&a=a0a4b9824988218a8a26c80f136d90b01&cb=9493611605782244851
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: h9Rf54ez6w3vlD-cg2EDDspdSHHWOtk2wpovyDjs2HkCbuusdGP1_g==

GET
H2 200 user
sandflos.com/ Frame 204B 0
0 83ms
83ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/user?i=ruxdvsbvrcgoqtu1xn&a=9ce8b39977d63632ced6e3947fca53281&cb=5803761605782244852
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /user?i=ruxdvsbvrcgoqtu1xn&a=9ce8b39977d63632ced6e3947fca53281&cb=5803761605782244852
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: f_aTUingsOjlm6kN0nUzw7Qso2YZPxkHuPf95rujO7TqAzSUbKgpUw==

GET
H2 200 counter
sandflos.com/ Frame 3976 0
0 79ms
79ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/counter?i=ruxdvsbvrcgoqtu1xn&a=918514c4e2ffc2458fdd4891fcaafad67&cb=8754621605782244854
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /counter?i=ruxdvsbvrcgoqtu1xn&a=918514c4e2ffc2458fdd4891fcaafad67&cb=8754621605782244854
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: tu9kvykXPqnSLSD04unPHukW8u4gbOUnDOHLcKa1rXdCxF9VaRv6uw==

GET
H2 200 usersync
sandflos.com/ Frame 4B99 0
0 99ms
98ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/usersync?i=ruxdvsbvrcgoqtu1xn&a=33e1f8482e889c99e252f0fec7f079db7&cb=3778261605782244855
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /usersync?i=ruxdvsbvrcgoqtu1xn&a=33e1f8482e889c99e252f0fec7f079db7&cb=3778261605782244855
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: jpruk7GKKGiLDipsJO5Lv5BxY4SQ0nNReL8RHCctHId3-3ZBen4bTw==

GET
H2 200 stat
sandflos.com/ Frame 5F33 0
0 96ms
96ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/stat?i=ruxdvsbvrcgoqtu1xn&a=85594ff5eff4dfb33a431ad9f79f716e3&cb=0300931605782244856
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /stat?i=ruxdvsbvrcgoqtu1xn&a=85594ff5eff4dfb33a431ad9f79f716e3&cb=0300931605782244856
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 8-c0lmJ9csAU4POMlww0uLSQfY6ypZzaVvpxFmzxOhIdZqlCgk44SQ==

GET
H2 200 syncro
sandflos.com/ Frame 8D62 0
0 96ms
96ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/syncro?i=ruxdvsbvrcgoqtu1xn&a=7ba2c02a8ad0959ba0b7a41c1b66d76e9&cb=2169651605782244858
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /syncro?i=ruxdvsbvrcgoqtu1xn&a=7ba2c02a8ad0959ba0b7a41c1b66d76e9&cb=2169651605782244858
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: sYoHNvtDs9id-mc-a_ctXBisVXNnXfwucsv1DcKXi9TVX_b0yV9qvg==

GET
H2 200 syncro
sandflos.com/ Frame 3251 0
0 97ms
97ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/syncro?i=ruxdvsbvrcgoqtu1xn&a=0992291fa6ccee7a26b123ecedbd55f35&cb=1486071605782244859
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /syncro?i=ruxdvsbvrcgoqtu1xn&a=0992291fa6ccee7a26b123ecedbd55f35&cb=1486071605782244859
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ur90DAG3t2sQwOkkIAOuLrsSaT6K1o63tBUfjn21xYMPXBzm-f8HzQ==

GET
H2 200 async_usersync
sandflos.com/ Frame 8523 0
0 96ms
96ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/async_usersync?i=ruxdvsbvrcgoqtu1xn&a=e0ef1d3f359871e93e9bf6fa97a0ad929&cb=5456621605782244860
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /async_usersync?i=ruxdvsbvrcgoqtu1xn&a=e0ef1d3f359871e93e9bf6fa97a0ad929&cb=5456621605782244860
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: INvgfD0ySKOeRnQCWpAvFd4odVASYGa0Y4bU_Cx5VLjfxHxJ_ewTkg==

GET
H2 200 stats
sandflos.com/ Frame 2BC3 0
0 91ms
91ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/stats?i=ruxdvsbvrcgoqtu1xn&a=29f5dcb88f9637d6cd892e54d5167afe3&cb=6661201605782244861
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /stats?i=ruxdvsbvrcgoqtu1xn&a=29f5dcb88f9637d6cd892e54d5167afe3&cb=6661201605782244861
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Gst_DIgKJBa5A8dcApnoBA_FmrlOdFqjuz3bPM_4OMF37gUbEBq1fQ==

GET
H2 200 usync
sandflos.com/ Frame 2D96 0
0 102ms
102ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/usync?i=ruxdvsbvrcgoqtu1xn&a=d543570f19c6b2de8f6a3a1c35f396c07&cb=2731291605782244862
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /usync?i=ruxdvsbvrcgoqtu1xn&a=d543570f19c6b2de8f6a3a1c35f396c07&cb=2731291605782244862
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: OSL9bShTKSkdmqYdipozT1eaiYLgCRF3UnE_ZWXafNcLqxBo5TOKBw==

GET
H2 200 count
sandflos.com/ Frame E9F3 0
0 93ms
93ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/count?i=ruxdvsbvrcgoqtu1xn&a=2bdc637421b5ff5be9867dc01d403cde9&cb=1190071605782244864
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /count?i=ruxdvsbvrcgoqtu1xn&a=2bdc637421b5ff5be9867dc01d403cde9&cb=1190071605782244864
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: QHn7IhSAON706zQPVwRS-18y9W3DqJayAdHp1ZQDpzrMttr8fNSnrw==

GET
H2 200 count
sandflos.com/ Frame 100C 0
0 91ms
90ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/count?i=ruxdvsbvrcgoqtu1xn&a=eaccb7336a1ceff07b2c4fed03a2e1661&cb=8002431605782244865
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /count?i=ruxdvsbvrcgoqtu1xn&a=eaccb7336a1ceff07b2c4fed03a2e1661&cb=8002431605782244865
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: iZSnsw_lCFX8IAK_EPbh0LnCw2UFh5VFY0dqcj4GJoEjyU51wVr4nw==

GET
H2 200 user
sandflos.com/ Frame DCEC 0
0 99ms
98ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/user?i=ruxdvsbvrcgoqtu1xn&a=e76bd0b0c79e033cbb79775d4ab543c89&cb=0900101605782244866
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /user?i=ruxdvsbvrcgoqtu1xn&a=e76bd0b0c79e033cbb79775d4ab543c89&cb=0900101605782244866
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: qpXOjIyFji15w9bEwPB0oYsjsQqXzLGuvMYErHTDJk4ZDZ4mCaQw3g==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
437 B 31ms
30ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=omaranhense.com&callback=_gfp_s_&client=ca-pub-2045836159571176

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

2fbd4ee154c55ec9bbc7577c4a8706e6c1fff9feb7101b0ccf2855372eb5148e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 36ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 37ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7F0E 0
0 260ms
259ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=90&slotname=6592835142&adk=3043659451&adf=3614600137&pi=t.ma~as.6592835142&w=728&lmt=1605782244&psa=0&format=728x90&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782244763&bpp=12&bdt=549&idt=116&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8697468774093&frm=20&pv=2&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=202042417824&dssz=44&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=18727ukk5J&p=https%3A//omaranhense.com&dtd=134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=90&slotname=6592835142&adk=3043659451&adf=3614600137&pi=t.ma~as.6592835142&w=728&lmt=1605782244&psa=0&format=728x90&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782244763&bpp=12&bdt=549&idt=116&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8697468774093&frm=20&pv=2&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=202042417824&dssz=44&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=639&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=18727ukk5J&p=https%3A//omaranhense.com&dtd=134
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Nov 2020 10:37:25 GMT
server: cafe
content-length: 7365
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Nov-2020 10:52:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Nov 2020 10:37:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 58ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:24 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 26C6 55 KB
18 KB 57ms
56ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

5e82a59adf76cb16514416b98f9a094bfe7aaad130c9bfb06a4a82c4db45798c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 569 of 1000 / last-modified: 1605741003"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18247
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:24 GMT

GET
H2 200 count
sandflos.com/ Frame 8748 0
0 122ms
121ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/count?i=c4im3yhdlmn8a2029ntt&a=54e2bbd1285efcfe6bbe63de4b596a785&cb=6203941605782244935
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /count?i=c4im3yhdlmn8a2029ntt&a=54e2bbd1285efcfe6bbe63de4b596a785&cb=6203941605782244935
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: EHNK1VB1WcprGNn0AX-udXL7ga2x4Wp244OjQNLrQA1F6nosR_sdaw==

GET
H2 200 usync
sandflos.com/ Frame 6ABC 0
0 121ms
121ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/usync?i=c4im3yhdlmn8a2029ntt&a=caa1f0a13a630cc744f7de9eb03a37b61&cb=9743841605782244937
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /usync?i=c4im3yhdlmn8a2029ntt&a=caa1f0a13a630cc744f7de9eb03a37b61&cb=9743841605782244937
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Qf5F_zLUOGmjRw-e-_BBhKbgWjnG4lVTwfp9a3d4ZEGkDIngpV4QWA==

GET
H2 200 syncro
sandflos.com/ Frame BE80 0
0 120ms
94ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/syncro?i=c4im3yhdlmn8a2029ntt&a=b67556de1e38981131d24d40ce1174d95&cb=2473601605782244938
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /syncro?i=c4im3yhdlmn8a2029ntt&a=b67556de1e38981131d24d40ce1174d95&cb=2473601605782244938
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 4XKytRN-n_4HLe3aeG2ts30mgmby37qZF8T-2kyuTBlMd-_zEr8BKg==

GET
H2 200 syncro
sandflos.com/ Frame 1D05 0
0 99ms
95ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/syncro?i=c4im3yhdlmn8a2029ntt&a=b32c65a30776f7313f348926dec0e7f69&cb=3614671605782244939
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /syncro?i=c4im3yhdlmn8a2029ntt&a=b32c65a30776f7313f348926dec0e7f69&cb=3614671605782244939
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: bndx-JLDG01DxIsIxV8Vr7Dp-SHQmSKS8xW2GadMM-k8LbeDrYk91g==

GET
H2 200 usync
sandflos.com/ Frame 94AD 0
0 99ms
97ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/usync?i=c4im3yhdlmn8a2029ntt&a=52fde360a6eefd8e1cab633f47ad0e663&cb=5947201605782244959
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /usync?i=c4im3yhdlmn8a2029ntt&a=52fde360a6eefd8e1cab633f47ad0e663&cb=5947201605782244959
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: W7NwYMNcnhubFrhTZdrgJLKFJPTcKat_PdiI51s2zVMJddzFn-7l2g==

GET
H2 200 usync
sandflos.com/ Frame 0C13 0
0 94ms
93ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/usync?i=c4im3yhdlmn8a2029ntt&a=27e9709e687d9aba2493e24904a0b1467&cb=0115541605782244961
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /usync?i=c4im3yhdlmn8a2029ntt&a=27e9709e687d9aba2493e24904a0b1467&cb=0115541605782244961
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:24 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: rAQrhgcbx8I8pwmt4a61kkmjFHvAmr76TsT5db0TDn_rhij_J2xhAg==

GET
H2 200 user
sandflos.com/ Frame 2555 0
0 92ms
91ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/user?i=c4im3yhdlmn8a2029ntt&a=1a363d662a0ae1a6cc5ffbab906765757&cb=9617501605782244963
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /user?i=c4im3yhdlmn8a2029ntt&a=1a363d662a0ae1a6cc5ffbab906765757&cb=9617501605782244963
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: CSNzmkL6sIs-JLj02YFfMoQYOP_NtD_pArd9aRiF2EBZGH8bvj3yrg==

GET
H2 200 usync
sandflos.com/ Frame 3DB2 0
0 88ms
88ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/usync?i=c4im3yhdlmn8a2029ntt&a=83ff63af209e45598cf2f111f6786b6f9&cb=3895901605782244964
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /usync?i=c4im3yhdlmn8a2029ntt&a=83ff63af209e45598cf2f111f6786b6f9&cb=3895901605782244964
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: h0PTDlIZHRelPCFTjK47WjetygyjR84q2JFi6otlRlrIF1nZjFCeHw==

GET
H2 200 stat
sandflos.com/ Frame 449C 0
0 87ms
86ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/stat?i=c4im3yhdlmn8a2029ntt&a=cc2b663770aeea348d11bbc244bb88af9&cb=7564881605782244965
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /stat?i=c4im3yhdlmn8a2029ntt&a=cc2b663770aeea348d11bbc244bb88af9&cb=7564881605782244965
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: yEMCU8hJ9Y-DiL_dKF3zvNMUSZXRb7P3XhSRyrdGG3Xs9C7jPjdG_g==

GET
H2 200 stat
sandflos.com/ Frame D5D1 0
0 87ms
87ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/stat?i=c4im3yhdlmn8a2029ntt&a=bb73d238463f6f89e075cc1ff68a969b3&cb=5708801605782244966
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /stat?i=c4im3yhdlmn8a2029ntt&a=bb73d238463f6f89e075cc1ff68a969b3&cb=5708801605782244966
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: EpR63wYEEDJFO7vJXhX5Xryl-oqqByHDdx2Z9oIq7LwkRddTgmEMxw==

GET
H2 200 sync
sandflos.com/ Frame 9561 0
0 86ms
86ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/sync?i=c4im3yhdlmn8a2029ntt&a=28e9f1ec48f2b394a11e30a6de73abcb1&cb=0644211605782244967
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /sync?i=c4im3yhdlmn8a2029ntt&a=28e9f1ec48f2b394a11e30a6de73abcb1&cb=0644211605782244967
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: E2GtGzXnVYuSlMZoufYKYek-v39bBLy5I8rqNmsuTE-bAls5nHqyAg==

GET
H2 200 counter
sandflos.com/ Frame 3163 0
0 86ms
85ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/counter?i=c4im3yhdlmn8a2029ntt&a=711cf67cdff420f56fda25c9b62d889c9&cb=7930351605782244969
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /counter?i=c4im3yhdlmn8a2029ntt&a=711cf67cdff420f56fda25c9b62d889c9&cb=7930351605782244969
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 6b04trmBnp41C4ARGo6mPAf9fOijCSN_Pe1vBt4aSw3FZhVehIeX5w==

GET
H2 200 async_usersync
sandflos.com/ Frame D99E 0
0 89ms
89ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/async_usersync?i=c4im3yhdlmn8a2029ntt&a=3352997c9fb86f3175899458fbbac4667&cb=1101201605782244970
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /async_usersync?i=c4im3yhdlmn8a2029ntt&a=3352997c9fb86f3175899458fbbac4667&cb=1101201605782244970
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: sBU5ohA5oioQqLITo-13FL21Wigxdb4eOTHYbtDD67xCetxIIwe1fw==

GET
H2 200 stats
sandflos.com/ Frame A1AD 0
0 83ms
83ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/stats?i=c4im3yhdlmn8a2029ntt&a=ab77823e3ad2b6ebd34aa8d65c410ead5&cb=8387491605782244971
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /stats?i=c4im3yhdlmn8a2029ntt&a=ab77823e3ad2b6ebd34aa8d65c410ead5&cb=8387491605782244971
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ZQ02O5gQGx-7hy-X9FZPkBBCJQnrpFSAe7Us9If70OInopfEjV65kw==

GET
H2 200 count
sandflos.com/ Frame 3223 0
0 85ms
84ms Document
text/html 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandflos.com/count?i=c4im3yhdlmn8a2029ntt&a=f31cc0503119c640194c908f3bfc892e1&cb=3793671605782244973
Requested by: Host: sandflos.com
URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: sandflos.com
:scheme: https
:path: /count?i=c4im3yhdlmn8a2029ntt&a=f31cc0503119c640194c908f3bfc892e1&cb=3793671605782244973
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=9f68dd4afeb564fe23daaa50ed0b455f33d5adc5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 19 Nov 2020 10:37:25 GMT
x-cache: Miss from cloudfront
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 0OShvyOEY9r1cLWHBz9ZdlTXAD8F-XDwsvqUiyD481MqwYmCMQljAw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 112ms
13ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-73889565-1&cid=37356990.1605782245&jid=733884078&gjid=976083382&_gid=939594363.1605782245&_u=IEBAAUAAAAAAAC~&z=1510969239

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Nov 2020 10:37:25 GMT
content-type: text/plain
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 37BD 0
0 334ms
313ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=620085199&adf=1143458965&pi=t.ma~as.5394759653&w=300&lmt=1605782244&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782244776&bpp=2&bdt=561&idt=208&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=8998135440032&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=2967&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FetKZEIubF&p=https%3A//omaranhense.com&dtd=213

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=620085199&adf=1143458965&pi=t.ma~as.5394759653&w=300&lmt=1605782244&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782244776&bpp=2&bdt=561&idt=208&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=8998135440032&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=2967&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FetKZEIubF&p=https%3A//omaranhense.com&dtd=213
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Nov 2020 10:37:25 GMT
server: cafe
content-length: 7365
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Nov-2020 10:52:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Nov 2020 10:37:25 GMT
cache-control: private

GET
H2 200 pxl.jpg
sandflos.com/ 597 B
831 B 123ms
20ms Image
image/jpeg 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sandflos.com/pxl.jpg?i=ruxdvsbvrcgoqtu1xn&s=784&p=https%3A%2F%2Fomaranhense.com%2F&rstk=https%3A%2F%2Fomaranhense.com%2F&h=7285641605782244998
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-length: 597
x-amz-cf-id: PeEljzKDIhcT2fG_SDNEcmCtc153ZSE9SYwBkFy3xto4bposho8-RA==
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8

GET
H2 200 gftnvg.js Show response
api.grumft.com/common/ 389 B
499 B 199ms
104ms Script
application/javascript 192.95.31.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.grumft.com/common/gftnvg.js
Requested by: Host: api.grumft.com
URL: https://api.grumft.com/gt/ZONA_IAB_300x250_1/18b76f7dc6b22e4ff985b2e5034dd5c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.31.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns510949.ip-192-95-31.net
Software: nginx /
Resource Hash: 1159e31f89e96cd472b8784ff95bc79fcd24862264ec2dacd6be35fd53242b2d

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 23:58:11 GMT
server: nginx
etag: W/"5f6be113-185"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 19 Nov 2021 10:37:25 GMT

GET
H2 200 fpgft.min.js Show response
api.grumft.com/fp_gft/ 24 KB
8 KB 201ms
107ms Script
application/javascript 192.95.31.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.grumft.com/fp_gft/fpgft.min.js
Requested by: Host: api.grumft.com
URL: https://api.grumft.com/gt/ZONA_IAB_300x250_1/18b76f7dc6b22e4ff985b2e5034dd5c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.95.31.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns510949.ip-192-95-31.net
Software: nginx /
Resource Hash: 56000584d571bf93576734b6f2ff652d38494c520fa96f5e0b1d1dac28f5e651

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: gzip
last-modified: Fri, 22 May 2020 14:34:59 GMT
server: nginx
etag: W/"5ec7e313-616c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 19 Nov 2021 10:37:25 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
18 KB 91ms
67ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.grumft.com
URL: https://api.grumft.com/gt/ZONA_IAB_300x250_1/18b76f7dc6b22e4ff985b2e5034dd5c7.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae97877953a9de26a932b0f9d346637d0ac7029f6da7cbe76d53546230c62d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 797 of 1000 / last-modified: 1605740934"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:25 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 118ms
26ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167579228-1

Requested by

Host: api.grumft.com
URL: https://api.grumft.com/gt/ZONA_IAB_300x250_1/18b76f7dc6b22e4ff985b2e5034dd5c7.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a42881678450add9dff5deee2ac28431f77a8fae59d7d6df949699d46176f4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38697
x-xss-protection: 0
last-modified: Thu, 19 Nov 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Nov 2020 10:37:25 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 127ms
35ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167579228-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-73889565-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99da0edc36611d25bd98a1908507bfd265a8cc52634dc8ce6df846f0b29ac491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38724
x-xss-protection: 0
last-modified: Thu, 19 Nov 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Nov 2020 10:37:25 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
18 KB 87ms
68ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

3bf09f5b88bc9b80792efb42f8243afb36c40e6c153cec54bd8daed5ff23099b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 154 of 1000 / last-modified: 1605741003"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18260
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:25 GMT

GET
H3-Q050 200 pubads_impl_2020111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6C45 277 KB
98 KB 172ms
89ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

35b7f92fe5fa921ff5e686240c5951435b762f2b0b966b3f127245e086e26991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 09:41:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:25 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 319ms
319ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=339263271%2Cadex_maranhaoesportes.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&bc=31&abxe=1&lmt=1605782245&dt=1605782245263&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=639&adys=456&adks=3440138205&ucis=1&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=75&icsg=3002225232871978&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

37b2622c212b61f9eced9f39259fcae71446f5927782ed29fcbf5c2b98a2e2eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10608
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 107ms
14ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
593 B 315ms
314ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=21856261383%2Comaranhense320x50&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&bc=31&abxe=1&lmt=1605782245&dt=1605782245272&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=843&adys=553&adks=1275492256&ucis=2&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=75&icsg=3002225232871978&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

fe5b1787fe320ab28e3ee9a18f0feea955438c4f9a6fab32a02ca1d210520169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 493ms
491ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=21856261383%2Comaranhense728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&bc=31&abxe=1&lmt=1605782245&dt=1605782245277&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=639&adys=650&adks=1321494340&ucis=3&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=75&icsg=3002225232871978&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

597b7b09ede9fc59cde183b0262049d0064671066104a3417ef86a7f52d3ac8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10482
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 785ms
784ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=21856261383%2Comaranhense468x60&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&bc=31&abxe=1&lmt=1605782245&dt=1605782245281&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=769&adys=747&adks=1426179370&ucis=4&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=75&icsg=3002225232871978&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

d7cdbdc578b918821e5a7b74c707e937addcb6faa9dbf437fe5480fbcd77bcf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10407
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid4.7.0.js Show response
s0.2mdn.net/dfp/517466/4406976690/1600366998559/ Frame 600A 217 KB
69 KB 194ms
59ms Script
text/javascript 2a00:1450:4001:81a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=omaranhense.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34ab29548ce7868549c3f692e2d1adbd1f2f21b65645fe8fbe9c3eac219550e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37083
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70920
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 18:23:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 20 Nov 2020 00:19:22 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 600A 55 KB
18 KB 127ms
118ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=omaranhense.inter

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae97877953a9de26a932b0f9d346637d0ac7029f6da7cbe76d53546230c62d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 71 of 1000 / last-modified: 1605740934"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:25 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 600A 1 KB
1 KB 274ms
71ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 10:37:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 20 Nov 2020 10:37:25 GMT

GET
H2 200 prebid4.7.0.js Show response
s0.2mdn.net/dfp/517466/4406976690/1600366998559/ Frame 9C43 217 KB
69 KB 195ms
65ms Script
text/javascript 2a00:1450:4001:81a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=omaranhense.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34ab29548ce7868549c3f692e2d1adbd1f2f21b65645fe8fbe9c3eac219550e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37083
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70920
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 18:23:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 20 Nov 2020 00:19:22 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9C43 55 KB
18 KB 124ms
115ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=omaranhense.inter

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae97877953a9de26a932b0f9d346637d0ac7029f6da7cbe76d53546230c62d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 908 of 1000 / last-modified: 1605740934"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:25 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 9C43 1 KB
1 KB 269ms
71ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 10:37:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 20 Nov 2020 10:37:25 GMT

GET
H2 200 prebid4.7.0.js Show response
s0.2mdn.net/dfp/517466/4406976690/1600366998559/ Frame 4731 217 KB
69 KB 281ms
155ms Script
text/javascript 2a00:1450:4001:81a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=omaranhense.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34ab29548ce7868549c3f692e2d1adbd1f2f21b65645fe8fbe9c3eac219550e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37083
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70920
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 18:23:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 20 Nov 2020 00:19:22 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4731 55 KB
18 KB 178ms
57ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=omaranhense.inter

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae97877953a9de26a932b0f9d346637d0ac7029f6da7cbe76d53546230c62d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "698 / 725 of 1000 / last-modified: 1605740934"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:25 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 4731 1 KB
1 KB 300ms
22ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 10:37:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 20 Nov 2020 10:37:25 GMT

GET
DATA 200
OK truncated
/ Frame 600A 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d29c25135fb0c32bedde6dd601893998041f2e0ff76f2ffdc73eaab6303e6919

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9C43 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d29c25135fb0c32bedde6dd601893998041f2e0ff76f2ffdc73eaab6303e6919

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1577 0
0 67ms
55ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&adk=1812271804&adf=3025194257&lmt=1605782245&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fomaranhense.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245498&bpp=61&bdt=1284&idt=61&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&prev_fmts=728x90%2C300x250&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=143085233946623&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&dtd=107

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&adk=1812271804&adf=3025194257&lmt=1605782245&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fomaranhense.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245498&bpp=61&bdt=1284&idt=61&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&prev_fmts=728x90%2C300x250&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=143085233946623&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&dtd=107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkZvZeXImB3ODgKwC8bx55IaryopOzFIBmPafVTSL0BJvzoWtBjdepXHFa_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 19 Nov 2020 10:37:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pastoclockp.js Show response
data.gblcdn.com/data/ 21 KB
6 KB 353ms
73ms Script
application/javascript 2606:4700:3034::ac43:b802
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gblcdn.com/data/pastoclockp.js?id=841756e43b90452fb1c1&pubid=7895a300-9126-11ea-a2b3-876aecb6db10&pid=mholavwnelh&renderD=0&limitT=0&limitH=24&t=i&mt=b
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b802 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e164b18bde0c8cb2d5b27728b03406fccd9e02b6a8ea597f726d003b6db7eb2f

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
content-encoding: br
cf-request-id: 0681ada9ff000097661ba66000000001
last-modified: Wed, 18 Nov 2020 10:54:13 GMT
server: cloudflare
etag: W/"6f4889f8e38ca8e79c6ad96629f9b993"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZmTAJCX3UAsV5H7P4rShsS0%2F3IseDTxfBvMNfHZi7NM3aGG1s2dVi%2FzasSGOGGFd3SYF8Cge7h7sM9OXPs98a8u7VnC39PXET%2FeJ5XrMBLrWRJV9xduHb7677zE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 5f494bbcc8c29766-FRA
x-amz-cf-id: k1cyGr4fmyIuWErhP5CfGgJrW1SLP9ci1ujHkovA_KTw9s0QZxKi6A==

GET
H2 200 pxl.jpg
sandflos.com/ 597 B
832 B 285ms
87ms Image
image/jpeg 143.204.201.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sandflos.com/pxl.jpg?i=c4im3yhdlmn8a2029ntt&s=784&p=https%3A%2F%2Fomaranhense.com%2F&rstk=https%3A%2F%2Fomaranhense.com%2F&h=0494821605782245674
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-94.fra53.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:25 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-length: 597
x-amz-cf-id: xBwERqJu2kT8Q0E0X-uqYDxpQivlf0dvj4vUw_U0p6Jzq8Mp3Fao-A==
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6E56 0
0 414ms
402ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=2829751114&adf=3422312891&pi=t.ma~as.5394759653&w=300&lmt=1605782245&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245071&bpp=2&bdt=857&idt=2&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&prev_fmts=728x90%2C300x250%2C0x0&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=572340935786492&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=cZTIwZ8ECZ&p=https%3A//omaranhense.com&dtd=721

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=2829751114&adf=3422312891&pi=t.ma~as.5394759653&w=300&lmt=1605782245&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245071&bpp=2&bdt=857&idt=2&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c33b36d26f3b1e6-221171e772a60077%3AT%3D1605782244%3ART%3D1605782244%3AS%3DALNI_Ma2hAdBeI2S3sxkerv-rl8sHc8rFg&prev_fmts=728x90%2C300x250%2C0x0&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=572340935786492&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=1534&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=cZTIwZ8ECZ&p=https%3A//omaranhense.com&dtd=721
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkZvZeXImB3ODgKwC8bx55IaryopOzFIBmPafVTSL0BJvzoWtBjdepXHFa_
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Nov 2020 10:37:26 GMT
server: cafe
content-length: 32216
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 0B06 180 KB
51 KB 196ms
0ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 0B06 13 KB
5 KB 205ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 0B06 90 KB
27 KB 275ms
0ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 0B06 3 KB
1 KB 276ms
0ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418848
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 0B06 41 KB
13 KB 276ms
0ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 2057338493772793366
tpc.googlesyndication.com/simgad/ Frame 0B06 69 KB
69 KB 96ms
13ms Image
image/gif 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2057338493772793366

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

461b691fdff2000db9b41c9e8f8ea202059bb7d9f3ce4b09a69a351d0cfd45d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 23:30:48 GMT
x-content-type-options: nosniff
age: 39997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70401
x-xss-protection: 0
last-modified: Tue, 19 May 2020 14:18:32 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Nov 2021 23:30:48 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0B06 3 KB
3 KB 107ms
14ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48474
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0B06 344 B
439 B 108ms
15ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83036
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
H3-Q050

200

B24645037.282703885;dc_pre=COvq74K1ju0CFVztuwgdu7EKxQ;dc_trk_aid=476405798;dc_trk_cid=138017996;ord=1494378667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 0B06
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24645037.282703885;dc_trk_aid=476405798;dc_trk_cid=138017996;ord=1494378667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24645037.282703885;dc_pre=COvq74K1ju0CFVztuwgdu7EKxQ;dc_trk_aid=476405798;dc_trk_cid=138017996;ord=1494378667;dc_lat=;dc_rdid=;tag...

42 B
76 B

83ms
74ms

Image
image/gif

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24645037.282703885;dc_pre=COvq74K1ju0CFVztuwgdu7EKxQ;dc_trk_aid=476405798;dc_trk_cid=138017996;ord=1494378667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24645037.282703885;dc_pre=COvq74K1ju0CFVztuwgdu7EKxQ;dc_trk_aid=476405798;dc_trk_cid=138017996;ord=1494378667;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0B06 0
0 188ms
95ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CW0h-5Uq2X42OFMy01wbWjJ6gAcCNyoxg_O2l16EMv_-549cCEAEg_77uLGC56L6A1AGgAfS4v8UDyAED4AIAqAMByAMIqgTLAU_QQKx1mKGPCgD86ohiAN6TZLxWYQ-jFrW_2NH3bJ8RGGq1SYLrzeaA_y5cTuPjhiBjZDmK3tvdIJIMKHsFq1UGBYSX41qNUQppYpwhFtzuH5uSXglVUzeOz3S5w9w5UfV7f-piVf6g4nt3afIjNdEVGwR5JU8pnZfLmhFQtSq2h1AA8z805_ODj_WGMl_AeUVYHLBiEf5OdR8MMTAQZFXuXTg51TPaqWuoGF5hACZBO2XWkUAG4r3z6epn4ZU43981rLE6z9UrG4J6wATOr_OxmwPgBAGSBQQIBBgBkgUECAUYBKAGA4AHkNLDpQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ1OIJ0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MDE3MzMzNDYwMjI5NDUzgAoDyAsB2BMNshcaChgIARIUcHViLTM0MjMwODU1NDUyOTYyMzE&sigh=r97gzUKIGIY&tpd=AGWhJmvAkk0rmNwLcazGR7TLvmtbMIb0J2fheambiJIWBoA40A
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 pubads_impl_2020111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 26C6 277 KB
98 KB 399ms
105ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

35b7f92fe5fa921ff5e686240c5951435b762f2b0b966b3f127245e086e26991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 09:41:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:26 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame E44E 180 KB
50 KB 109ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E44E 13 KB
6 KB 107ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E44E 90 KB
27 KB 109ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E44E 3 KB
1 KB 108ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418848
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E44E 41 KB
13 KB 191ms
92ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E44E 3 KB
3 KB 189ms
90ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48475
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E44E 344 B
374 B 189ms
90ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83037
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 1489696161280218615
tpc.googlesyndication.com/daca_images/simgad/ Frame E44E 14 KB
14 KB 205ms
10ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1489696161280218615

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0da294077b83353f593503a70b86fa83b54e822a24f3ca63af89f05064a5595a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 15 Nov 2020 21:21:14 GMT
x-content-type-options: nosniff
age: 306972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14426
x-xss-protection: 0
last-modified: Fri, 29 Jun 2018 07:55:16 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Nov 2021 21:21:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E44E 0
0 397ms
12ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPBUndXqja2oEVzmjRemLdz7sPR9eigsmfKSZuyVCM6ZKmcPGyU7i7hkhC0ne6-ttzovzBn2kfZ-IWEZ4xS3AmL_9G1w
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E44E 0
0 290ms
95ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8-X85Uq2X_KNH4m71wa_mIzoAfjfrLpesPzZpvsMkLXes5AbEAEg4pGsIWC56L6A1AGgAc-wiIEDyAECqQJ_FEdEbeGzPuACAKgDAcgDCKoE1gFP0FsL5KA_7q1uaMuqGRO6B1r0JsiIz6jl34Q9qISzA8Sa9G27k2MzOGB9FAKf_u3sISS78TJfACrrVMx_BQc1GPVrJhaKJtlzsNcKXO0IzBN7J-FLgmJeRLjG14PYP90COwkqUrgZUMRzlSmSDOCqxx3JgwRX1VuFVdjTRmiQXz7f6s8FCok-W1ZAMGuwZKijnn7L3HIz5SXXQcjpbxSn3wh-4E8a5rBGc3UvqfOtdyVruSLvuUJipQQWXCZ0vaVGhfGViue7luk_GQuv-tJROjXv0ONOwATZ6s61lgPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHmc_3fqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCLjwHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU4ODYwMTE0OTYzNzc4MDaACgPICwHYEwyyFxoKGAgBEhRwdWItNzc4MjU0NTA1MzQ3MTE4Mg&sigh=n3IQuFPOhvs&tpd=AGWhJmta8WpE9gpNgpfFIhqxr6YaWpOwIpiRmZhFxHqTbbyZNA
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 8 KB
3 KB 209ms
10ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: api.grumft.com
URL: https://api.grumft.com/common/gftnvg.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c23533b2dcb73c3435e60d435042b1ef7076f4ddce6af81b596c26e66e814e1

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2695
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 0681adac43000005c8ec8a8000000001
last-modified: Tue, 05 Feb 2019 21:24:03 GMT
server: cloudflare
etag: W/"5c59fef3-1f1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 5f494bc06be705c8-FRA
expires: Thu, 19 Nov 2020 10:52:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 6C45 109 B
803 B 126ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6C45 109 B
781 B 86ms
68ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6C45 27 KB
10 KB 292ms
291ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1119503207660277&correlator=161359634527812&output=ldjh&impl=fifs&eid=21068793%2C21068418%2C21067495&vrg=2020111801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=21671350435%2C728x90-omaranhense.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D0c33b36d26f3b1e6%3AT%3D1605782244%3AS%3DALNI_MYqFZPGItvZ0MYb49ynGyfSKHAGKg&cdm=omaranhense.com&bc=31&abxe=1&lmt=1605782246&dt=1605782246481&dlt=1605782244846&idt=1538&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=-12245933&adys=-12245933&adks=3660869937&ucis=iacii8riihed&ifi=1&ifk=2996954838&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fomaranhense.com%2F&top=https%3A%2F%2Fomaranhense.com%2F&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=37356990.1605782245&ga_sid=1605782246&ga_hid=132255683&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ae39627b74c7767fa84f0e1ef24a31278e1cde96990c1907a66f3bdf5231add7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10611
x-xss-protection: 0
google-lineitem-id: 5274402841
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138300733128
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
df2c4561db00ee4e25db5fb0f96a3acc.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6C45 0
0 27ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://df2c4561db00ee4e25db5fb0f96a3acc.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame A8C6 180 KB
50 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A8C6 13 KB
5 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A8C6 90 KB
27 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A8C6 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418848
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A8C6 41 KB
13 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A8C6 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48475
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A8C6 344 B
369 B 8ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83037
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 18353852530520273248
tpc.googlesyndication.com/simgad/ Frame A8C6 32 KB
32 KB 10ms
9ms Image
image/gif 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18353852530520273248

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1920ffd54914a3f836fcc5736afbd4509173f880d3c87ef9d8cb954739a19e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:54:09 GMT
x-content-type-options: nosniff
age: 34997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32694
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 11:39:18 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Nov 2021 00:54:09 GMT

GET
H3-Q050

200

B24842908.286398644;dc_pre=CPjwk4O1ju0CFdCVdwodZNQLYw;dc_trk_aid=480256884;dc_trk_cid=140464175;ord=3052152199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame A8C6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24842908.286398644;dc_trk_aid=480256884;dc_trk_cid=140464175;ord=3052152199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24842908.286398644;dc_pre=CPjwk4O1ju0CFdCVdwodZNQLYw;dc_trk_aid=480256884;dc_trk_cid=140464175;ord=3052152199;dc_lat=;dc_rdid=;tag...

42 B
88 B

103ms
94ms

Image
image/gif

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24842908.286398644;dc_pre=CPjwk4O1ju0CFdCVdwodZNQLYw;dc_trk_aid=480256884;dc_trk_cid=140464175;ord=3052152199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24842908.286398644;dc_pre=CPjwk4O1ju0CFdCVdwodZNQLYw;dc_trk_aid=480256884;dc_trk_cid=140464175;ord=3052152199;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A8C6 0
0 33ms
32ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Catzj5Uq2X6PrK9ad1wbrhYuIA8CNyoxgh9_I8dQMv_-549cCEAEgnbK2N2C56L6A1AGgAfS4v8UDyAED4AIAqAMByAMIqgTcAU_QUAoYkzuZAt1_LYdPKRBHfrmbF5sGZa3E0XVh3VtlSMKny0ecnyjIMUAHOU7EdcT9Lwrb6dSkyQi8cVU1b3fpXQSUGgR4AP8B00e-0jsn1gnBaoIBqe62A1Q1bFi8Hdyc7-dLAE4xq9mV04ZR7MsejQRpNqWC3mz9t8kYHXkV6KdiG-Sb-RQx2fH5Gv6oSTweqTSCbJ14Op7ll2WUvsUD_bQAtkxE-tbDQ3oI0OdZXNRl5_iNLa3VKhz-tH77UAvGVoIMISzD0vFyelgTxxL25bVSgk0QxGKzRffABM6v87GbA-AEAZIFBAgEGAGSBQQIBRgEoAYDgAeQ0sOlAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC4hQHSCAkIgOGAEBABGB2ACgHICwHYEw2yFxoKGAgBEhRwdWItMjA0NTgzNjE1OTU3MTE3Ng&sigh=Q3LExapQTbA&tpd=AGWhJmv2KUumvkWIHkT0PMMP-Yy_FslznRko5-4zurY4QMjaBA
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 600A 277 KB
97 KB 88ms
88ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:26 GMT

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9C43 277 KB
97 KB 84ms
84ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:26 GMT

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4731 277 KB
97 KB 96ms
96ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:26 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1252375684&t=pageview&_s=1&dl=https%3A%2F%2Fomaranhense.com%2F&ul=en-us&de=UTF-8&dt=O%20Maranhense%20%E2%80%93%20Not%C3%ADcias%20de%20S%C3%A3o%20Lu%C3%ADs%20%7C%20Not%C3%ADcias%20do%20Maranh%C3%A3o%7C%20Pol%C3%ADtica%20%7CEsporte%20%7CPlant%C3%A3o%20Policial%7C%20Loterias%7C%20Apostas%20%7CCovid-19%7C%20Boletim%20Epidemiol%C3%B3gico.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=1151943797&gjid=1963036040&cid=37356990.1605782245&tid=UA-167579228-1&_gid=939594363.1605782245&_r=1&gtm=2oub41&z=1920122504

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1252375684&t=pageview&_s=2&dl=https%3A%2F%2Fomaranhense.com%2F&ul=en-us&de=UTF-8&dt=O%20Maranhense%20%E2%80%93%20Not%C3%ADcias%20de%20S%C3%A3o%20Lu%C3%ADs%20%7C%20Not%C3%ADcias%20do%20Maranh%C3%A3o%7C%20Pol%C3%ADtica%20%7CEsporte%20%7CPlant%C3%A3o%20Policial%7C%20Loterias%7C%20Apostas%20%7CCovid-19%7C%20Boletim%20Epidemiol%C3%B3gico.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=37356990.1605782245&tid=UA-167579228-1&_gid=939594363.1605782245&gtm=2oub41&z=47418134

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Nov 2020 16:57:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 600A 0
145 B 19ms
16ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.7.0&cb=7768579570
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 600A 0
169 B 498ms
189ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:27 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 600A 19 B
710 B 27ms
26ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:26 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid: 23265476-69fa-4a80-8b3a-aa05fe62be30
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 600A
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=28130334&ns__t=1605782246862&ns_c=UTF-8&ns_if=1&cv=3.5&c8=NoBeta%20%7C%20M%C3%ADdia%20Digital&c7=https%3A%2F%2Fomaranhense.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=28130334&ns__t=1605782246862&ns_c=UTF-8&ns_if=1&cv=3.5&c8=NoBeta%20%7C%20M%C3%ADdia%20Digital&c7=https%3A%2F%2Fomaranhense.com%2F&c9=&cs_ak_ss=1

0
528 B

68ms
68ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=28130334&ns__t=1605782246862&ns_c=UTF-8&ns_if=1&cv=3.5&c8=NoBeta%20%7C%20M%C3%ADdia%20Digital&c7=https%3A%2F%2Fomaranhense.com%2F&c9=&cs_ak_ss=1
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:27 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=28130334&ns__t=1605782246862&ns_c=UTF-8&ns_if=1&cv=3.5&c8=NoBeta%20%7C%20M%C3%ADdia%20Digital&c7=https%3A%2F%2Fomaranhense.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:26 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 9C43
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=28130334&ns__t=1605782246864&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fomaranhense.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=28130334&ns__t=1605782246864&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fomaranhense.com%2F&c9=&cs_ak_ss=1

0
528 B

68ms
68ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=28130334&ns__t=1605782246864&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fomaranhense.com%2F&c9=&cs_ak_ss=1
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:27 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=28130334&ns__t=1605782246864&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fomaranhense.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:26 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=99886223380406;misc=1605782246885; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11471.1/5197858/0/0/ Frame 9C43 47 B
265 B 209ms
124ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11471.1/5197858/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=99886223380406;misc=1605782246885;
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1746d52bd237a3f9536a6660c3b769d8a059e150e5195174c72f8b371961466d

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://omaranhense.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9C43 0
145 B 71ms
71ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.7.0&cb=70147828587
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9C43 19 B
710 B 75ms
74ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:26 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid: 8e229cdc-ecc4-486b-be5e-bce16d1ea2ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 9C43 0
169 B 471ms
190ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:27 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 4731 0
528 B 22ms
22ms Image
text/plain 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=28130334&ns__t=1605782246965&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ft%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fomaranhense.com%2F&c9=
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:26 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4731 0
145 B 78ms
77ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.7.0&cb=54282401837
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 4731 0
169 B 376ms
189ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:27 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4731 19 B
711 B 80ms
79ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:27 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.137:80
AN-X-Request-Uuid: ad291ae2-1709-418c-a710-7cd9bfe14c83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012010270040000/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437f0df93cfde16d277d61ba740d9a3f56fecde74a3de7d789ae02808590a9db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 58610
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7254
x-xss-protection: 0
server: sffe
date: Wed, 18 Nov 2020 18:20:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb338742afe376d1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Nov 2021 18:20:37 GMT

GET
H2 200 p Show response
server.gblcdn.com/pool/ 767 B
3 KB 5335ms
5311ms Fetch
application/json 2606:4700:3034::ac43:b802
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://server.gblcdn.com/pool/p?pubid=7895a300-9126-11ea-a2b3-876aecb6db10&l=1&mck_o=&mck_b=&mck_c=&mck_ov=&mck_bv=&t=i&mt=b&dco=0&fq=&fqc=&wh=omaranhense.com&w=300&h=250

Requested by

Host: data.gblcdn.com
URL: https://data.gblcdn.com/data/pastoclockp.js?id=841756e43b90452fb1c1&pubid=7895a300-9126-11ea-a2b3-876aecb6db10&pid=mholavwnelh&renderD=0&limitT=0&limitH=24&t=i&mt=b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b802 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da2cf316b1bd67959a66c7c6a050eb869b19ac47fcb9dd6ef80fcfb5590e0d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
vary: Origin
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1m6MsPN%2Foo6gCSyl6Vw8GxTLEmtZxtvmIM%2Bv61PCso0vNH1vT%2BKCPhmZ9Q%2FJ9XP64%2FkleiWen5p4P%2B8s9Yn7OWJ6EYXMC6HXwLHmiZszfZyMJZNf2IyWkmPU8qz4hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://omaranhense.com
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
cf-request-id: 0681adaec0000017563b1c4000000001
cf-ray: 5f494bc46e001756-FRA

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C45 0
23 B 14ms
13ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1119503207660277&r=728x90&w=728&h=90&a=0

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame FBA0 0
0 81ms
81ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyFVjt421lwV-VK6JKC9uH07auP0a35gD-Zjd64UJ8v1BQcXtKh56gf3wjd67iXpUhS1gU7rbEtBXAfvadWq5Mgi4wpMwPqODDOAC5BSCBavpcX1GwJ6ap1zbApifb5EdK39KjZB-JRtVi1YNzkVdgvV4EECAxXq2TQ7gbi1cUGdvdDsCO27vvAZLqSmLOsV21gIUwtWXRJ6-qxhmPx1AnwWrH9MBkkb9IWTlUoekpBj_dHpPwtE-a3qrbSbkqfgMF-tYB6k2xt5V32-fPAlQ&sig=Cg0ArKJSzGcn72ykN2iiEAE&adurl=

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/ Frame FBA0 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201112/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 12:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7327
x-xss-protection: 0
server: cafe
etag: 4109265994257346226
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 12:15:32 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/ Frame FBA0 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 08:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1336
x-xss-protection: 0
server: cafe
etag: 4033927919502905291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Dec 2020 08:36:51 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBA0 75 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050 200 3181831729314583294
tpc.googlesyndication.com/simgad/ Frame FBA0 52 KB
52 KB 8ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3181831729314583294

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb6d86692cd6763ea425040ea01f9db1af7d9afc3831d9d7befce4cd766a67b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 16:46:19 GMT
x-content-type-options: nosniff
age: 496268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53072
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 10:50:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Nov 2021 16:46:19 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C45 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6C45 8 KB
6 KB 20ms
19ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03e8d2d23d92a0463be8a5bc0de35a4efe143829f78458a0a2428bc0fad74216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6552
x-xss-protection: 0

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
423 B 125ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-167579228-1&cid=37356990.1605782245&jid=1151943797&gjid=1963036040&_gid=939594363.1605782245&_u=KEDAAUABAAAAAC~&z=2144905884

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Nov 2020 10:37:27 GMT
content-type: text/plain
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 70303 Show response
tag.navdmp.com/u/ 509 B
639 B 130ms
130ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/70303
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8815ac4522ea18ce04445bd259af28f64ca07209830315e779436a1cc3904e9

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 19 Oct 2020 18:45:01 GMT
server: cloudflare
etag: W/"5f8ddead-1fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 5f494bc5ba0205c8-FRA
content-type: application/javascript
cf-request-id: 0681adaf93000005c8be24a000000001
expires: Thu, 19 Nov 2020 11:37:27 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.be/adsid/ Frame 26C6 109 B
781 B 44ms
29ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 26C6 109 B
150 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 26C6 11 KB
4 KB 189ms
189ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1902866905360953&correlator=397453579385976&output=ldjh&impl=fifs&eid=21068793%2C21068418&vrg=2020111801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=21671350435%2C300x250-omaranhense.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D0c33b36d26f3b1e6%3AT%3D1605782244%3AS%3DALNI_MYqFZPGItvZ0MYb49ynGyfSKHAGKg&cdm=omaranhense.com&bc=31&abxe=1&lmt=1605782247&dt=1605782247368&dlt=1605782244932&idt=2429&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=-12245933&adys=-12245933&adks=3390501070&ucis=dqhtufuj86vd&ifi=1&ifk=2832426997&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fomaranhense.com%2F&top=https%3A%2F%2Fomaranhense.com%2F&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=37356990.1605782245&ga_sid=1605782247&ga_hid=973877141&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

d57a052268e9986ecfe2b49a1f4c1b7fee36acda146db812f103bf539b769e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4076
x-xss-protection: 0
google-lineitem-id: 5367617210
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138311189073
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
110bf6a8955da4cf6922b00c5aeb860b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 26C6 0
0 27ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://110bf6a8955da4cf6922b00c5aeb860b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6C45 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0B06
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E44E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 25ms
24ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-167579228-1&cid=37356990.1605782245&jid=1151943797&_u=KEDAAUABAAAAAC~&z=516039720

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 39ms
17ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-167579228-1&cid=37356990.1605782245&jid=1151943797&_u=KEDAAUABAAAAAC~&z=516039720

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 600A 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 600A 109 B
127 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 600A 346 B
181 B 272ms
271ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2116901898335009&correlator=4324047455747726&output=ldjh&impl=fifs&eid=21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=150684666%2Comaranhense.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1024x768%7C970x250%7C970x90%7C300x600&fluid=height&eri=5&cookie=ID%3D0c33b36d26f3b1e6%3AT%3D1605782244%3AS%3DALNI_MYqFZPGItvZ0MYb49ynGyfSKHAGKg&bc=31&abxe=1&dt=1605782247450&dlt=1605782245481&idt=1936&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2804760365&ucis=61hjh5fdd34x&ifi=1&ifk=3375827984&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fomaranhense.com%2F&top=omaranhense.com&dssz=8&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=37356990.1605782245&ga_sid=1605782247&ga_hid=459899668&ga_fc=true&fws=260&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

7f400529aa0a6d693e9f3a8616091bd80de68903294123c3a6e596d41a53d86b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9a60858b45671c2f6d85dad3dd473999.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 600A 0
0 32ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9a60858b45671c2f6d85dad3dd473999.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9C43 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9C43 109 B
127 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9C43 345 B
179 B 138ms
138ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=303186120703636&correlator=1405754707338714&output=ldjh&impl=fifs&eid=21068750%2C21066995%2C21068418%2C21068479%2C21068763&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=150684666%2Comaranhense.alert&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C468x100%7C320x50%7C336x280%7C250x250%7C320x100%7C300x250%7C300x100%7C468x60&fluid=height&eri=5&cookie=ID%3D0c33b36d26f3b1e6%3AT%3D1605782244%3AS%3DALNI_MYqFZPGItvZ0MYb49ynGyfSKHAGKg&bc=31&abxe=1&dt=1605782247462&dlt=1605782245487&idt=1936&ea=0&frm=23&biw=1600&bih=1200&isw=470&ish=290&oid=3&adxs=-12245933&adys=-12245933&adks=2358491821&ucis=ckbeaps53r61&ifi=1&ifk=2710861057&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fomaranhense.com%2F&top=omaranhense.com&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=472x136&msz=0x-1&ga_vid=37356990.1605782245&ga_sid=1605782247&ga_hid=1005186287&ga_fc=true&fws=388&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

7afa69e861a6d67e6b2cf833fa4f98de16aedadc0097693f67dba1f993332156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fac4e62f6b84b87301cd74aea4ef4bf3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9C43 0
0 30ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fac4e62f6b84b87301cd74aea4ef4bf3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame FBA0 0
22 B 32ms
32ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVkRecXtS2ekcGyuP50RLQ2ssIwluwuP2F5IyOKeiyZbccpLwm2k1T2V3-ZZWAZeY_DaB-Ixefgki_dmEfqNonmIfk6nMtRLjrbBCmYfIWSI5rm6WfhbKZ2GtRV6ypOPlA3I9lc9G0Fi-pGGBh65CKFKMY2WJUpUjtTzIIiMFiW0CRRlzYfquuoKvQRdWVpRUdy-H8IepqSasYSJhCN4O4VFBhB3S8XSQA1Zx_kHtbOK5ImtnBA41tzHTUPFc6jrz-n1kNqeX3l_kqOEkBhUtgfQ&sig=Cg0ArKJSzG3b0-Kn5JkSEAE&adurl=

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A8C6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

171ms
170ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4731 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4731 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=omaranhense.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4731 80 KB
27 KB 233ms
233ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=819137235234114&correlator=2457606685572035&output=ldjh&impl=fifs&eid=21068728%2C21068736%2C21067590%2C21068418%2C21068479&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=150684666%2Comaranhense.ft&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=5&cookie=ID%3D0c33b36d26f3b1e6%3AT%3D1605782244%3AS%3DALNI_MYqFZPGItvZ0MYb49ynGyfSKHAGKg&bc=31&abxe=1&dt=1605782247510&dlt=1605782245492&idt=2011&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1963476811&ucis=lmx21ljjj51l&ifi=1&ifk=3375827984&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fomaranhense.com%2F&top=omaranhense.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=37356990.1605782245&ga_sid=1605782248&ga_hid=1433887672&ga_fc=true&fws=388&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

15a799575eea419733085c76927ace7ec676b00a71aec40812a45b2f1959e459

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1077625518344288456/BE_TLS_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_728x90_1.0.0/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1077625518344288456/BE_TLS_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_728x90_1.0.0/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-4z4O1ju0CFULK1QodCJsCzQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/1077625518344288456/BE_TLS_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_728x90_1.0.0/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1077625518344288456/BE_TLS_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_728x90_1.0.0/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1077625518344288456/BE_TLS_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_728x90_1.0.0/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-4z4O1ju0CFULK1QodCJsCzQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/1077625518344288456/BE_TLS_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_728x90_1.0.0/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26354
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 19 Nov 2020 10:37:27 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4731 0
0 28ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26C6 0
71 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1902866905360953&r=300x250&w=300&h=250&a=0

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B77A 0
0 33ms
33ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKTlIECGvjKmnRzQpegYdHFRU72PkqfjwPuSU-g_Ex8juW9ZXhYlKis6w5tl_p4K7dwfJv_LNVyamO5wKq2pODghNaFXdEoA0rD5kbpvAlEndvHp3-xjgPg3_DLMOlLfE1l_BV3IgDYRdqParrO-o_w8pQayHlngf2KgmBt2T-yleQ9My9hOmqzFm-Nh_payrRoEkd0DH4UN-uUBBewIkwvYumakvPI-9ZoRAA4opAui_kc3_mG-gagkkFfxd3WSzT0fSY71FJl1yvrJrkYgwaamTGwb6L&sig=Cg0ArKJSzHtLj6Mizet7EAE&urlfix=1&adurl=

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 prebid.js Show response
hb.adpone.com/ Frame B77A 327 KB
94 KB 26ms
26ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid.js
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1323
content-type: application/javascript
x-amz-request-id: 3C1F4933A7B055F5
x-amz-id-2: oSBTyVGNJ9UU0kzWQA63bg0CT1VmTzuvw5SD65Dx9zX4Il+urw8dECWUNKo0O5Gzc0aRJSRpiTI=
last-modified: Thu, 08 Oct 2020 08:58:50 GMT
server: cloudflare
etag: W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lxrntKp6ddHAVrzcbZnS7rDgZUfPZKIphLZet0pZX0030q%2Fm76j4AEM8XHmP%2BarJw%2B7T%2FA00N0TTHENIPZrOfxyq1Lt3zC8Zqy%2B8sU%2BBNzWV0kfs%2F%2FNTOE9C"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control: max-age=14400
cf-request-id: 0681adb0aa0000061ccf8ba000000001
cf-ray: 5f494bc77831061c-FRA

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B77A 75 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26C6 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 26C6 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55905d1f8fd1e8fbae546f9c5c05721d4d0fa9994c28b1234f103264e4da6085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6463
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 7B88 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 19 Nov 2020 09:39:09 GMT
expires: Fri, 19 Nov 2021 09:39:09 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3498
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 usr Show response
usr.navdmp.com/ 358 B
456 B 140ms
137ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=70303&u=1&new=1&wst=0&wct=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e3a009889e41ee0c2a5326ae1fd5cb6d388b973b8321c5f937a0afcdb2a82a

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5f494bc79f1805c8-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
cf-request-id: 0681adb0bd000005c8a4bde000000001
expires: Thu, 19 Nov 2020 11:37:27 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9C43 9 KB
7 KB 44ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0e1b0fbbb6822731d7e9d09c06adb1e1d42e4e095f2f0dc31bf97e25d440b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6736
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 26C6 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111801.js?21068793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B77A 0
1 KB 52ms
52ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:26 GMT
x-smrt-d: 4%3b9%3b101
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B77A 19 B
710 B 25ms
25ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:27 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: 460cfaf6-4ec1-483b-8360-db3d38d5b8c0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B77A 284 B
1 KB 26ms
25ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1346616&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!adpone.com,1992,1,,,&rf=https%3A%2F%2Fomaranhense.com%2F&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=278d8c1e-2319-48c3-86d9-d5ed5d1a1b20&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6829123529811141
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f09544fb61f561f0f5ece32229d136a07702720d9fecb9cd738a700753be3a18

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B77A 0
59 B 19ms
18ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame B77A 172 B
374 B 46ms
45ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fomaranhense.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=278d8c1e-2319-48c3-86d9-d5ed5d1a1b20&nocache=1605782247712&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C1992%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1605782247592&auid=541066154
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.198.0 /
Resource Hash: 9d43b2ee50544c57087fca4a3d7d7c307ef27feaf4410d1f05c0c71e8f547a35

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
server: OXGW/16.198.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://omaranhense.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C43 16 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B77A 0
187 B 34ms
34ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEX7_sYUHJozjraDWNAdO0gwstg9icLMW-3a5s9BYgMP8aDfnSe6LYnIPtcBAZIVzVseI61VErrX5602y6bPT1oNaD3my66sgdOpG443xYuBHgS3RS7o-OG2Ja6osCT7S2v0o9aOJA7KkZTR-6uJNL4bYAu45M72mOfQUIiWQqWTT2DNY9pyZUxX_bkd3BmyMxNHR1vWBXpNRrv6GFpx4zw-WPY1QrZsRfT2dfvDTYPb59U_jXHYLusxtBfKW8e2dXlHpcZ-zvIO05LMz_fYhAKv6fXy4D2a0&sig=Cg0ArKJSzLBMZti7aGXIEAE&urlfix=1&adurl=

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 8888 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 19 Nov 2020 09:39:09 GMT
expires: Fri, 19 Nov 2021 09:39:09 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3498
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 600A 8 KB
6 KB 26ms
25ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7826a49ac958828f54307ee691b3046fed960b75d09155503bddc8a276c72749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6615
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C937 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 19 Nov 2020 09:39:09 GMT
expires: Fri, 19 Nov 2021 09:39:09 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3498
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html
e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D81A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 19 Nov 2020 10:37:27 GMT
expires: Fri, 19 Nov 2021 10:37:27 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4731 73 KB
28 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4731 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d72ce1148be76a14ed4d7bd21c32b482903b6a2419c89bd6d44336440daf501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6555
x-xss-protection: 0

GET
H/1.1 200
OK adponegeneral1.js Show response
s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/ Frame 6086 7 KB
8 KB 181ms
63ms Script
application/javascript 52.218.88.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.88.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 26e3ca7ea4955ef0f3add437f13b70cb0bff94ded5d99bb5933e80bf1ade44bb

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 10:37:28 GMT
Last-Modified: Sat, 09 May 2020 19:50:28 GMT
Server: AmazonS3
x-amz-request-id: A47504CDA6E7F705
ETag: "7dad9c68594fb00fa58b39bd12fa9bd7"
Content-Type: application/javascript
x-amz-version-id: XMyhwwsyMGw6DDQEw4ew8Gi.MqWzp_7V
Accept-Ranges: bytes
Content-Length: 7386
x-amz-id-2: ab4964t0KsIU8pN+B/F2ChBv8a95+gCBDHf7xCrL2CuRexcpbsIsH4i4LMLnNez8Br8h7HmIqhs=

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 600A 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4731 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 600A 77 KB
25 KB 71ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6d8ffd84868d7c4232e88167eb1adc0a83d4c1f5efb41d78eb1a03127dcdb625

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 07:57:58 GMT
server: nginx
etag: W/"5fb38286-13244"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 20 Nov 2020 10:37:27 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
104 B 140ms
135ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=ce228a9ad94fff5fe30f1418a09%7C0&acc=70303&tit=O%2520Maranhense%2520%25u2013%2520Not%25EDcias%2520de%2520S%25E3o%2520Lu%25EDs%2520%257C%2520Not%25EDcias%2520do%2520Maranh%25E3o%257C%2520Pol%25EDtica%2520%257CEsporte%2520%257CPlant%25E3o%2520Policial%257C%2520Loterias%257C%2520Apostas%2520%257CCovid-19%257C%2520Boletim%2520Epidemiol%25F3gico.&upd=1&new=1&h1=O%2520Maranhense
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 5f494bc8ea6005c8-FRA
content-length: 6
cf-request-id: 0681adb196000005c896078000000001

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=55333923245
https://sync2.navdmp.com/sync?prtid=2&id=55333923245&google_gid=CAESEOTLBvMRfSVZjRSUm4LBO24&google_cver=1

7 B
128 B

181ms
180ms

Script
application/x-javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=55333923245&google_gid=CAESEOTLBvMRfSVZjRSUm4LBO24&google_cver=1
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6185b9879d35631edaf4d3d17cb55266a18f822cf0c7d289b800adcd3ae87

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 5f494bc94b3c05c8-FRA
cf-request-id: 0681adb1c8000005c88d8fb000000001

Redirect headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=55333923245&google_gid=CAESEOTLBvMRfSVZjRSUm4LBO24&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=b0b85fb6-4ae7-4400-bbae-7525ace50ffd

43 B
156 B

131ms
129ms

Image
image/gif

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=b0b85fb6-4ae7-4400-bbae-7525ace50ffd
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 5f494bc9dceb05c8-FRA
content-length: 43
cf-request-id: 0681adb227000005c871a72000000001

Redirect headers

Date: Thu, 19 Nov 2020 10:37:27 GMT
Server: MT3 3322 7ec6219 master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=b0b85fb6-4ae7-4400-bbae-7525ace50ffd
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Thu, 19 Nov 2020 10:37:27 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 176ms
34ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 5272 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 19 Nov 2020 09:39:09 GMT
expires: Fri, 19 Nov 2021 09:39:09 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3498
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 69C3 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 19 Nov 2020 09:39:09 GMT
expires: Fri, 19 Nov 2021 09:39:09 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3498
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 600A 77 KB
25 KB 66ms
13ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6d8ffd84868d7c4232e88167eb1adc0a83d4c1f5efb41d78eb1a03127dcdb625

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 07:57:58 GMT
server: nginx
etag: W/"5fb38286-13244"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 20 Nov 2020 10:37:27 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C45 0
82 B 40ms
40ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111801&jk=1119503207660277&bg=!jI-lj6_NAAVGySeIRlj73Oq8MCGjxgIAAABzUgAAAEloAQcKAc3F2peAOdjPEeuJzKQ603R3dCe4pBKkh_NKhSVq3ynm4kNX1kJwN9YTgzsCtGeOWwHff5xEhbMvbde4sQXJDWCVhfl-jLcZRv4qTGmG_ElpZsUoDyevbQzWowntYBppxwS6hMOzkqnO6qgdmgYRmpLnnZJwQQDyGkU69BXXNYhlWVM2CMmE9gvtWFDLbpS6E8kF3Spgz1uQeWcmFvab7YfzWm0RumWC9paMEHX2MUO8bINxrmzgKBITBrDwXxbkr_S58_HhgewjUVMt-WbxKUsUBbEDMMnUg_k1mMzhPlWAHJLsO871OkEPcJaEXp8FRsKg9tEKqDgVfjEACvwTFRpZhrGfLx9FiGSeZyZMX5d2zwBTpcN77UPsdkowGt2aHH4XqhO9K6mPGq7unn2srpBXhwIEPSi8Sh4x8oxk6H9eh68pL2J-hE2S6595C9t8a23LacG_i-T6si_k2h2ytyK6FZC8Ll_hmJ4fiMtgeg4rmv2AjJRyEu6O5GtKJHeR_kZvXXc7YOB2_KIdCvyKd6TK3Uvw8O0WuV8ngEXk3APAdSe70CowtAYQDWsWzNpZbnr30P3f0PrBfaKYGsU-KjNuiCXSM7bS32o2-84D4pkB0d-Edp3KJTHh_sR48PhugyZ4yeE-Ggf7Q_KBTBxthVk0xSl_lX5o-q6XiaqZhSzgrYnOBMv9D9_zpggyBkqH_v7MvEayup70sYSY8NQuB5kuPHzEDHQyjN8ioeyNhh-eSmHSfJaT7js_mPM1lHekzUf2gKikKNj6l8x1G5-mYA63K60rtGCVtm8scfhe69Jh89lVek7SkvpC8RaUkosrLoruvT3B1FYaiEYqsgUIm11TGNRpUav6X4xQTdf-lZ_DB2gvjueVNpkCT4JQ8mOtc4UYIdn8SIumv0otiacybPjTmLqunrU1fSAgL1QR5A2404LjOzImyp08h972SmH_rzxfRyfv_vDKhXWriQ0orGzzd2LMZk0lI1GxjdpCUn-UtqgZZsZs_hgtR-1FmCPb6SbrWCEfYslkpPY024GDLsZ4ym1uytnWhmUVm8n0PCUyQH6So3RT5xwTz2RHKTg1jY_Gz2V_dOWnjJ9OTQMw_nZ8H_GJcxBJSV2-ustQqNy09eDXzelEoJyywBJYL-Da5Oyoi7uIkZiLEy8VjmtgiKQNSV6_JuucDhwJ3dh3z_6vl_DuKipj7d_FvjW1uZEuBSY4Su7I-vz-rP-qRh8i6oljMw

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid.js Show response
hb.adpone.com/ Frame 6086 327 KB
94 KB 79ms
79ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid.js
Requested by: Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1323
content-type: application/javascript
x-amz-request-id: 3C1F4933A7B055F5
x-amz-id-2: oSBTyVGNJ9UU0kzWQA63bg0CT1VmTzuvw5SD65Dx9zX4Il+urw8dECWUNKo0O5Gzc0aRJSRpiTI=
last-modified: Thu, 08 Oct 2020 08:58:50 GMT
server: cloudflare
etag: W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KqNR85R0d1kNKxZE9bHA1gEBFifApawIVI2eAYfJtU3eK3AppKLaIGsASDL95YMyzR%2FAPKx91BVlQciAUd8%2FUeqHNgMr8ozIjushFR6ZvQ7lZ39AGApNaClx"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control: max-age=14400
cf-request-id: 0681adb22f0000061c09b90000000001
cf-ray: 5f494bc9ee0f061c-FRA

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6086 284 B
763 B 28ms
28ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1699154&size_id=15&p_pos=atf&gdpr=0&rp_schain=1.0,1!adpone.com,1992,1,,,&rf=https%3A%2F%2Fomaranhense.com%2F&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=088be024-a37d-4a7b-bfd3-e6307bff2b10&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4684745832591326
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 96094930bc5eb7637a72b04085b2861e6f6276b177c1278dc938aec5d6d5afc4

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6086 19 B
710 B 95ms
95ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:28 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.15:80
AN-X-Request-Uuid: e73dfe3c-6b6c-41ed-87eb-25fd591f923f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6086 0
59 B 20ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6086 0
1 KB 67ms
66ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:27 GMT
x-smrt-d: 4%3b15%3b106
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 6086 173 B
356 B 66ms
65ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fomaranhense.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=088be024-a37d-4a7b-bfd3-e6307bff2b10&nocache=1605782248093&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C1992%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1605782247981&auid=541066155
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.198.0 /
Resource Hash: 02c51e6e4887fae42664e1c98a7916393adb423dcfcdb1ae50431060d64a9edb

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: gzip
server: OXGW/16.198.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://omaranhense.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09ca0b987750bf8f124ff40f082cba74aec40def5f2e7f07dcf58abe570fd166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6519
x-xss-protection: 0

GET
H2 204 mod_pagespeed_beacon
omaranhense.com/ 0
96 B 234ms
234ms Image
text/plain 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omaranhense.com/mod_pagespeed_beacon?ets=load:3890&rload=5572&nav=0&dns=234&connect=420&req_start=956&ttfb=701&dwld=197&dom_c=2833&nt=0&ifr=0&url=https%3A%2F%2Fomaranhense.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
cache-control: max-age=0, no-cache, max-age=2592000
server: Apache
expires: Sat, 19 Dec 2020 10:37:28 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 4BEC 0
0 118ms
25ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=omaranhense.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=omaranhense.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 536
date: Thu, 19 Nov 2020 10:37:27 GMT
content-length: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:28 GMT

POST
H2 204 mod_pagespeed_beacon Show response
omaranhense.com/ 0
23 B 210ms
209ms XHR
text/plain 191.6.208.42
IPV6 Internet Ltda

General

Check archive.org

Show headers Download Go to

Full URL: https://omaranhense.com/mod_pagespeed_beacon?url=https%3A%2F%2Fomaranhense.com%2F
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 191.6.208.42 , Brazil, ASN28299 (IPV6 Internet Ltda, BR),
Reverse DNS: web135.kinghost.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
cache-control: max-age=0, no-cache, max-age=2592000
server: Apache
expires: Sat, 19 Dec 2020 10:37:28 GMT

GET
H/1.1 200
OK adponegeneral040.js Show response
s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/ Frame 6BE8 7 KB
8 KB 66ms
66ms Script
application/javascript 52.218.88.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral040.js
Requested by: Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.88.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 28dbb07338d3da53dded0c412a60bc485bf9e4313cd660d147b6883fe1812ab2

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 10:37:29 GMT
Last-Modified: Sat, 09 May 2020 19:46:49 GMT
Server: AmazonS3
x-amz-request-id: A982D377237B17A7
ETag: "415057e7cb42c8722ffcad2c10947985"
Content-Type: application/javascript
x-amz-version-id: CX9eJEAtZXDaRBFa5IbF8xKYfTA4Hcr1
Accept-Ranges: bytes
Content-Length: 7463
x-amz-id-2: kmg60ZTQtd2+ZvvrjcU+KQIQu9lRUTGLopmZiXf79VaqHXSjCEIX+LXrPu6uh2Mjhwlnj1KL47U=

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 9EB1 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 19 Nov 2020 09:39:09 GMT
expires: Fri, 19 Nov 2021 09:39:09 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3499
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 prebid.js Show response
hb.adpone.com/ Frame 6BE8 327 KB
94 KB 36ms
35ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid.js
Requested by: Host: s3-eu-west-1.amazonaws.com
URL: https://s3-eu-west-1.amazonaws.com/hb.adpone.com/passbacks/adponegeneral040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1324
content-type: application/javascript
x-amz-request-id: 3C1F4933A7B055F5
x-amz-id-2: oSBTyVGNJ9UU0kzWQA63bg0CT1VmTzuvw5SD65Dx9zX4Il+urw8dECWUNKo0O5Gzc0aRJSRpiTI=
last-modified: Thu, 08 Oct 2020 08:58:50 GMT
server: cloudflare
etag: W/"3f9f2be0df40c2f61ef943e7de1ea106"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wj2zMZa3n%2BIurQ%2FO%2BOQOhnHh%2F3AmaHHkLOVuK%2FJzJK7FxypYYzW94KegJXLMFnFwAiWhwe89nXf3iV%2FHTuQEDfd7ZWO6SDR4Aeqljtp%2Fid93wOss%2F8HAAIwP"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: rBVPesXy_KxlMhmQGZiGrffT5fqVdJJ6
cache-control: max-age=14400
cf-request-id: 0681adb3580000061cbd13f000000001
cf-ray: 5f494bcbbae6061c-FRA

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6BE8 0
59 B 21ms
21ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://omaranhense.com
date: Thu, 19 Nov 2020 10:37:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 6BE8 172 B
355 B 50ms
50ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fomaranhense.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=853a3a09-7076-4fe3-ad52-8cecc1feb67e&nocache=1605782248385&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!adpone.com%2C%2C1%2C%2C%2C&aus=300x250&divIds=adpn-adtag-1605782248278&auid=541066156
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.198.0 /
Resource Hash: dbc3eed08716d3181d11c1cb9efb98e131e14dc0d92004fdec7e44d5ab924856

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: gzip
server: OXGW/16.198.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://omaranhense.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6BE8 19 B
710 B 26ms
26ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:28 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid: a9efd20b-6831-4b16-b19b-f22a9408ca9f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6BE8 0
799 B 71ms
71ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:28 GMT
x-smrt-d: 4%3b15%3b84
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6BE8 284 B
763 B 29ms
29ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=270626&zone_id=1699156&size_id=15&p_pos=atf&gdpr=0&rf=https%3A%2F%2Fomaranhense.com%2F&tk_flint=adpnPbjs_lite_v3.26.0&x_source.tid=853a3a09-7076-4fe3-ad52-8cecc1feb67e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.06082081095101155
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 55a79b5abb315b3d81fe9117ad8ef289657ab221bd27ce9ecdd8df9934dd89e5

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Nov 2020 10:37:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://omaranhense.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
11 KB 284ms
284ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=150790500%2C23518_ZONA_IAB_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C200x200&prev_scp=wex_code%3D18b76f7dc6b22e4ff985b2e5034dd5c7%26wcode%3D23518%26acode%3D10936%26width%3D300%26height%3D250%26pageDomain%3Domaranhense.com%26referrer%3Dnull%26pageUrl%3D%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1605782248&dt=1605782248420&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=1060&adys=1545&adks=2969041717&ucis=5&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=90&icsg=572340935786492&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

5f00e913e65862a33e03b64344d9e78165b0e9c96315c9505619b1b2dcc2ed81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11381
x-xss-protection: 0
google-lineitem-id: 5183555757
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293184450
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 269ms
269ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=339263271%2Cadex_omaranhense.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1605782248&dt=1605782248423&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=1060&adys=907&adks=1872795651&ucis=6&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=90&icsg=572340935786492&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

fd9eb58429bdf206519a1e595257ef3c137b2bcf510618dcfee5b6515f8dd04a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10574
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adidas_300x250.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame 11B9 26 KB
26 KB 39ms
39ms Image
image/jpeg 52.218.88.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/adidas_300x250.jpg
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.88.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 10:37:29 GMT
Last-Modified: Sun, 23 Sep 2018 17:44:28 GMT
Server: AmazonS3
x-amz-request-id: 3BFE4E2DB6C67C7C
ETag: "702b3e474e01427f8af949cf0c7fbd69"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 26619
x-amz-id-2: tk68pkJsi4HzLmwFfzxfoO2bM+17WaD7ZvH468pMIOwKUA49vqTaFThK6Zqe86B0qNcBnqsHR60=

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26C6 0
23 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111801&jk=1902866905360953&bg=!MzClMBDNAAVGySeIRlib9DJw1l5ifwIAAAJNUgAAAGZoAQcKAUsX35i9ppSSlmoN54QJNA_PSaODTf5ahWwT_jF_AixRaiSl5sZCoz3V1q0nj3QWjS7zHvAqDHGE1qcd48AxwrufDSxr75CERE5A3UuyZXwdljKpexyxTVo3phI8Sze9TQLxRbUn8PIFDz-tmq8catCkW2a_-DKrD2EK_iayaw1zvmjWypr8CdgCV782LxgJ8jtpqy312Wylye796qtQbxGC0gJ20uiKu_VvHMHXtaDWoO_a6ochhNgGTTXSRCcmO0uiFrknTfGA1WVzWg0S4MNLqs554RGFvHwbqfAU9eyyrQNb-issOz7bwmauDnF2ATxQJ3ZtCxeFIGDy3d434yvTdi3X0ohl0a2nv_SmJ_Ave9mIEMFhaD0Xr5jytrgWtHNnXF4OkX5fzvk4YP1kcN9mgS6tHFbINShtcmmZlFuvvPhmkxi77qF5NS3SmQHRDG-KFDnw8pMkdWOVGtJ5pNJ6vYeZgk2YaPPRNVPsbibzeCvnMkK31n3DKQRzmc5CjPSX2F2-xjjW0v-LvenrQL6GmzXR7qjwgdTfS1eW5ry4d6rvZ3MuOOYlmfr_sZk9y85L7TBSRgLB2O6o7RUaj06lpHV_2inzkcr4yvdeGnmTHs0AGjzzuatNKyUrU-LZjM5vZF7Q79EOfIMzDtbGyLZVavCF6HsrKGr0YJHahVOu7lkVrK2H9QfBw3pWPAGCIczFVdfQZz3FAVez2f667sMn1nQZoWtokQYKNomVDe64nkIcyiYp0mIRza3TuKclmlC-Wgi4Xkkv_DziEXMnO24xzAi4S2ixOGE7QOuYW1iYdrpCxXc51iAwvl3JVH4sECZzKWBgKgSHnVzbDQIDqiJ-aRPsmixhIysuxapFnYJAVdLL5Y4MxXjsGG7eP-0maq99f-MBRe10SIxyJzyD5jYj3EPYCLP1HsMsF-Jk1soYW4x5CD0r521Iky1ZkQjNJSsQfF3QrfeCA78smOWMqaKBi8VhdH_7FV6IKg1VuK_EclDRtvuUV0wixdNnuMMZ2h3M6AWuMCXFXASp3hopBaHQmh2UWHtFgSIUXd0KmXgC

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 5C2A 180 KB
50 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418855
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5C2A 13 KB
5 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418855
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5C2A 90 KB
27 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418855
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5C2A 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418850
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 5C2A 41 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418855
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5C2A 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48477
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5C2A 344 B
439 B 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83039
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
DATA 200
OK truncated
/ Frame 5C2A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dba8235e63002173ac8a488e983f98b05e9f6b53bf8c1d506ed24bb980994db

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 15315876687193668967
tpc.googlesyndication.com/simgad/ Frame 5C2A 41 KB
41 KB 10ms
9ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15315876687193668967?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn_1okmZp9N-LqUcxO1GJewivXBRQ

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6691e93e142d66a8a33b2de0018c5e5876571ac62e702a67a1d75da07ec362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 22:34:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Nov 2020 11:07:26 GMT
server: sffe
age: 561756
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42369
x-xss-protection: 0
expires: Fri, 12 Nov 2021 22:34:52 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 5C2A 0
0 48ms
47ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOHueI16AH5v-tif7JQSGL1bNPrBIBjiFlz3qSk5vbQeNHJQ0pxMPzASwgtfGCnIVjWAPj7yFXk257d2W-yRwqkDwxoQ
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5C2A 0
0 48ms
47ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeMEm6Eq2X8zsHLSqmLAPjaSK2AG_55qSYN2C6a7GDJaCzYWIFhABIP--7ixguei-gNQBoAGHg7_3A8gBAuACAKgDAcgDCKoE2AFP0KUaegVcC3YYuluuAAKzXmoAix8m_9rFpicdCfUbpp2obn_UQKfecvMNpvq4H_iDXmlPDxsiySBiKMgWhrM7S3f4PsIJ2NLkg7pGgwojF_cdsY6m1Iye5IAjv9Av2g2u55IfW-dk8Kjz95b5d6oyuO5Uap3w48aP9RJj7CLDZxYdx8DEJYmfsXUBy6J6K5xOrhrZEo2vtpHmsuo8aYcdufBEKSqmAi6D95ST0XTMJmrJFR-amuOeO8eMXkqZZ6cYDd45tkTjjocJobk6dP8PYXtRHRR0plXABO7ou-GaA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfk9JeJAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCctwbSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQwMTczMzM0NjAyMjk0NTOACgPICwHYEw2yFxoKGAgBEhRwdWItMzQyMzA4NTU0NTI5NjIzMQ&sigh=WYTDw2Ul0l4&tpd=AGWhJmvBy9qIQkPV-mBwckajN-ioyf7wn_sYkV7Q2iAKyNnu-w
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E52 0
0 92ms
92ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIjvxoIQIDx6iMURRumn_1vJRGcAuGM2CukEgXM_kHuYYafd-azkchIV3KxnbU2-LFtFfoCbwhXdnItdbtSuj_OqTgInvjrLvbyI2qldroXvEy7LN15CCBV9NQuKYjtxiCgXfiSIgUxaiQcFQrbhHWx6RznFUITFOMQgwXJljlrIxtPINA3QE6faNj9nRO_Ql-HvuE_eRfzShUDC9rmUJ8uhicV75KkONF6QVlqevxLbIqaz1rhM20Z1EzY2AnSWNU_9L4DhNp4Nz96cTSffn54qM&sig=Cg0ArKJSzARdvI2HB-m_EAE&adurl=

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/ Frame 4E52 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201112/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 18 Nov 2020 12:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7327
x-xss-protection: 0
server: cafe
etag: 4109265994257346226
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 12:15:32 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/ Frame 4E52 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 08:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1336
x-xss-protection: 0
server: cafe
etag: 4033927919502905291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Dec 2020 08:36:51 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E52 75 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Thu, 19 Nov 2020 10:37:28 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 4E52 0
0 16ms
15ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6wmItSXnLDftuaCXY_nTJcW1jGz8lvuaU7mh69E3QwFPLaDEsh-mDwZlPIHMRXBZ1Y0Fu
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 16247341589804026760
tpc.googlesyndication.com/simgad/ Frame 4E52 37 KB
37 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16247341589804026760

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41823850acde6b5c4d05fa59cd0d7e2f098b72570e565d3bcb5d724c9e96d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 16:55:09 GMT
x-content-type-options: nosniff
age: 495739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38267
x-xss-protection: 0
last-modified: Mon, 18 Nov 2019 15:00:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Nov 2021 16:55:09 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E52 0
22 B 32ms
32ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkATcQaU2YLNFL2Eh1nqTk4julDOT2G3jh3on-i18_QEfxGcm8R1qdrJrvMJznvRSqXYP2CuciFXfrIOhcMBnbFod-oofKSfXJuu8CtPohKZvZXlxAGSWpoIPYTfqnvtv8r8-TJyRD_XUtiIr-Vdwf9nGWX5UZJzpv0WIkGNwqtEHjuSyHC0o-QjBkLRGj0IypQaAA-fEK9zCKl25LrlxdxeiJygBNiHr_YqqCWMHYWQwOhNy9UiezTZ73EllOiR0HlUAeXafnEvRmeRPdpNeQzD8Mhg&sig=Cg0ArKJSzOi0eEgfgJ8hEAE&adurl=

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 10:37:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4E52 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d4a1339e4b0faff5038dc7541da79e4840fab0e82a83e1e1c1d28001f192374

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 600A 0
23 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=2116901898335009&bg=!s7ClsJDNAAVGySeIRljzc_lldPh3XgIAAAIuUgAAAGRoAQcKAXBuPOkJxVzwLuk294mdOoaVW0n3NZMHmFBIcPWdHxIswHuWchKcbFZHW9EKGvzxWbkxgYyDijkLW6nGI4Z9m80hyhj-VfbTZDlzknQVt70ZPKfw1uxfxOtc34iSondJcdvCHDqcmT7TJlBlz3Qj2QBqdLCzz-Jn32ulHouceW0NSW3czFuGz-J2bzta4Szft7o-yuoNScrQlK83XGUMv652G90rvNXQkCIAPKzheZLudur64AEOqrACVWKZV6Q80RfwPujnQmKSb-_97u0aHJyAFiLt6zBoqwalDJ1eizxIAg7E6a04ZuY2gURWPJMKZLX-IYkX-oPdvyiZnPSfNcAzSuBnaD5PLPSltaWxMeh_JvIQf6aVuRJ8NhhfxuMaR1XpYepnG25tSqk3b02n9ILqbf5zXnO3JBdKP1R1JwIH7i1_a3ylmc3rQoVSoPbqBUoC9ZYNF-Pm3bycFR0u6psGv3S5_fe5973a07TcSoftZZkBviblGDnXkgCICV37M2x8V8LUyjS4qF5_n3CzQSKSv8uKfV5C3j1sMQt1hB6yoJPmq2ukZKCyWfhk8XPfCI2QYgdhFajwUBP8ewPOVqRpaqdSWZiQZXoSPUzs2o8eBie8mNkxc3f6hPl0VTS6HN69iEbd_guUtgfXkp7NzgADAZvKuIVUP9JWgY1k-ssKR-j0qv1TLzCzye1D2mmf_7Rbl-Anc9EaGL4ZlpoJzbO_2iJ6eR5JbefpZ6i7_hBbfdDuQ_73P0NnRzz1vCH7sUFqmupjCrr3EaUD2ye93CAvCaliqkNK1N1uuIdX_bVwCuoWX0C6uZQ0rhF0Dl-IvqVHR6MKyy-rQQ9m6f1dlcoQMQwoLMr1LdytK7gpwS5DT8tb76w1GWI9A494aSSL-Xt4xW3D2_ItNE1zou6wmVyQkg6qFGWUnZ6Ijvu1MjMv5qxkUCruJPtS9y8eOf0wo5dY81X7h7Kssdj8S4GCe--a8dtJClPO5YO31OO9ahWCsBZaO6mdr4JI16qBZpfMAr_EORr1BoG9AqyxkbW7yZ0lQ_P0eXSZk5ar9g-mavbvXuxMhzs_hK8j5vbAakR0qIif

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 15315876687193668967
tpc.googlesyndication.com/simgad/ Frame 5C2A 41 KB
41 KB 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15315876687193668967?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn_1okmZp9N-LqUcxO1GJewivXBRQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6691e93e142d66a8a33b2de0018c5e5876571ac62e702a67a1d75da07ec362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 22:34:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Nov 2020 11:07:26 GMT
server: sffe
age: 561756
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42369
x-xss-protection: 0
expires: Fri, 12 Nov 2021 22:34:52 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5C2A 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48477
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5C2A 344 B
369 B 7ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83039
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C43 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=303186120703636&bg=!eHule1vNAAUoamvQKFgWo-tBo3UyUwIAAAKrUgAAAHhoAQcKAUuEqNe4BJl8X7N8y-QI8HEFJyaODAE2jrVZU-HvEW4JysfuLTACXk_SgEQ4KwDw3ORkcmgDLsrpDl0PF3uHNrkXQx_OGS5UXAY-TYgpbNhoqPkxSgkMy-CwMdG--I0sVnNTTLqeHkAreVG39Q7mAS1PxstqEbyFvpBYHMRsR5S7Bj-WP-0yuoZXQsipl3TGdWlAdgsb3WrLEmPWBe1jMbu76cvFXlHekgHjPQC9uYiGy1X0HT61RG5gNmiMqNXFiYt5zvNQvAj4xt3G-p91e9l-u1JYC7q2jXt1WnEoJtRQS4bgyqstFC-62r8F-Adg4InptcPF8UEH8vuFRBb3qvBytE98R0ZmfsO9tWy_J7fLFhgRDYaD2TY1V-7ag6kUVmiYEETXqq4e2QzgkpvHGqgiBxi2nsujeL3H07ZOuaqeOumktOzG0I9Cgxi0mQHguEK6b0arYmiW9eKBl8an9MnAmws0noe-5QUX2NP4uiN5dUXhenTUAPoJc9hg_ff6bZuf5uXgT9shcJHWigHy_OZwq2U78LYAzpxOqOe0SBQMtDX05hG1PKH5nMU6_vkz_h_Y3whi8OcKlLArTg4_f5u5IzGq7MHZ61RlBTzq9vN9vBKUAPP-ztpUUz-A6q1yOOonOs-DdfWaS8qqWNkEDm2Vdma6J7Pfc8udhaMDMwFxAqM3Ce1JVRysMrvNKU_3Whg-NiNUvUK1-2troRdmiR9EcI6lNrIGtjZLjk_SC7VT_r_2K5xndMeTyecyiqkHcvSLMrzCQ2uxcGqklQhz_4XG-Hf___xdNO_SmiBiLQsUetEA0NbNn-BdnVh3qHY8li66MkctyDqUmHnXK5szOv_ABayHQ319K2KlyproUI7Ra5ZvPDGGgJV2wJFOjzD9eSXAmEffz9oR3dqf3eGZB0mvpfC3jGdWm6d5cUq1LQImgH4HqwI4CX2mKyXOCeJ-Bw1O1eAUB-7ALYqoz9GJbKncjsC4mkJX5KuLWmnAnUeBr4Otfqo3DENud_Hp29zUSgXaXQk5Y1CwsBybNcS9LGy2XwIpZbeE6rEaSRuBQg-qBNNkqJkx9c0JnRkMwLjt

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4731 0
46 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=819137235234114&bg=!5-Sl5MTNAAUoamvQKFhKud-1LT9ezwIAAAKsUgAAAGJoAQcKAKUfwJgHWe9hH-qgdkwHBWJYlwdetk5TS4-f2MUOmcd3pFz8dmK4RzC48Nhcd77LpRzrJfLdwRXYc9eQYZ0mzFUd08xcVu0h0kCeySmzuDblyXkHWKyg2xV4OAzGXzUA9WkObc0_DMPmDZrngacyYJR3tYqcQF0yhYeL5Y5TCwuaDAD9Zeb0DO9BT_iGNrSAVF3aufCwxxxooGnPKjzhrYD2nseQpOuZAb404KohDaz_mectIAicsnEx7DzFJsI8VRlRzQ_WlJS0NkboRrA2MB1jdJSU10weZXpDsLg_MuMcSFBh8sHH-lbDGz0jYIG8OuVVBRjUdIPVbaQg2gNA7ueoxy7kNQ3qRPJRNi_2BG17aeNlMw5Tchrf7go3zTVQTRwYARcPmfrGCgwxNIvg_5Y7T30UQwW3xoTwodqGc674piWMLcdIP27rQjj5OIdX4usrz6owUpPsZ0hBeBRJzbwM1NfeOTKt84zyy9UviAuOGepWg9pm-_rz4GaQxGTzWv8N0TY-2b1Rt_tZDmDxw9xz3sQ0mpWev_4NwSDfS4eIgpltulgatEJtRVRrAVojzuJ6C-ekSdAtKLzzSERGPGckSHDEcUR_TkyYa_7nVqJ70DpYwNN1kbQrBHUZg2bJt3_vTw3cnSAvtw3-fSsD8ERwAKEvTSuwRALICO7mdZB53oQAJC2kqVGfcXzeW1e7K8lDTdfWzMhKlfRoWUOboTr2fcH5sMo9vHcUGBmqLPSnBN0XFkza1Zr86z-qA245EOTyfb-6UsSkXughvqZY46Bar-MmV7TsjqsKs-nn4PPy4Fi33GIpUA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 43ms
42ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=3385384423410218&bg=!X1ylXHzNAAVGySeIRlhjNpX_8-Uq-QIAAAGVUgAAABloAQcKAP-j-CsmOKB4XbZ3cyoggmrMixdW8pVupmyi9aCoyJ7D1ZAgFJc9dcNm1zhO-JPZmyH64ld-FpcmZSq7eo12NbM_pKdAbfVdavB-6JffmATiy4SczwBC2C_Z5ADucYAm7-H99qF6IrPxk7FqdLsjiDD8qzAUxns4PmMrcOl97b13RNnyoSeTcQvPVnuFr4eR8jgQcy4xL3R-SmqAgbcCLqB7yEYX0n6s1rXrT_vPXQ3zB5X-pLXLGiw_0b1GirAYOTNTd_K5dsvY3f1OIXKxkoxRJ_JLhqNMZEyZOR6hfeOU43qkX5ZJDHZ7OGcM7fe9STtZGhHpLW3FWexivuODj7KZAbiZZuIKwMTMih1GBNmlftQgYdpu4a9kYbwviUWQEnx6neFIdZkzRvqBlivSuq2luMbNfRIOgIRL01m6Z61AyVoirLlXCkoDxfDCvPEhTAiJWYMAccqBwjfcVFEB0KGKBGJDIqia2kjEo3PDWY6R-pIN6URZjYBM4vsWx8CA6OMZ12uh5qHhTEFWv5Shyde88jxA44rlFDr1rObeHfIAOWh93k6ZGBLVs7KvW_k4_TnmL4g7pqt9sT8DhtPX5ib1n1ecpv87g2SGEhd2fPffJRjqMRZc_o-iRr3orXbd_QgYaEPRLNNsjGUKfpt5y-X7mkr9wKJ2KTDNZTTmFl8j9-g2lsK2HhZO13ez6ucghMZ8uPCUEn5cOVFk4aMD_Vk9I_Hfkx-u2hJ7oDpqyFbjX3gH2oRyBLYOh8Jkc41rq55ilOWAdR-tvYm3jaEn2Jlnw1rl3HeGCm2BKA8RnEIcgOrrgR0RxHGf4Fa1ohxJbWPvQ2FXnzZUJw8v9G6euCl1GBO144KrvkZMdTB8LR2JMEhpLpOZejD6O1-JYv9oiJ-7j6YFP533FxwyTU0A4I8dGVsRVx7Zs2rP6A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9C43 74 KB
24 KB 16ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:29 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:20:41 GMT
server: nginx
etag: W/"5f8eabe9-12977"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 20 Nov 2020 10:37:29 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 4731 74 KB
24 KB 16ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1600366998559/prebid4.7.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:29 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:20:41 GMT
server: nginx
etag: W/"5f8eabe9-12977"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 20 Nov 2020 10:37:29 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5C2A 42 B
89 B 21ms
21ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0hmcZssNcTCqsrlIZ0OUJs7vBZZDTO3rHu_40mU76aeQ5T7ks4q3cAJA2jasmhXSxBjlvGx535Jpem4m-V3f6JPzphcquvKO6ntDZq8AMd4kQmFtFiNzjKvEWGg&sai=AMfl-YQ_UswHb0WTBK6PJEBsipmY9s1VHQnazvRQlJxGG2quJ1qUGAsk-SIIv8l_mtiRQOCTIaH_m6pNOULxE-BO2l7vHjfW52R621baSqVp8HTOdEvVkjhrBHgTsa6D&sig=Cg0ArKJSzIumXI5LJ1SsEAE&cid=CAASF-RobqeeVfF13utfxT6wukE8gaUtvMLO&id=ampim&o=1060,907&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=132&tls=1133&g=100&h=100&tt=1133&r=v&avms=ampa&adk=1872795651

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 281ms
281ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=339263271%2Cadex_omaranhense.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3Deed68fde67e641ac%3AT%3D1605782248%3AS%3DALNI_MaX5a499jzsNju5IFE_e8AqJ6CtIw&bc=31&abxe=1&lmt=1605782250&dt=1605782250490&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=1060&adys=1890&adks=3610013781&ucis=7&ifi=11&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=88&icsg=572340935786492&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

c90cba7a3b5604466db94404eb427093392bd7dc6058336f60a6445d024e2619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10510
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 8B78 0
0 99ms
93ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Connection: keep-alive
Content-Length: 17037
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: W/"5e7a2cb3-cefd"
Expires: Fri, 04 Sep 2020 06:04:52 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 19 Nov 2020 10:37:30 GMT
Age: 16204
X-Served-By: cache-lga21969-LGA, cache-fra19152-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 147977
X-Timer: S1605782251.887817,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 18EB 0
0 96ms
92ms Document
text/html 184.24.15.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.15.122 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-15-122.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KHOPAG4R-G-BDJ2; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56ebGXOxtVOqDmCqHijLXCD/K1XE6wNU121TpS94OfHaS3J5oG+vEPIAYMXyJPObaA/FUuvBwH9kPDDzyZA0ea08qJ5CVbysEVH+Jg==; audit=1|hLZGFuTafB3Zu705Dp+rCs1+1ZYfrZ/aJE/NlmgnsJR5uVLyRtUaB9XojLHmnSo/Ij5wYjJQab8x+FptCLf6Skd2+VzOS4u9; pux=1512%3D95411%262307%3D95411%262974%3D95411%263778%3D95411%26goog%3D95411%262249-DV360-Hosted%3D95411%26idl%3D95411%26brx%3D95411%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Nov 2020 10:37:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 1944 0
0 277ms
90ms Document
text/html 104.79.88.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.155 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-155.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=156383:2; KADUSERCOOKIE=CC52A18B-8309-46B4-B8A6-D571D23A7832; chkChromeAb67Sec=1; DPSync3=1606953600%3A221_219_201_226; SyncRTB3=1608336000%3A203%7C1606953600%3A81_176_189_21_56_22_55_99_220_166_78_5_54_222_7_3_88_165_223_204_13_161_8_71%7C1606608000%3A63%7C1606348800%3A67_2_15%7C1607040000%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=29554
Expires: Thu, 19 Nov 2020 18:50:05 GMT
Date: Thu, 19 Nov 2020 10:37:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame B258 0
0 94ms
94ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.198.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=99110e18-9b4e-03a3-128e-b93b9fed5ed4|1605782247
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=99110e18-9b4e-03a3-128e-b93b9fed5ed4|1605782247; Version=1; Expires=Fri, 19-Nov-2021 10:37:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605782250|gekin0vNiygu; Version=1; Expires=Fri, 04-Dec-2020 10:37:30 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.198.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 19 Nov 2020 10:37:30 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 3198 180 KB
50 KB 60ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418858
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3198 13 KB
5 KB 154ms
102ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418858
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3198 90 KB
27 KB 155ms
104ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418858
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3198 3 KB
1 KB 163ms
112ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418853
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3198 41 KB
13 KB 166ms
115ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418858
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3198 3 KB
3 KB 144ms
93ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48480
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3198 344 B
374 B 144ms
93ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83042
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
DATA 200
OK truncated
/ Frame 3198 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f1f80aaef170c0d6e43c9d9802569f59f70245f1ab17adf0a27468f50454c1

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 14040156731164205091
tpc.googlesyndication.com/simgad/ Frame 3198 33 KB
34 KB 157ms
105ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14040156731164205091?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmK3yKD2sRThwFtEUbqbKj5UN-qtQ

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abaf83006811a5143992995c9921f57d2461baf46f5991e0584c896eea39c4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 09:21:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 07:36:59 GMT
server: sffe
age: 4562
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34231
x-xss-protection: 0
expires: Fri, 19 Nov 2021 09:21:29 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 3198 0
0 146ms
95ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEgXjp8qWpJhUeseCyGSGR_TiqYNkM6Lb88nhfRnh4EqAkn_07PKw1er9-gNNGJdPCUTJfEqdDanAFDC0U7QOmnaM3fA
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3198 0
0 149ms
98ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CY1Ph6kq2X-TqIOSumLAPt62KqAy_55qSYPfvrZfgDJaCzYWIFhABIP--7ixguei-gNQBoAGHg7_3A8gBAuACAKgDAcgDCKoE2AFP0BUhSRyu3W7okH3bh82lCnyVSgW4dJqDbcTAFlC8MkIc32zijR5UtD-OMyd0-80qx5PLiP6quziMRQ_Bo3RzC0PVeiTmE0AAVbvGgDv8ft9hMqIy_9FpuE4OGb0hhkuvsA-wJZzq2w-wqpgzkxF81l4NfbqXk59tSIuTiMLtyzUyHSga88AIPIXmCekewq-3bxuznTrgSDACBn2RfjF3uMBwe1botk12LZLAT5A2RXOE7R1MWIsbxqJyx7-Y3_ttfcIfCzXmcqSyzg6fClI9uJKkQlDDOL7ABO7ou-GaA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfk9JeJAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDx8AHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQwMTczMzM0NjAyMjk0NTOACgPICwHYEw2yFxoKGAgBEhRwdWItMzQyMzA4NTU0NTI5NjIzMQ&sigh=jjsJwoTSN6A&tpd=AGWhJmv3ltR6eAfu9dtV6ctXKCQV98ZPIarc7getgZiBIfsWgw
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 3610 0
0 90ms
79ms Document
text/html 104.79.88.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.155 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-155.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=156383:2; KADUSERCOOKIE=CC52A18B-8309-46B4-B8A6-D571D23A7832; chkChromeAb67Sec=1; DPSync3=1606953600%3A221_219_201_226; SyncRTB3=1608336000%3A203%7C1606953600%3A81_176_189_21_56_22_55_99_220_166_78_5_54_222_7_3_88_165_223_204_13_161_8_71%7C1606608000%3A63%7C1606348800%3A67_2_15%7C1607040000%3A35; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=29554
Expires: Thu, 19 Nov 2020 18:50:05 GMT
Date: Thu, 19 Nov 2020 10:37:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 2299 0
0 95ms
85ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.198.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=99110e18-9b4e-03a3-128e-b93b9fed5ed4|1605782247; pd=v2|1605782250|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=99110e18-9b4e-03a3-128e-b93b9fed5ed4|1605782247; Version=1; Expires=Fri, 19-Nov-2021 10:37:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605782250.1|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Fri, 04-Dec-2020 10:37:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.198.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 19 Nov 2020 10:37:31 GMT
content-type: text/html
content-length: 315
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 6306 0
0 86ms
79ms Document
text/html 184.24.15.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.15.122 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-15-122.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KHOPAG4R-G-BDJ2; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56ebGXOxtVOqDmCqHijLXCD/K1XE6wNU121TpS94OfHaS3J5oG+vEPIAYMXyJPObaA/FUuvBwH9kPDDzyZA0ea08qJ5CVbysEVH+Jg==; audit=1|hLZGFuTafB3Zu705Dp+rCs1+1ZYfrZ/aJE/NlmgnsJR5uVLyRtUaB9XojLHmnSo/Ij5wYjJQab8x+FptCLf6Skd2+VzOS4u9; pux=1512%3D95411%262307%3D95411%262974%3D95411%263778%3D95411%26goog%3D95411%262249-DV360-Hosted%3D95411%26idl%3D95411%26brx%3D95411%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Nov 2020 10:37:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame B841 0
0 78ms
77ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Connection: keep-alive
Content-Length: 17037
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: W/"5e7a2cb3-cefd"
Expires: Fri, 04 Sep 2020 06:04:52 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 19 Nov 2020 10:37:31 GMT
Age: 16205
X-Served-By: cache-lga21969-LGA, cache-fra19152-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 147982
X-Timer: S1605782251.294027,VS0,VE0
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame FBA0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d237a8b63016dce875654fb9fea17b06082e66320a74641047f1356e2a7df01

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 17CF 0
0 34ms
34ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.198.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=dab2cf93-8cf6-40fe-8eba-6a717724dace&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=99110e18-9b4e-03a3-128e-b93b9fed5ed4|1605782247; pd=v2|1605782250.1|kiiygevNgun0.mWgqsLommOns
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=99110e18-9b4e-03a3-128e-b93b9fed5ed4|1605782247; Version=1; Expires=Fri, 19-Nov-2021 10:37:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605782250.1|kiiygevNgun0.j8mWfcsHqGgqsLiSommOnsgi; Version=1; Expires=Fri, 04-Dec-2020 10:37:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.198.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 19 Nov 2020 10:37:31 GMT
content-type: text/html
content-length: 412
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame F7D8 0
0 22ms
22ms Document
text/html 184.24.15.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.15.122 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-15-122.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KHOPAG4R-G-BDJ2; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56ebGXOxtVOqDmCqHijLXCD/K1XE6wNU121TpS94OfHaS3J5oG+vEPIAYMXyJPObaA/FUuvBwH9kPDDzyZA0ea08qJ5CVbysEVH+Jg==; audit=1|hLZGFuTafB3Zu705Dp+rCs1+1ZYfrZ/aJE/NlmgnsJR5uVLyRtUaB9XojLHmnSo/Ij5wYjJQab8x+FptCLf6Skd2+VzOS4u9; pux=1512%3D95411%262307%3D95411%262974%3D95411%263778%3D95411%26goog%3D95411%262249-DV360-Hosted%3D95411%26idl%3D95411%26brx%3D95411%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Nov 2020 10:37:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 67B6 0
0 80ms
79ms Document
text/html 104.79.88.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.155 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-155.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=156383:2; KADUSERCOOKIE=CC52A18B-8309-46B4-B8A6-D571D23A7832; chkChromeAb67Sec=1; DPSync3=1606953600%3A221_219_201_226; SyncRTB3=1608336000%3A203%7C1606953600%3A81_176_189_21_56_22_55_99_220_166_78_5_54_222_7_3_88_165_223_204_13_161_8_71%7C1606608000%3A63%7C1606348800%3A67_2_15%7C1607040000%3A35; PUBMDCID=3; KRTBCOOKIE_1101=23040-6896782248279341207; PugT=1605782251; KRTBCOOKIE_27=16735-uid:b0b85fb6-4ae7-4400-bbae-7525ace50ffd&KRTB&16736-uid:b0b85fb6-4ae7-4400-bbae-7525ace50ffd&KRTB&23019-uid:b0b85fb6-4ae7-4400-bbae-7525ace50ffd&KRTB&23114-uid:b0b85fb6-4ae7-4400-bbae-7525ace50ffd; KRTBCOOKIE_391=22924-3217482176951851569; KRTBCOOKIE_22=14911-2470862219033368322; KRTBCOOKIE_377=22918-336fdc9e-1cc8-4e60-8354-17e767ab8474&KRTB&23031-336fdc9e-1cc8-4e60-8354-17e767ab8474
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=29554
Expires: Thu, 19 Nov 2020 18:50:05 GMT
Date: Thu, 19 Nov 2020 10:37:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame BA7F 0
0 24ms
23ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://omaranhense.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

Connection: keep-alive
Content-Length: 17037
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Tue, 24 Mar 2020 15:52:19 GMT
ETag: W/"5e7a2cb3-cefd"
Expires: Fri, 04 Sep 2020 06:04:52 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 19 Nov 2020 10:37:31 GMT
Age: 16205
X-Served-By: cache-lga21969-LGA, cache-fra19152-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 147985
X-Timer: S1605782252.596478,VS0,VE0
Vary: Accept-Encoding

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
26 KB 189ms
189ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=339263271%2Cadex_omaranhense.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3Deed68fde67e641ac%3AT%3D1605782248%3AS%3DALNI_MaX5a499jzsNju5IFE_e8AqJ6CtIw&bc=31&abxe=1&lmt=1605782251&dt=1605782251767&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=1060&adys=1534&adks=1682243789&ucis=8&ifi=12&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=87&icsg=572340935786492&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=3&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef70bef3c9d45aa1dd297f8d8beccb0e3736520d8c756876c97d5442b2b81b63

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1868552980005019127/BE_TVV_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_300x250_1.0.0/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1868552980005019127/BE_TVV_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_300x250_1.0.0/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWD04W1ju0CFdnl5god_0gA5Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/1868552980005019127/BE_TVV_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_300x250_1.0.0/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1868552980005019127/BE_TVV_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_300x250_1.0.0/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1868552980005019127/BE_TVV_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_300x250_1.0.0/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWD04W1ju0CFdnl5god_0gA5Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/1868552980005019127/BE_TVV_M7_CD_2020-10-12_GenericBLFriday_Think_IAB_Content_300x250_1.0.0/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26157
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 19 Nov 2020 10:37:31 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 286ms
286ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3385384423410218&correlator=4107187975956204&output=ldjh&impl=fif&adsid=NT&eid=21068749%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201119&iu_parts=21856261383%2Comaranhense300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3Deed68fde67e641ac%3AT%3D1605782248%3AS%3DALNI_MaX5a499jzsNju5IFE_e8AqJ6CtIw&bc=31&abxe=1&lmt=1605782251&dt=1605782251770&dlt=1605782244215&idt=882&frm=20&biw=1600&bih=1200&oid=3&adxs=1060&adys=896&adks=1914010199&ucis=9&ifi=13&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fomaranhense.com%2F&dssz=87&icsg=572340935786492&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

148f55996b72d2ade6b2278ec7ce4ddb010ed8b566fa9d03850a96b46c7fe895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 10:37:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10362
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://omaranhense.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 14040156731164205091
tpc.googlesyndication.com/simgad/ Frame 3198 33 KB
33 KB 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14040156731164205091?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmK3yKD2sRThwFtEUbqbKj5UN-qtQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abaf83006811a5143992995c9921f57d2461baf46f5991e0584c896eea39c4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 09:21:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 07:36:59 GMT
server: sffe
age: 4562
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34231
x-xss-protection: 0
expires: Fri, 19 Nov 2021 09:21:29 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3198 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48480
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3198 344 B
369 B 8ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83042
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
H2 200 container.html
ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6002 0
0 8ms
6ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 19 Nov 2020 10:37:25 GMT
expires: Fri, 19 Nov 2021 10:37:25 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 6
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 7D4F 180 KB
50 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418859
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 7D4F 13 KB
5 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418859
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 7D4F 90 KB
27 KB 78ms
75ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418859
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 7D4F 3 KB
1 KB 79ms
76ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418854
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 7D4F 41 KB
13 KB 79ms
76ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 418859
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7D4F 3 KB
3 KB 10ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48481
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7D4F 344 B
439 B 10ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83043
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
DATA 200
OK truncated
/ Frame 7D4F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4b74f79e9ae13d3a19f1f1501d0ba8124d17d607face9b569544c22ca9b3a90

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 12657302049867091362
tpc.googlesyndication.com/simgad/ Frame 7D4F 8 KB
8 KB 79ms
77ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12657302049867091362?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm0cbePZ8alwTp7dToN34kIkW9Fsg

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946299dcd4be7691489929f9d9b7ff844f3e664a54fbbd34034026a8373900d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 07:33:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Sep 2019 10:45:43 GMT
server: sffe
age: 270227
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8201
x-xss-protection: 0
expires: Tue, 16 Nov 2021 07:33:45 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 7D4F 0
0 80ms
78ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6HQMfByJJBW13Fl5SNdk3hr8TiQZJHpxdZ0tmS0mbDCoztZ4GHIu-x0qVmIhfiez1L2_IeFbiZC8eaJHWgGZmpJ29EQ
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7D4F 0
0 81ms
78ms Image
text/html 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cwsj360q2X-vrMYujxwK42JDgCKb4sq9cs_XavrcMv-EeEAEg4pGsIWC56L6A1AGgAc-PsdICyAECqQJBLaaQDTO2PuACAKgDAcgDCKoE1QFP0JvfJKzPDAauYcXYsx7s8f0yTGWstLibGt0kdu8y9FvXLxwD-InG4kObyl9v0aqPVy_uhs_P2BDu3eAywgz71PJE0Qr6J2yKbzsNv5PsBGpRq6pG_XHHFxTCv7WLhpiNEbtnhWU5Xbh5t7eYANYB3ecf5cq4aUf8YmT-YCy3ink_BNmi_bCDwCZCxANsCsMjAZJg6nYBtouhm5PG9tN9krOJoW-sf3RTGa8r9j611R7M1_ajyGVK1R-LDj8-xA85IqbDPprXTi2xwo7hadjO5R12yR7ABIS34MO2AuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeZ8M6tAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC5hAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU4ODYwMTE0OTYzNzc4MDaACgPICwHYEw2yFxoKGAgBEhRwdWItNzc4MjU0NTA1MzQ3MTE4Mg&sigh=dmmR6misdGU&tpd=AGWhJmuScOnYrrgqyIx0uqH2fJ4HZ9zZkve21VFUry5LBLLm9w
Requested by: Host: omaranhense.com
URL: https://omaranhense.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s29-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 12657302049867091362
tpc.googlesyndication.com/simgad/ Frame 7D4F 8 KB
8 KB 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12657302049867091362?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm0cbePZ8alwTp7dToN34kIkW9Fsg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946299dcd4be7691489929f9d9b7ff844f3e664a54fbbd34034026a8373900d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 07:33:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Sep 2019 10:45:43 GMT
server: sffe
age: 270227
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8201
x-xss-protection: 0
expires: Tue, 16 Nov 2021 07:33:45 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7D4F 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 21:09:31 GMT
x-content-type-options: nosniff
server: cafe
age: 48481
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Thu, 19 Nov 2020 21:09:31 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7D4F 344 B
439 B 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 83043
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:33:29 GMT

GET
H2 200 sgehtdt4g3srthvjyufvrbyrb68i
feed.buzzcdn.com/1/365_00947411/DE/desktop/3_0_0_x_2_5_0/ Frame 4AAE 0
0 304ms
276ms Document
text/html 2606:4700:3037::6812:25b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.buzzcdn.com/1/365_00947411/DE/desktop/3_0_0_x_2_5_0/sgehtdt4g3srthvjyufvrbyrb68i?campaign=1

Requested by

Host: data.gblcdn.com
URL: https://data.gblcdn.com/data/pastoclockp.js?id=841756e43b90452fb1c1&pubid=7895a300-9126-11ea-a2b3-876aecb6db10&pid=mholavwnelh&renderD=0&limitT=0&limitH=24&t=i&mt=b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6812:25b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: feed.buzzcdn.com
:scheme: https
:path: /1/365_00947411/DE/desktop/3_0_0_x_2_5_0/sgehtdt4g3srthvjyufvrbyrb68i?campaign=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

date: Thu, 19 Nov 2020 10:37:32 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d3998f20389435b31801720ce7cd64d4e1605782252; expires=Sat, 19-Dec-20 10:37:32 GMT; path=/; domain=.buzzcdn.com; HttpOnly; SameSite=Lax adonis-session=3ce178fdcd3cd65d18806ec82e9ac663XRyARN1At%2Bv2QfrfmZOvhK9l1xraNU2IMgf8GPvF1%2BOGWG6tb95qruW8TLvaXYaqp7G2vJyne%2BABhvH1b06riFpkc3t7DIqsAaHQpMkh90P%2BJobQ8w5q7ayTPOC1srSF; Path=/; HttpOnly XSRF-TOKEN=0d268589019caf7ef65f8888496e27d0tmQBAb3y513t%2FK12XmSqyibRr3eDY4Ij7V%2F6TuxHqH9HiOZyROUOd7t2lxdtNb8qj1CIQ69cxCHFwgCnxSDDK66NSyco%2FEy8LqK4Nm3%2F4mV2X2ui6iutgc1ofAxGCjH%2B; Max-Age=7200; Path=/; SameSite=Strict adonis-session-values=ff9a6b0f812d24f77eb1880ecbf7e53f3lpjAAugh5UrydwhmtCRFFLUwZIBczP7GpiQJFcHwmd9iJ3x49dEXJfWg7%2B9cnLE3cze6IHZ8Sabi3IZjXtfyuB8uxnO0SQV5OJ%2BnZgt2YomKOajypOW7dF4Z4azvzRmR7l2t66XWaAaPDnZNoMeUufYqbixFrMhGtY7XNV6GtI%3D; Path=/; HttpOnly __cf_bm=c1bcf80d2cae1e79093b913c69be044f3de9e97f-1605782252-1800-ATQUE4VSaZrye3ylhtCeDCAE5otJWm9kVBylMLwP4RMk53ah+qav3AXTx2A+bFl04aufc679bkhliwvWxwH9g60=; path=/; expires=Thu, 19-Nov-20 11:07:32 GMT; domain=.buzzcdn.com; HttpOnly; Secure; SameSite=None
x-frame-options: ALLOW-FROM *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
cf-cache-status: DYNAMIC
cf-request-id: 0681adc3a40000c2a4f4247000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fehrtnn5LwXXGMJttZauhsB2xZosH7OSlsCc40vW32VZTSAl8pWsJOmlA5iEYnS2o5A4E73I0yPdIbuwBFOgA3HV26KIHM0z5JSH64%2BxuXrne0QORhfk4JAkdJgu"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f494be5ceddc2a4-FRA
content-encoding: br

POST
H2 204 i
server.gblcdn.com/pool/ 0
0 407ms
407ms Fetch 2606:4700:3034::ac43:b802
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://server.gblcdn.com/pool/i?c=a8a2a4d0-92d3-11ea-bae0-33090187a0e9&pubid=7895a300-9126-11ea-a2b3-876aecb6db10&wid=aae86bd0-9126-11ea-a2ff-7f7f47e0c227&l=1&mck_o=&mck_b=&mck_c=&mck_ov=&mck_bv=&t=i&mt=b&dco=0&fq=&fqc=&su=https://feed.buzzcdn.com/1/365_00947411/{country}/desktop/3_0_0_x_2_5_0/sgehtdt4g3srthvjyufvrbyrb68i?campaign=1

Requested by

Host: data.gblcdn.com
URL: https://data.gblcdn.com/data/pastoclockp.js?id=841756e43b90452fb1c1&pubid=7895a300-9126-11ea-a2b3-876aecb6db10&pid=mholavwnelh&renderD=0&limitT=0&limitH=24&t=i&mt=b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b802 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 19 Nov 2020 10:37:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CpGFvAV4%2FSHRfBQYNMBT320WXKYtasi%2FsGlqkqUKsprpiRbN4cJEObRcStGx1kSq0rNSZv0MXKfOWo5pTUK4xyDoSY%2BcJaBHfYdilqm1aljoB8%2B1LdNXhiF7LGj1cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://omaranhense.com
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
cf-ray: 5f494be59e061756-FRA
vary: Origin
x-xss-protection: 1; mode=block
cf-request-id: 0681adc38300001756f5280000000001

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FBA0 42 B
176 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGPI6J_dQPsiupVVI2UtKMWdO1ATbs6KWrOlVWXk8GXQXkqHwoDD3Cmu6qa0AEk-xFwS4l3PRJ70LBl6B4DhsJtPzuNdHFD7aCym-eye4&sig=Cg0ArKJSzDSdYjwVGDC6EAE&adk=3660869937&tt=-1&bs=1600%2C1200&mtos=1096,1096,1096,1096,1096&tos=1096,0,0,0,0&p=0,0,90,728&mcvt=1096&rs=0&ht=0&tfs=4295&tls=5391&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=8&niot_cbk=86&md=2&btr=0&cpmav=0&lm=2&rst=1605782247182&dlt&rpt=424&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C2316&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-44-6-43-43-0-0-0&tvt=5386&is=728%2C90&iframe_loc=https%3A%2F%2Fomaranhense.com%2F&r=v&id=osdim&vs=4&uc=44&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201118

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7D4F 42 B
262 B 21ms
21ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvISAw8blmPwyzxRBazCumv1QKbXw1ZduFndoTayNFY3gBohjws3mkLE4XLGp1wBeCiKI2yehNI4LYchdY7Mi6SySEcb8Arbiu1KcDyG8_gIp9aWObWoBvfoRB5bw&sai=AMfl-YRrGHh_jbzLQuUdGv9IqqEOG3vfAk0XcznzRCNsTA3zcGc0td1hfZn9aS3AF97Vd-U-KdcE1aKUHdRMPGIhfob6_PIKGEq4-vobWlRtjda9otEkxr2DO3w1Feak&sig=Cg0ArKJSzMa5yQ9LfyF5EAE&cid=CAASF-RosIit8u-HKiimUZjGKZeWGs5p7-hd&id=ampim&o=1060,896&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=108&tls=1109&g=100&h=100&tt=1109&r=v&avms=ampa&adk=1914010199

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0B06 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83231e43b3f06e234dc7a8cf9f80bf26cc3f7420c0a7e3305e59a9a05969aca5

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B77A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e17dba822381cf8c1d2be3f88f78e4621affcf010e2f84173e5730c9d61f739

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0B06 42 B
93 B 20ms
20ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsut5SAcBnb3QxAfrVWsO0QUI4oYf9VuZb5xs_9bS7LOMxu66MW65O_4KbLDPJ85kVeQxobJ92roCsByf8DfgfTpspdgtNoiL8WJXb-QP0eP8bBoz8rfMmGP_yKqoA&sai=AMfl-YRokA6kQ7T3eoMS8rmMekjlbUx-kij9ZR_uaL0DeY2CF7AL89FkWYE_XqR5NoBQZoT5vgG6mPXim2p56WfQo4GA3Hf3wB83oKWYXADt6rp1p4foKDwqIyG3GlU&sig=Cg0ArKJSzCIggEQ7BtN0EAE&cid=CAASF-RoaEU_AekKxKtj1RJpvMTQV5ZjAv32&id=ampim&o=0,0&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=7301&tls=8302&g=100&h=100&tt=8302&r=v&avms=ampa&adk=3440138205

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B77A 42 B
66 B 17ms
17ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuInJmH1AUCTMQ5xuUtA0BDcpeG-vPiWID0OU8PauQHmoxpi-TPpdEX1va-2PJWQTfBudH-tmqVGmVMu8onoYU7_E4B6ttWJJTy_GCM1Ic&sig=Cg0ArKJSzGUVHpqKPrxoEAE&adk=3390501070&tt=-1&bs=1600%2C1200&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&p=0,0,250,300&mcvt=1084&rs=0&ht=0&tfs=6936&tls=8020&mc=1&lte=-1&bas=0&bac=0&met=ce&avms=nio&niot_obs=61&niot_cbk=83&md=2&btr=0&cpmav=0&lm=2&rst=1605782247595&dlt&rpt=131&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C2309&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-69-3-68-68-0-0-0&tvt=8018&is=300%2C250&iframe_loc=https%3A%2F%2Fomaranhense.com%2F&r=v&id=osdim&vs=4&uc=69&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201118

Requested by

Host: omaranhense.com
URL: https://omaranhense.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 10:37:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B731 0
0 288ms
288ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=1390757383&adf=3772463256&pi=t.ma~as.5394759653&w=300&lmt=1605782260&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245076&bpp=1&bdt=861&idt=1&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C0x0%2C300x250&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=572340935786492&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-2U_1__L6s8zDIICTVyb43qoAlJJKNATjpZtsgct3ApRneaSgjIJkhCxc2hxmtpQ%2CAGkb-H-U4YpZLw882zMdYOv19gWv_ZKgN1s1Dky-yoahRnXUoLG_cT7-zs7T7uckDEZE8Q%2CAGkb-H-ZFF4MYswfJsiHaYfW9g4qS0NCnwRuiXE704yeVNl7PprcbQwhKR26npFA41G4Pg&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4rLNljX51C&p=https%3A//omaranhense.com&dtd=15434

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4625787250108943074/nt_a20-DE_300x250_wr-suv-4-snowproof/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4625787250108943074/nt_a20-DE_300x250_wr-suv-4-snowproof/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPD05om1ju0CFRXCEQgdtVwJCw&gqi=9Eq2X7foH8Pl-gbVxauICw&layout=/sadbundle/%24csp%253Der3%24/4625787250108943074/nt_a20-DE_300x250_wr-suv-4-snowproof/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2045836159571176&output=html&h=250&slotname=5394759653&adk=1390757383&adf=3772463256&pi=t.ma~as.5394759653&w=300&lmt=1605782260&psa=0&format=300x250&url=https%3A%2F%2Fomaranhense.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605782245076&bpp=1&bdt=861&idt=1&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C0x0%2C300x250&nras=1&correlator=8697468774093&frm=20&pv=1&ga_vid=37356990.1605782245&ga_sid=1605782245&ga_hid=1252375684&ga_fc=0&iag=0&icsg=572340935786492&dssz=86&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-2U_1__L6s8zDIICTVyb43qoAlJJKNATjpZtsgct3ApRneaSgjIJkhCxc2hxmtpQ%2CAGkb-H-U4YpZLw882zMdYOv19gWv_ZKgN1s1Dky-yoahRnXUoLG_cT7-zs7T7uckDEZE8Q%2CAGkb-H-ZFF4MYswfJsiHaYfW9g4qS0NCnwRuiXE704yeVNl7PprcbQwhKR26npFA41G4Pg&pvsid=3385384423410218&pem=780&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=4rLNljX51C&p=https%3A//omaranhense.com&dtd=15434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://omaranhense.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://omaranhense.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4625787250108943074/nt_a20-DE_300x250_wr-suv-4-snowproof/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4625787250108943074/nt_a20-DE_300x250_wr-suv-4-snowproof/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPD05om1ju0CFRXCEQgdtVwJCw&gqi=9Eq2X7foH8Pl-gbVxauICw&layout=/sadbundle/%24csp%253Der3%24/4625787250108943074/nt_a20-DE_300x250_wr-suv-4-snowproof/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Nov 2020 10:37:40 GMT
server: cafe
content-length: 30009
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Nov-2020 10:52:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Nov 2020 10:37:40 GMT
cache-control: private

GET
DATA 200
OK truncated
/ Frame E44E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ac5101710b45bc01fcb9f0aa3527112434dfe4e14db02c333483da4d7c63303

Request headers

Referer: https://omaranhense.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 23:24:38	Name: IDE Value: AHWqTUnddEDU1lkLLmxcS_qhxY2hGfMTou-6Q46PcLlA-V9M0NvbLIZMjnOj53BB
.doubleclick.net/	1970-01-19 14:03:05	Name: DSID Value: NO_DATA
.omaranhense.com/	1970-01-19 22:48:38	Name: nvg70303 Value: ce228a9ad94fff5fe30f1418a09\|0_325

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://api.nobeta.com.br/nobetaads&id=omaranhense.inter(Line 3) Message: %cnobeta%c formats encurtador,intercontent,alert,preparagraph,dt,ft color: darkslategray; background-color: sandybrown; padding:1px 3px; border-radius: 3px; margin-right: 7px
console-api	log	URL: https://sandflos.com/t.js?i=ruxdvsbvrcgoqtu1xn&cb=0341481605782244696(Line 30) Message: %c [object HTMLImageElement]
console-api	log	URL: https://sandflos.com/t.js?i=c4im3yhdlmn8a2029ntt&cb=6194241605782244714(Line 30) Message: %c [object HTMLImageElement]
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'addService' of null
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://omaranhense.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://omaranhense.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://omaranhense.com/
console-api	log	(Line 1) Message: [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://omaranhense.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://omaranhense.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://omaranhense.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

110bf6a8955da4cf6922b00c5aeb860b.safeframe.googlesyndication.com
9a60858b45671c2f6d85dad3dd473999.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
adpone-d.openx.net
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.be
adservice.google.com
adservice.google.de
ae923e40811f37c7c2bead4e9383af43.safeframe.googlesyndication.com
api.grumft.com
api.nobeta.com.br
bidder.criteo.com
cdn.ampproject.org
cdn.navdmp.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
data.gblcdn.com
df2c4561db00ee4e25db5fb0f96a3acc.safeframe.googlesyndication.com
e1eee0dc8370bd4cb01960719e955c9f.safeframe.googlesyndication.com
eu-u.openx.net
eus.rubiconproject.com
fac4e62f6b84b87301cd74aea4ef4bf3.safeframe.googlesyndication.com
fastlane.rubiconproject.com
feed.buzzcdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.adpone.com
hbopenbid.pubmatic.com
ib.adnxs.com
omaranhense.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
prebid-us.creativecdn.com
prg.smartadserver.com
s0.2mdn.net
s3-eu-west-1.amazonaws.com
sandflos.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
server.gblcdn.com
static.criteo.net
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tpc.googlesyndication.com
usr.navdmp.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.79.88.155
143.204.201.94
151.101.13.108
172.217.16.134
172.217.18.162
178.250.2.131
184.24.15.122
185.184.10.30
185.64.189.112
185.86.138.121
191.6.208.42
192.95.31.56
2.18.233.201
212.82.100.182
216.58.205.226
23.37.53.17
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:20::681a:a19
2606:4700:3034::ac43:b802
2606:4700:3037::6812:25b9
2606:4700::6810:bf3
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:816::2001
2a00:1450:4001:817::2001
2a00:1450:4001:817::2003
2a00:1450:4001:818::2008
2a00:1450:4001:81a::2004
2a00:1450:4001:81a::2006
2a00:1450:400c:c00::9c
2a02:2638:1::3
2a02:2638::1c
35.244.156.216
35.244.159.8
37.252.172.37
52.218.88.235
69.173.144.143
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc
02c51e6e4887fae42664e1c98a7916393adb423dcfcdb1ae50431060d64a9edb
03e8d2d23d92a0463be8a5bc0de35a4efe143829f78458a0a2428bc0fad74216
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0548a34e1f94e73ba30c13a14a5c4351d28230779b06f1b6f6ea3e0e148ed7f9
06e27bce964eedb04e27d122e180bb3d6dbc09fc3a57a590c278e97677996723
09ca0b987750bf8f124ff40f082cba74aec40def5f2e7f07dcf58abe570fd166
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0da294077b83353f593503a70b86fa83b54e822a24f3ca63af89f05064a5595a
1159e31f89e96cd472b8784ff95bc79fcd24862264ec2dacd6be35fd53242b2d
118e84b97888a53422dc91afd08dcf38a6dbee38e72078ae42bea14fff6907ac
148f55996b72d2ade6b2278ec7ce4ddb010ed8b566fa9d03850a96b46c7fe895
15a799575eea419733085c76927ace7ec676b00a71aec40812a45b2f1959e459
1746d52bd237a3f9536a6660c3b769d8a059e150e5195174c72f8b371961466d
1920ffd54914a3f836fcc5736afbd4509173f880d3c87ef9d8cb954739a19e3a
19256ce6a7cc028af4e55b27751fb06bbd1629163404bbf576a13fa8342b203f
1d4a1339e4b0faff5038dc7541da79e4840fab0e82a83e1e1c1d28001f192374
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
257bb2b733ae94efcb800660280b8b5ac3a98293175d973d71b75d5f35acd7be
26e3ca7ea4955ef0f3add437f13b70cb0bff94ded5d99bb5933e80bf1ade44bb
27ccbcc1e3ff73d89d8ce22583640dff6e8ca91cf45d860c158d08df220029b4
28dbb07338d3da53dded0c412a60bc485bf9e4313cd660d147b6883fe1812ab2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d237a8b63016dce875654fb9fea17b06082e66320a74641047f1356e2a7df01
2d72ce1148be76a14ed4d7bd21c32b482903b6a2419c89bd6d44336440daf501
2e417791592213c3890a6df05cbd30c59275fcb2387f97ed61243a757f7ea4a9
2fbd4ee154c55ec9bbc7577c4a8706e6c1fff9feb7101b0ccf2855372eb5148e
31f1f80aaef170c0d6e43c9d9802569f59f70245f1ab17adf0a27468f50454c1
324fffb5ff903d92572dfe7ceac90b24c36aa26e7c15c9fc6f36fdc13a071550
340188f3c05dea80cd4f2735f635c4f989085917b5e4e2ba933fe1defbb1a392
35b7f92fe5fa921ff5e686240c5951435b762f2b0b966b3f127245e086e26991
35f3adce819c8f95305902ef0e55913f1f18ff1b49557c58c5b67c5fa3d96e5d
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be
37b2622c212b61f9eced9f39259fcae71446f5927782ed29fcbf5c2b98a2e2eb
3bf09f5b88bc9b80792efb42f8243afb36c40e6c153cec54bd8daed5ff23099b
437f0df93cfde16d277d61ba740d9a3f56fecde74a3de7d789ae02808590a9db
461b691fdff2000db9b41c9e8f8ea202059bb7d9f3ce4b09a69a351d0cfd45d0
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
499f5098c72bd9cc54cd27e20405899e88a6003f054cb2148d8d0245ffeefede
49acb615d61e40a2c6fcda6ab7013f5166a18c02877a6f9d01d7e6d8e0c38720
49ae691f9a910bf1a4ac55e67ec1d47a359fc1926f5bc2086577f328598c6c0b
4b2b86009f9e7cb19ca59279daf7db511e38bef7866d3807e476151e25daacc9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
558306120cd54b9bb7193b5a7b4209b9e29c0a639d298da2b0e906fbdc05e946
55905d1f8fd1e8fbae546f9c5c05721d4d0fa9994c28b1234f103264e4da6085
55a79b5abb315b3d81fe9117ad8ef289657ab221bd27ce9ecdd8df9934dd89e5
56000584d571bf93576734b6f2ff652d38494c520fa96f5e0b1d1dac28f5e651
597b7b09ede9fc59cde183b0262049d0064671066104a3417ef86a7f52d3ac8b
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
5e82a59adf76cb16514416b98f9a094bfe7aaad130c9bfb06a4a82c4db45798c
5f00e913e65862a33e03b64344d9e78165b0e9c96315c9505619b1b2dcc2ed81
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b6691e93e142d66a8a33b2de0018c5e5876571ac62e702a67a1d75da07ec362
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ffd84868d7c4232e88167eb1adc0a83d4c1f5efb41d78eb1a03127dcdb625
6dba8235e63002173ac8a488e983f98b05e9f6b53bf8c1d506ed24bb980994db
6e17dba822381cf8c1d2be3f88f78e4621affcf010e2f84173e5730c9d61f739
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f0c437826bfe0fa4014a50ab6551f78c3d15d2e8e0348161a573cf527707920
708c923e63fd1811649b33480f4dda7d79cb3b9e603e2ef974c7bb4711891208
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
7826a49ac958828f54307ee691b3046fed960b75d09155503bddc8a276c72749
78d4605b0d3a28d67150c9f23e510281d227061e7346d07846c72a822140f69a
79dfca067f5c1fe24b2866f0ab0f0848a63269cdb59ef8a8a0c708070b5347d4
7a28ac7c9b8732a7cab4ba1b2de94a0bba02413760bdfe93456aa59940718393
7afa69e861a6d67e6b2cf833fa4f98de16aedadc0097693f67dba1f993332156
7f400529aa0a6d693e9f3a8616091bd80de68903294123c3a6e596d41a53d86b
80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320
80ba016670fbff044c837f7a834165b168c368ab2de6ca75f5ebb34b9ee3be2f
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1
83231e43b3f06e234dc7a8cf9f80bf26cc3f7420c0a7e3305e59a9a05969aca5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b34decfab5ee3b8db9b14455db492beaf07692e705eb17ae164185c22dcbad
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990
8c23533b2dcb73c3435e60d435042b1ef7076f4ddce6af81b596c26e66e814e1
8c3b09ea8686ebd52952dbafdf0e59735b3be8c15ffe2161752529d464ccc268
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8d8b7d9526adafbe2a3b3742896253a8aea6d7f85c016d5fc2257ea1c6eb01f0
8ed1ac2159be7c2aa7384a494bef89572790b84c866d8ab47e24fd70da498f6d
9220e405bdd1ea5ff5743bf388356c015c8e4cd95e153984efa0e8aabb28ef8a
946299dcd4be7691489929f9d9b7ff844f3e664a54fbbd34034026a8373900d2
96094930bc5eb7637a72b04085b2861e6f6276b177c1278dc938aec5d6d5afc4
99ad627f3ccd08cb9f2753893bbc197034b2131ec039e931864320ea4cc1ec8a
99da0edc36611d25bd98a1908507bfd265a8cc52634dc8ce6df846f0b29ac491
9ac5101710b45bc01fcb9f0aa3527112434dfe4e14db02c333483da4d7c63303
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
9d43b2ee50544c57087fca4a3d7d7c307ef27feaf4410d1f05c0c71e8f547a35
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ad2669d499ad74cb6cba2677faa6267832a5f21b47660f7543c1daf2386d61
a42881678450add9dff5deee2ac28431f77a8fae59d7d6df949699d46176f4b0
a731d54a01f50973cc4d76c62c8c2ccb645ff90c8baf7aa8e8ae515c6460399e
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
abaf83006811a5143992995c9921f57d2461baf46f5991e0584c896eea39c4a9
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
ae39627b74c7767fa84f0e1ef24a31278e1cde96990c1907a66f3bdf5231add7
ae97877953a9de26a932b0f9d346637d0ac7029f6da7cbe76d53546230c62d7f
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b3ebecd5d8e968b9a3b337b9323d7a86ece0675d7e794bec2ff65ca4b9a0885a
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b9688a4c98767ad95142d380bec770f7705c30c1c88a871240e9c40427d9d177
c0974c808e5d633cc12d9df686eb404acfed6283207cbeb21bd89a28877ce19d
c0e32e72414b99b9ac262187c3f96e3520b549720eb0aff7ceb5303d87f36c4a
c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837
c6122a59f3f3e287109cd607ac31495520f1e00addb9ad8b7742f5308d2e0c67
c8815ac4522ea18ce04445bd259af28f64ca07209830315e779436a1cc3904e9
c90cba7a3b5604466db94404eb427093392bd7dc6058336f60a6445d024e2619
c98a883fb402e6f164c622903ad4ebd6722044747d753e35137542efa375c9c2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0af456dcaac42be1ae8d48dbd1d4587e3decf85b9b1b14c08a5054e43a77c6a
d29c25135fb0c32bedde6dd601893998041f2e0ff76f2ffdc73eaab6303e6919
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d57a052268e9986ecfe2b49a1f4c1b7fee36acda146db812f103bf539b769e30
d7cdbdc578b918821e5a7b74c707e937addcb6faa9dbf437fe5480fbcd77bcf5
da2cf316b1bd67959a66c7c6a050eb869b19ac47fcb9dd6ef80fcfb5590e0d97
dbc3eed08716d3181d11c1cb9efb98e131e14dc0d92004fdec7e44d5ab924856
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e1b0fbbb6822731d7e9d09c06adb1e1d42e4e095f2f0dc31bf97e25d440b2b
e164b18bde0c8cb2d5b27728b03406fccd9e02b6a8ea597f726d003b6db7eb2f
e34ab29548ce7868549c3f692e2d1adbd1f2f21b65645fe8fbe9c3eac219550e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41823850acde6b5c4d05fa59cd0d7e2f098b72570e565d3bcb5d724c9e96d51
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4b74f79e9ae13d3a19f1f1501d0ba8124d17d607face9b569544c22ca9b3a90
e5e3a009889e41ee0c2a5326ae1fd5cb6d388b973b8321c5f937a0afcdb2a82a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e82cc27d3ecef35d2b35af24efc81dfe281f5c0db966903af59495f42460a07e
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef70bef3c9d45aa1dd297f8d8beccb0e3736520d8c756876c97d5442b2b81b63
f09544fb61f561f0f5ece32229d136a07702720d9fecb9cd738a700753be3a18
f7f6185b9879d35631edaf4d3d17cb55266a18f822cf0c7d289b800adcd3ae87
fb6d86692cd6763ea425040ea01f9db1af7d9afc3831d9d7befce4cd766a67b3
fd9eb58429bdf206519a1e595257ef3c137b2bcf510618dcfee5b6515f8dd04a
fe5b1787fe320ab28e3ee9a18f0feea955438c4f9a6fab32a02ca1d210520169
ffeec369712524be873682adfb4b62f7147f1a1756a7ad82c0ef2efcdfba0e60

omaranhense.com Open in urlscan Pro 191.6.208.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

343 Requests

100 %HTTPS

50 %IPv6

34 Domains

57 Subdomains

41 IPs

12 Countries

3994 kBTransfer

9683 kBSize

3 Cookies

6 Outgoing links

Redirected requests

343 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

omaranhense.com Open in urlscan Pro
191.6.208.42 Public Scan

Screenshot
Live screenshot

Full Image

343
Requests

100 %
HTTPS

50 %
IPv6

34
Domains

57
Subdomains

41
IPs

12
Countries

3994 kB
Transfer

9683 kB
Size

3
Cookies

343 HTTP transactions
10 data transactions