urlscan.io logo urlscan.io
SecurityTrails logo

www.guatevision.com Open in urlscan Pro
192.0.66.184  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.guatevision.com/
Submission: On March 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 9 countries across 83 domains to perform 853 HTTP transactions. The main IP is 192.0.66.184, located in United States and belongs to AUTOMATTIC, US. The main domain is www.guatevision.com.
TLS certificate: Issued by R3 on January 28th 2021. Valid for: 3 months.
This is the only time www.guatevision.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
54 192.0.66.184 2635 (AUTOMATTIC)
10 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 213.174.135.2 39572 (ADVANCEDH...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 52.217.74.132 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 95.101.178.151 16625 (AKAMAI-AS)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 192.0.76.3 2635 (AUTOMATTIC)
1 65.9.187.115 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20d... 16509 (AMAZON-02)
46 2a00:1450:400... 15169 (GOOGLE)
2 147.75.85.120 54825 (PACKET)
1 116.202.80.167 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.32.24.97 16509 (AMAZON-02)
1 205.234.175.175 30081 (CACHENETW...)
5 2a00:f48:2000... 47447 (TTM)
101 142.250.185.226 15169 (GOOGLE)
1 143.204.97.94 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 54.243.241.242 14618 (AMAZON-AES)
1 142.250.185.70 15169 (GOOGLE)
1 2.18.234.190 16625 (AKAMAI-AS)
6 14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 16 46.249.52.248 50673 (SERVERIUS-AS)
1 52.218.209.26 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
1 5.178.65.252 50673 (SERVERIUS-AS)
2 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
111 2a00:1450:400... 15169 (GOOGLE)
3 3 72.251.249.13 29791 (VOXEL-DOT...)
2 46.249.52.249 50673 (SERVERIUS-AS)
4 49 2a00:1450:400... 15169 (GOOGLE)
4 185.33.221.87 29990 (ASN-APPNEX)
3 22 142.250.185.98 15169 (GOOGLE)
4 5 35.227.248.159 15169 (GOOGLE)
2 3 37.157.2.235 198622 (ADFORM)
4 7 54.154.164.132 16509 (AMAZON-02)
1 151.101.13.44 54113 (FASTLY)
1 2 154.57.158.51 26558 (FREEWHEEL)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.246.39.225 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.106 24961 (MYLOC-AS ...)
1 3 52.48.137.92 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 52.56.207.211 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 34.243.1.111 16509 (AMAZON-02)
1 159.69.64.14 24940 (HETZNER-AS)
5 5 151.101.114.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 54.165.137.101 14618 (AMAZON-AES)
1 2 52.95.118.60 16509 (AMAZON-02)
1 1 92.123.150.214 16625 (AKAMAI-AS)
1 65.9.58.29 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 45.60.33.16 19551 (INCAPSULA)
3 52.20.98.49 14618 (AMAZON-AES)
17 2a00:1450:400... 15169 (GOOGLE)
100 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 54.86.238.174 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.200 13414 (TWITTER)
4 2.16.186.105 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:211... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 142.250.186.34 15169 (GOOGLE)
4 185.86.139.59 201081 (SMARTADSE...)
2 2a00:1450:400... 15169 (GOOGLE)
3 3 185.29.135.233 30419 (MEDIAMATH...)
3 3 66.155.71.149 13768 (COGECO-PEER1)
3 3 35.186.193.173 15169 (GOOGLE)
3 34.96.105.8 15169 (GOOGLE)
5 5 23.37.42.216 16625 (AKAMAI-AS)
3 3 2a00:1288:110... 34010 (YAHOO-IRD)
3 2620:116:800d... 16509 (AMAZON-02)
2 44.192.95.220 14618 (AMAZON-AES)
9 2607:f8b0:400... 15169 (GOOGLE)
9 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
13 3.92.86.34 14618 (AMAZON-AES)
1 52.6.128.65 14618 (AMAZON-AES)
3 35.156.153.71 16509 (AMAZON-02)
6 178.162.133.149 60781 (LEASEWEB-...)
3 51.89.9.254 16276 (OVH)
3 13.58.174.102 16509 (AMAZON-02)
7 17 2.18.234.233 16625 (AKAMAI-AS)
3 213.19.147.210 3356 (LEVEL3)
3 3.122.165.24 16509 (AMAZON-02)
5 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 104.111.230.142 16625 (AKAMAI-AS)
3 69.173.144.143 26667 (RUBICONPR...)
1 1 46.228.164.13 56396 (TURN)
4 34.253.109.165 16509 (AMAZON-02)
1 69.169.85.6 33597 (ATLANTIC-...)
1 216.58.212.162 15169 (GOOGLE)
4 4 18.197.249.149 16509 (AMAZON-02)
2 34.232.56.253 14618 (AMAZON-AES)
1 54.239.17.112 16509 (AMAZON-02)
853 105
54    192.0.66.184 (United States)

ASN2635 (AUTOMATTIC, US)
www.guatevision.com
10    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.gravitec.net
1    2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
4    52.217.74.132 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
streann-static.s3.amazonaws.com
3    2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
1    95.101.178.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-178-151.deploy.static.akamaitechnologies.com
graphics.afpforum.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    65.9.187.115 (United States)

ASN16509 (AMAZON-02, US)
certify-js.alexametrics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:20d7:9200:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
46    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
api.cxense.com
1    116.202.80.167 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.167.80.202.116.clients.your-server.de
scomcluster.cxense.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.32.24.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-97.fra56.r.cloudfront.net
ecdn.analysis.fi
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
sakimg.e-planning.net
5    2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)
cdn.insurads.com
101    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    143.204.97.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-94.fra50.r.cloudfront.net
certify.alexametrics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    54.243.241.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-241-242.compute-1.amazonaws.com
services.insurads.com
messaging.insurads.com
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
14    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
16    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    52.218.209.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com
guatevision.s3.amazonaws.com
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
15    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
16    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
s.e-planning.net
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
26    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ced04a3d4345ad4588667ebe0a67d0e0.safeframe.googlesyndication.com
6d45976d15ae950b386981bbf04d250f.safeframe.googlesyndication.com
fd1446388e48171d2ca8dabd8dc6d58f.safeframe.googlesyndication.com
63730eeb8116fe6633fcc0426f941673.safeframe.googlesyndication.com
cd00bbc51b90209ba3e508328f3b6574.safeframe.googlesyndication.com
024851ddcc4d53e3df145ce2b2bee238.safeframe.googlesyndication.com
0bd28a3fb7462fd80e8907ee49860446.safeframe.googlesyndication.com
0fb87077e30a6b9fa4446eae7d81619f.safeframe.googlesyndication.com
2a34dcbb2fc79f908d3fb6a953154092.safeframe.googlesyndication.com
111    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
u-ams02.e-planning.net
49    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.be
googleads.g.doubleclick.net
4    185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
22    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
3    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
7    54.154.164.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
2    154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)
PTR: amsadvip2.fwmrm.net
dmp.v.fwmrm.net
1f2e7.v.fwmrm.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.246.39.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadeu.exelator.com
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.106 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
3    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
cms.analytics.yahoo.com
1    52.56.207.211 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
2    34.243.1.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
1    159.69.64.14 (Germany)

ASN24940 (HETZNER-AS, DE)
sync.richaudience.com
5    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    54.165.137.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    92.123.150.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    65.9.58.29 (United States)

ASN16509 (AMAZON-02, US)
tags.crwdcntrl.net
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    45.60.33.16 (United States)

ASN19551 (INCAPSULA, US)
plconnect.prensalibre.com
3    52.20.98.49 (United States)

ASN14618 (AMAZON-AES, US)
ping.chartbeat.net
17    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
100    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    54.86.238.174 (United States)

ASN14618 (AMAZON-AES, US)
ott.streann.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.be
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    2.16.186.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    2600:9000:211e:f800:18:e253:91c0:21 (United States)

ASN16509 (AMAZON-02, US)
dkae4asr0dphj.cloudfront.net
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
10    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
4    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr.blismedia.com
5    23.37.42.216 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
tracking.m6r.eu
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
3    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    44.192.95.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
msg-0fedcff5b8e00e8c0.insurads.com
9    2607:f8b0:4008:804::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
9    2a02:26f0:7100:2a4::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
vast.aniview.com
player.aniview.com
1    2a00:1450:400e:23::9 (Ireland)

ASN15169 (GOOGLE, US)
r3---sn-5hne6nlr.googlevideo.com
1    2a00:1450:4001:5d::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5ednld.googlevideo.com
3    2a00:1450:400c:c04::71 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
13    3.92.86.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    52.6.128.65 (United States)

ASN14618 (AMAZON-AES, US)
gov.aniview.com
3    35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-153-71.eu-central-1.compute.amazonaws.com
pixel.advertising.com
6    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
3    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    13.58.174.102 (Columbus, United States)

ASN16509 (AMAZON-02, US)
rtb.gamoshi.io
17    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
3    3.122.165.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-server.rubiconproject.com
5    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
6    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
video-ads.rubiconproject.com
3    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
optimized-by.rubiconproject.com
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
4    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
1    69.169.85.6 (United States)

ASN33597 (ATLANTIC-METRO-COMMUNICATIONS-II-INC, US)
global.ib-ibi.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
www.googleadservices.com
4    18.197.249.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
2    34.232.56.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
1    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
220 googlesyndication.com
ced04a3d4345ad4588667ebe0a67d0e0.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
6d45976d15ae950b386981bbf04d250f.safeframe.googlesyndication.com
fd1446388e48171d2ca8dabd8dc6d58f.safeframe.googlesyndication.com
63730eeb8116fe6633fcc0426f941673.safeframe.googlesyndication.com
cd00bbc51b90209ba3e508328f3b6574.safeframe.googlesyndication.com
024851ddcc4d53e3df145ce2b2bee238.safeframe.googlesyndication.com
0bd28a3fb7462fd80e8907ee49860446.safeframe.googlesyndication.com
0fb87077e30a6b9fa4446eae7d81619f.safeframe.googlesyndication.com
2a34dcbb2fc79f908d3fb6a953154092.safeframe.googlesyndication.com
3 MB
162 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
pubads.g.doubleclick.net
1 MB
54 guatevision.com
www.guatevision.com
2 MB
46 googletagservices.com
www.googletagservices.com
1 MB
40 google.com
www.google.com
adservice.google.com
18 KB
26 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
249 KB
25 aniview.com
vast.aniview.com
player.aniview.com
track1.aniview.com
gov.aniview.com
sync.aniview.com Failed
539 KB
24 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
1 MB
22 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
398 KB
20 e-planning.net
sakimg.e-planning.net
ads.us.e-planning.net
s.e-planning.net
u-ams02.e-planning.net
27 KB
16 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
5 KB
15 google.de
www.google.de
adservice.google.de
3 KB
15 insurads.com
cdn.insurads.com
services.insurads.com
messaging.insurads.com
msg-0fedcff5b8e00e8c0.insurads.com
48 KB
13 cloudflare.com
cdnjs.cloudflare.com
200 KB
12 rubiconproject.com
prebid-server.rubiconproject.com
video-ads.rubiconproject.com
optimized-by.rubiconproject.com
70 KB
11 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
2 KB
11 youtube.com
www.youtube.com
s.youtube.com
644 KB
10 ampproject.org
cdn.ampproject.org
98 KB
8 google.be
adservice.google.be
2 KB
8 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
15 KB
7 adsrvr.org
match.adsrvr.org
3 KB
6 sonobi.com
sync.go.sonobi.com
3 KB
5 m6r.eu
tracking.m6r.eu
3 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 tapad.com
pixel.tapad.com
2 KB
5 amazonaws.com
streann-static.s3.amazonaws.com
guatevision.s3.amazonaws.com
49 KB
4 360yield.com
ad.360yield.com
1 KB
4 smartadserver.com
prg.smartadserver.com
1 KB
4 sascdn.com
ced.sascdn.com
45 KB
4 2mdn.net
s0.2mdn.net
66 KB
4 mathtag.com
pixel.mathtag.com
sync.mathtag.com
3 KB
4 yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
3 KB
4 adnxs.com
ib.adnxs.com
2 KB
4 cxense.com
cdn.cxense.com
api.cxense.com
scomcluster.cxense.com
28 KB
3 1rx.io
tag.1rx.io
828 B
3 gamoshi.io
rtb.gamoshi.io
963 B
3 onetag-sys.com
onetag-sys.com
2 KB
3 advertising.com
pixel.advertising.com
3 quantserve.com
cms.quantserve.com
883 B
3 blismedia.com
tr.blismedia.com
364 B
3 ctnsnet.com
gcm.ctnsnet.com
1 KB
3 sitescout.com
pixel-sync.sitescout.com
1 KB
3 streann.com
ott.streann.com
2 KB
3 chartbeat.net
ping.chartbeat.net
505 B
3 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
1 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
941 B
3 adform.net
dmp.adform.net
c1.adform.net
840 B
3 lijit.com
ap.lijit.com
2 KB
3 google-analytics.com
www.google-analytics.com
19 KB
3 addtoany.com
static.addtoany.com
60 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
2 googlevideo.com
r3---sn-5hne6nlr.googlevideo.com
r3---sn-4g5ednld.googlevideo.com
645 KB
2 ytimg.com
i.ytimg.com
46 KB
2 cloudfront.net
dkae4asr0dphj.cloudfront.net
26 KB
2 weborama.fr
idsync.frontend.weborama.fr
845 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
792 B
2 fwmrm.net
dmp.v.fwmrm.net
1f2e7.v.fwmrm.net
821 B
2 googletagmanager.com
www.googletagmanager.com
86 KB
2 facebook.net
connect.facebook.net
62 KB
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
5 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
1 ib-ibi.com
global.ib-ibi.com
72 B
1 turn.com
d.turn.com
411 B
1 ggpht.com
yt3.ggpht.com
3 KB
1 prensalibre.com
plconnect.prensalibre.com
1 KB
1 bluekai.com
tags.bluekai.com
346 B
1 richaudience.com
sync.richaudience.com
524 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
378 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 pubmatic.com
image6.pubmatic.com
240 B
1 taboola.com
trc.taboola.com
163 B
1 navdmp.com
tag.navdmp.com
4 KB
1 outbrain.com
widgets.outbrain.com
3 KB
1 analysis.fi
ecdn.analysis.fi
2 KB
1 chartbeat.com
static.chartbeat.com
14 KB
1 jsdelivr.net
cdn.jsdelivr.net
2 KB
1 afpforum.com
graphics.afpforum.com
3 KB
1 gravitec.net
cdn.gravitec.net
18 KB
853 83
Domain Requested by
111 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.guatevision.com
dkae4asr0dphj.cloudfront.net
cdn.ampproject.org
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
imasdk.googleapis.com
100 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
srcdoc
googleads.g.doubleclick.net
imasdk.googleapis.com
www.googletagservices.com
tpc.googlesyndication.com
www.guatevision.com
86 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.guatevision.com
54 www.guatevision.com www.guatevision.com
46 www.googletagservices.com www.guatevision.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
36 googleads.g.doubleclick.net 4 redirects pagead2.googlesyndication.com
www.youtube.com
www.guatevision.com
googleads.g.doubleclick.net
26 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
22 cm.g.doubleclick.net 3 redirects www.guatevision.com
googleads.g.doubleclick.net
17 ads.stickyadstv.com 7 redirects player.aniview.com
www.guatevision.com
cdn.stickyadstv.com
17 imasdk.googleapis.com streann-static.s3.amazonaws.com
imasdk.googleapis.com
dkae4asr0dphj.cloudfront.net
16 ads.us.e-planning.net 2 redirects www.guatevision.com
sakimg.e-planning.net
15 pubads.g.doubleclick.net imasdk.googleapis.com
www.guatevision.com
15 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
14 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
14 www.google.com 6 redirects www.guatevision.com
www.youtube.com
googleads.g.doubleclick.net
13 track1.aniview.com www.guatevision.com
player.aniview.com
13 mwzeom.zeotap.com www.guatevision.com
13 cdnjs.cloudflare.com www.guatevision.com
cdnjs.cloudflare.com
10 partner.googleadservices.com pagead2.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 csi.gstatic.com imasdk.googleapis.com
8 adservice.google.be securepubads.g.doubleclick.net
8 www.youtube.com www.guatevision.com
www.youtube.com
7 match.adsrvr.org 4 redirects googleads.g.doubleclick.net
bcp.crwdcntrl.net
7 services.insurads.com cdn.insurads.com
www.guatevision.com
7 fonts.googleapis.com www.guatevision.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 video-ads.rubiconproject.com imasdk.googleapis.com
6 sync.go.sonobi.com player.aniview.com
6 player.aniview.com imasdk.googleapis.com
player.aniview.com
5 cdn.stickyadstv.com player.aniview.com
cdn.stickyadstv.com
5 tracking.m6r.eu 5 redirects
5 sync-tm.everesttech.net 5 redirects
5 pixel.tapad.com 4 redirects spl.zeotap.com
5 cdn.insurads.com www.googletagmanager.com
services.insurads.com
pagead2.googlesyndication.com
4 ad.360yield.com 4 redirects
4 sync.crwdcntrl.net bcp.crwdcntrl.net
4 prg.smartadserver.com ced.sascdn.com
4 ced.sascdn.com securepubads.g.doubleclick.net
4 s0.2mdn.net imasdk.googleapis.com
4 ib.adnxs.com spl.zeotap.com
player.aniview.com
4 streann-static.s3.amazonaws.com www.guatevision.com
streann-static.s3.amazonaws.com
3 optimized-by.rubiconproject.com video-ads.rubiconproject.com
3 prebid-server.rubiconproject.com player.aniview.com
3 tag.1rx.io player.aniview.com
3 rtb.gamoshi.io player.aniview.com
3 onetag-sys.com player.aniview.com
3 pixel.advertising.com player.aniview.com
3 s.youtube.com blank
3 vast.aniview.com imasdk.googleapis.com
3 cms.quantserve.com googleads.g.doubleclick.net
3 pr-bh.ybp.yahoo.com 3 redirects
3 tr.blismedia.com googleads.g.doubleclick.net
3 gcm.ctnsnet.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 sync.mathtag.com 3 redirects
3 ott.streann.com streann-static.s3.amazonaws.com
3 ping.chartbeat.net www.guatevision.com
3 bcp.crwdcntrl.net 1 redirects spl.zeotap.com
tags.crwdcntrl.net
3 ap.lijit.com 3 redirects
3 spl.zeotap.com sakimg.e-planning.net
spl.zeotap.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 static.addtoany.com www.guatevision.com
static.addtoany.com
2 c1.adform.net 2 redirects
2 sync.aniview.com player.aniview.com
2 msg-0fedcff5b8e00e8c0.insurads.com cdn.insurads.com
2 www.gstatic.com googleads.g.doubleclick.net
2 i.ytimg.com www.youtube.com
www.guatevision.com
2 dkae4asr0dphj.cloudfront.net www.guatevision.com
2 aax-eu.amazon-adsystem.com 1 redirects www.guatevision.com
2 beacon.krxd.net spl.zeotap.com
www.guatevision.com
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 u-ams02.e-planning.net www.guatevision.com
2 api.cxense.com cdn.cxense.com
2 www.googletagmanager.com www.guatevision.com
www.googletagmanager.com
2 connect.facebook.net www.guatevision.com
connect.facebook.net
2 platform.twitter.com www.guatevision.com
platform.twitter.com
1 s.amazon-adsystem.com
1 1f2e7.v.fwmrm.net 1 redirects
1 www.googleadservices.com
1 global.ib-ibi.com bcp.crwdcntrl.net
1 d.turn.com 1 redirects
1 gov.aniview.com player.aniview.com
1 r3---sn-4g5ednld.googlevideo.com www.guatevision.com
1 r3---sn-5hne6nlr.googlevideo.com 1 redirects
1 messaging.insurads.com cdn.insurads.com
1 2a34dcbb2fc79f908d3fb6a953154092.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 syndication.twitter.com platform.twitter.com
1 0fb87077e30a6b9fa4446eae7d81619f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 0bd28a3fb7462fd80e8907ee49860446.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 024851ddcc4d53e3df145ce2b2bee238.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cd00bbc51b90209ba3e508328f3b6574.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 63730eeb8116fe6633fcc0426f941673.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fd1446388e48171d2ca8dabd8dc6d58f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6d45976d15ae950b386981bbf04d250f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 plconnect.prensalibre.com www.guatevision.com
1 pixel.wp.com www.guatevision.com
1 tags.crwdcntrl.net s.e-planning.net
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 image6.pubmatic.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 ced04a3d4345ad4588667ebe0a67d0e0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 s.e-planning.net sakimg.e-planning.net
1 tag.navdmp.com sakimg.e-planning.net
1 guatevision.s3.amazonaws.com www.guatevision.com
1 www.google.de www.guatevision.com
1 widgets.outbrain.com www.guatevision.com
1 ad.doubleclick.net www.guatevision.com
1 stats.g.doubleclick.net www.google-analytics.com
1 certify.alexametrics.com www.guatevision.com
1 sakimg.e-planning.net www.guatevision.com
1 ecdn.analysis.fi www.guatevision.com
1 scomcluster.cxense.com www.guatevision.com
1 static.chartbeat.com www.guatevision.com
1 certify-js.alexametrics.com www.guatevision.com
1 stats.wp.com www.guatevision.com
1 cdn.jsdelivr.net www.guatevision.com
1 graphics.afpforum.com www.guatevision.com
1 cdn.cxense.com www.guatevision.com
1 cdn.gravitec.net www.guatevision.com
853 135
Subject Issuer Validity Valid
guatevision.com
R3		 2021-01-28 -
2021-04-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2020-02-06 -
2021-03-09		 a year crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2020-03-11 -
2021-06-10		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
*.afpforum.com
DigiCert SHA2 Secure Server CA		 2020-04-09 -
2021-07-09		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
certify-js.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
analysis.fi
Amazon		 2021-01-03 -
2022-02-01		 a year crt.sh
sakimg.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2019-06-26 -
2021-06-27		 2 years crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-01-05 -
2021-04-05		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.e-planning.net
R3		 2021-01-15 -
2021-04-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.richaudience.com
RapidSSL RSA CA 2018		 2019-03-07 -
2021-04-05		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2020		 2020-12-15 -
2021-06-16		 6 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.streann.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-16 -
2021-07-15		 a year crt.sh
*.google.be
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
tr.blismedia.com
GTS CA 1D2		 2021-01-03 -
2021-04-03		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-04		 2 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2020-10-04 -
2021-03-31		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
onetag-sys.com
R3		 2021-02-10 -
2021-05-11		 3 months crt.sh
rtb.gamoshi.io
R3		 2020-12-22 -
2021-03-22		 3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
*.ib-ibi.com
DigiCert SHA2 High Assurance Server CA		 2019-01-07 -
2021-03-03		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh

This page contains 121 frames:

Primary Page: https://www.guatevision.com/
Frame ID: BA1A2D9764BF8E2B7456E8DFE65A0C25
Requests: 210 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&cmp=0
Frame ID: 3FF7758FCAD90CDB1B4E24E5331C0734
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Frame ID: B0132350BFD155179AD6BF372F198841
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.guatevision.com
Frame ID: 35FCE612FB4920F70E43234F16F136F3
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOapNPfApGf3ahbadhFNBsT6GGF4MLRebcc3Qo1R592ATO33nxdt1-aQbsG02xh3XDXm_7sHNf2Tsa4PlmMARdOx41LYAIP8eDDgaakK1aSEtxdaFRR8l2XT4idcbw_JQtfFCqBPqZ6h_p--bYrkVKyqb8Eo20Gfm41Ayqv74Jg9rR_7umyNOQsx4Gn_KmyQISPqrVJIJoBpxV3omMSLX26F7aALnDlAyhxrFyc2YloQlCbWnBZi0G12RxMCWePl4flW2IUPWwb1AaQ4mCXJVyRk4L_rXNtlwUgkiuqcpK7A&sai=AMfl-YTvdYCIyEU9-Y9LSoi2D-G0jydc-mokTZBv_Uv9qNSB29-8pFkotl4Bd0AWBqml66OC6MOH01302ohvKXBJbabAlwPus_C6AY71bFeFPvcLPOP34s7JHRMTEMYwUPQ&sig=Cg0ArKJSzMYOUweIfM7zEAE&urlfix=1&adurl=
Frame ID: ADD0F869D77965515D3B1992546CA66C
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugg05uDIM9K_F2YG1aLIPwg7eRsUtOG-1sAudK7cdo__l6vl2HqtR-GNySoNqqeMpxyzm2bhpUu1CyDXggXos81ySxncfo1QjyA1L5oLxGFRAjd5MtWK-kZP0dt6aLrHFKJK3yOLgHiBZFoTtd-7dztbSCgZBnXbGzanAEXkYgfErkSQd2mnyLn8bh_kfmvTOii4_SxS0Oc4wR-iUaMt44d17qQfDZ_kssrccdji9OXH69u9xqLEJVQN0Srxk9BFYUWqx5HZ2PJ-OaEPhNk21Cz3ENtZRvRleaYPL6rE0pKUhfzg&sai=AMfl-YRm1Lhe1nne5bssZmOW1qaGWFfxnPTsaa6g8Hdwl32O_PJ7daIglwyHpADU-S-HRzFYVWgqmK65x_P_LB_vyHHHVDJTN1EqhSh2vfKIgnQpxsTPwNsOANch7E_bLQU&sig=Cg0ArKJSzBaEXsRfCtxBEAE&urlfix=1&adurl=
Frame ID: E6B8F8A4D496867E36F19A1FBE96BB71
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNHII6Z2H6OiznPeQay9fT7TuavKO2TCx0cw3H7LEJdgnNjOJOBihoJBm9i-5W61rQ_VCCbkhNxFDiUpNSi660TOiIkE9N4qPFVdM90gyPtYnmHvNwUjr9QLou2_XQQRwpvXGpneed-zqNAtWfRya6U_AqoMVj9yko3rMOeXtU8jpfMg-RoYnR-0ibC0-fyGn8QHTgZ-osLh4vkfrCDdYWp0IUYXRJQV3iXFgYRYaB2bizuDhAWNU88zPd4NBL3ly9Z2wFNxk5ae1yJh6JyTnN71ODyxOizpENnESthie53ls-K64qg-WFHA&sai=AMfl-YRyBAh3-wBz37NZxdo5ii9DRtVHAyLWHN_Kr4fXoUhja4tDSDMujxQ1g9esM5CLG_zWFGiVUoHc7OytOUF7bmn-2y7e5lMbddAfWCR3nuhnbWeHM9nndCbu1F0nz4Y&sig=Cg0ArKJSzCLyc6ZrtTj6EAE&urlfix=1&adurl=
Frame ID: FD0EE74F23FE6E2602C85F8F7224F133
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdU3y48Ne6xo1sClFB-TcROs99uhnPNI5G7OWObErOEQGlckkQqfHUyfyQQJ5dMsUxifWh-gFPhppm49prNHVDyaG8H9s1WCGLCVKE7-CU2n5amGX32Q9cvgx18QygFvnbfnaq8b6nYwQuPZwwq21pNKfxq5rkoYE9I0k2Hp3kKGXAMvACZghxNEDfC7oGyqt26udmMIKn8xgnYKgePipPOrhKhuIvOngwHFyc_DQejVU41amvhdDHzLZG5iA2Roe_fxL7VWtGLkKHUf2GIr55z-iZZDdHu5p6QC1fuHkYQLg83g&sai=AMfl-YRM2wPbupNE_xA1WwJx2f0PB5gSJxjXZHiRuTzwuHlF0QaWSHkRH63A8efvsFegDPMZgTod2vsJRpt3rudPNRBDPW9hyRxQuE7XOAER9UcC82DKcXigkDfWj2ItbUos&sig=Cg0ArKJSzIwReWRdLQtBEAE&urlfix=1&adurl=
Frame ID: A964F1A9155506AC690EAB00E036CB1B
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4Xgz1q5_9-TZ5FlNBE4dfrbv5OtT-vjtUUqTcu7EKAwbrfQzOGubd8a956vyrUrbE0NeTEvumDMV6QW5gOj5FZxEPhEx75885YRnSYSh-rK1dZLSeYm3wjXKk4tO1J6qJJMPmA6nDTcbVAx5H0ylBU-pxZMG9WrAI-Kf9ZqeSWG2W5_W4nc0OH2l7SW56yHpUiguYYUyTQ0vfu28pkhgd7MK1ab6zqSC5mI3Pt6IGYp_alM_abvA04TfN5g_kfzDfHQ8gHeLtPc9S2tAWdSK3g6MI16r6o0BYUYNsFa6ET8GlFw&sai=AMfl-YSQ-ZeNXmtZYefcwu7lReYtk9xYgeX7Vn2mufSoD215HVEK17TR1S0N58BEf1zr_-GEyUDzJKChdp6WiMuQxtYjDAZLftytHXOlQ3Zhwi4h8__g8Yk1LJbkIvoE-64&sig=Cg0ArKJSzL-JYIHbetyZEAE&urlfix=1&adurl=
Frame ID: 4E23A434C10E51556E6BA93036BF89A0
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoPZTiC1oRiGfpK10nAclmBLZ_b5F8QD2aZ_c7J_BLPmIatubyl4zpmArZ-ejHPsUB3UoiepMGXespGmV_BNHYJ7r-eL7Q0vBoKy0k8-GobVtWydD5hXnVV7abPH5iAhJN3ZBW9J-LFw7TvKzhZBAocnkvyF51838rSavZ5Zgo4LCFD7giMPjCfXtbuwWN18P3KeMTBXfevyaRYB6ar55CWD6LOuT2VN75vRvl7pCPDjhrE8K_IWT9nRtkRhL1i90x2pM-THZkoIaeBsaQHwbI5GTz3p-VP2JZnQcugzKa9vKYjHU&sai=AMfl-YTZ1oU3Gwv3rIb3o7KovuvXb8rlda6kNLa4jykO6mmGoClzviujHBBjp59EIaCHJh0ododN7KPMShXFOFP2JjYkcuWePwufw7DzfVAFFMAW0REbpZujgmx9Jq1lJiU&sig=Cg0ArKJSzLOL-qunV534EAE&urlfix=1&adurl=
Frame ID: BC3C97DC096993240FAA0F37953F3BD8
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3n5qZ56rC7L6HvyXP7vbPg2Q3umoJ5CPiMBgAsycMCKdB-dGwNT6LP2R2g0LdQ5gD4cPFInbDYwkCF8AR7cCGprh_BjxptNdJoAohpV4kgEI41S4IYTsPGMGIOZ6KFZTmddYZpv7gVn7eF-qi3Kt2gR6XjreMgCSpuiGqi_tkONiqIYnbj888WDBKQUOUBFuQqBYdyls5SWbL1T1Dq_2csdJml-4rj9qbxG_ml_GhDWLywQpognuFPDUiD3-OdpDzWgeVaDyEzAV3UHc_cY1GXYjC4tzGj1azLiTDCICd9s7qMg&sai=AMfl-YS-AejL-R2UKbnsgyaKgEUp0i4ClOvfNKBq3udaSbCL0m1u7OSjZXmP8vMesW10fEvUoVqWJ2b1Ra9wguEmZurN8RCE0PZ_FwIM6UzUaRwSFfND-au6Jn63lmCajvs&sig=Cg0ArKJSzFzFoIjibP0bEAE&urlfix=1&adurl=
Frame ID: D1DCCAA37FB0596C8E40F69320045808
Requests: 15 HTTP requests in this frame

Frame: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/style.css
Frame ID: D14E032AFE253FA3E03D0D6B6F5770A1
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoBCploYh9e-fjIrzY8fRqmV00_QjBQamQc2yAdZCVpf5h-Fq2l_wMUsnB9W-FgsH9_tuhOsszmOejOTdyVNRlq5OrMHjGKu6J27yDpp9muMh6qEx2kJd5MQQdFLDnmpgsTb0EPmPRBi8VKxW6-PMiwecWYdsynRcWJTQaaJ2DqaLCk5d-4wFOFIhVrM57jyjvZoR8EtjhFvw7fQlil9rAS3pDglgR3Xqx2_YN2hzd-cpmMGcILZIvi2zkWiyUmRqqcskd5WPNpVr6uvuXFXsWekU_TUNc00veavAKDXn1GpLDEkM&sai=AMfl-YTO9FJtdv2qjOZQiTwRXjlAKK6n3_J2MKpb2PrwWrMlWVMjy9-pnbN9CwgWGu9imwDs3KCR0pD8OhiyzYtgMB3TL8cUuHS-ns9YbEFWRpofw_SZGOjqcP7AIFA-0f1i&sig=Cg0ArKJSzNdUPfXw-x53EAE&urlfix=1&adurl=
Frame ID: 84A73A46C0350E1100072651C5A2FD84
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxF6oUhlcX1LHkJYdrno-YwKYav-467j_SvGleRMg9aHmcDsiH0c7ZZcCNdX5GzDfDS4A6gKCt8ZOIS-24P_QeYxK-odO12rO6tIovfwFsRkIa0q5EiXR6eI65fiHrWSx5vxpsTPt9ISsYEbropYW2H28vUcoq9oOk2qlhZ-xUOiZAly1XamLzjcm8gOQQWpfSasu0mlvWWOOi5Gn_P6r7JIm7mb6KpQv-hNYoW2j2C9YQVLMuYNksJqUDSNJTKplw9rq2Nq5fuZ_8jk4HXU8yVGRszMfNs00uPaiJSD5qGsGFQqg&sai=AMfl-YTnfiqeLLL6NVf5Jpyfxf7QclmoGvxN5QSQAkcDwidPVUSpsbjWcCFgT7P1iYhBMlTr4oybgiJTJfpXItBYoJjdBhs1yBJ38HkPh8hejhirXH4BL3RvuluhsPnv3Qzc&sig=Cg0ArKJSzEeNnStM5woCEAE&urlfix=1&adurl=
Frame ID: 95F67C03D25C74B57B7BF78AD9F56774
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPlNDSg1Hvc0oMYadSXQV1-_f1NnBD5BTrm5n5BzPma3bfBYL4q-s8NM_rXN-u2Onnp2mP2T0KKBOdRhKV0aRM0xP_OE01K2KhTFvJEeki9rt89cgRND7BT9YGCRFBDwsJRFXLr69Tqdk_4OcW1bY-2vMM3SOXqbjLWxm9cY8F7qCkgW8d0vB0EqKJ99djdQHJ1F5DRJ0CwtRlFx8kYQk9AcPMtl7tmrZe0aPxzqutrAxeB4X6IiG1ehwpsQibhmH0YeVln3KRUF2C_hUj4yik1KffiE39vr3ZY88uQSIvjQ&sig=Cg0ArKJSzHm7zwlRPLpgEAE&urlfix=1&adurl=
Frame ID: 73F567AD00C64186CFFDAD91164D30ED
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042011202030000/amp4ads-v0.mjs
Frame ID: 377AA19DEACD5C5C1728A1E67F3024F3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: C89DDBADA433EE646E5DDDAA2F4FA77C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Frame ID: 66E7A74151D13DA39CCD3244C153FFB2
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDNhuwGPT19DMK0NaR1FqC-rmKR_K0A2WBb4KxRnnlELc5IzAcai0nrcCIdBTixBtWNKCw46oQJmhVy2bs1-aTiKrq0ClmKECxUJLCVf0Hqel0jXswOemJgrQnXgFCn3GNsPIhhcmlIjSoq8sTUp1D7s0sOVRIQUvwUZwMJIxd34k9dmlZ8DTCNksqKQD4eO6hwc89EWx3qj8Jn1dmsQfpsZeAKzU825x0UU1HUgAuyu2irfav2ZeWhqKxtX19cIuFBfqC2kx5Yq6AvvfrCwqYxn5gB_OyvEZ0Mvy3Q1PMcOo9Yw&sig=Cg0ArKJSzG0olRc4io6-EAE&urlfix=1&adurl=
Frame ID: F034744E7F8368FCC041365A6A66DEA9
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup0ZV-PQPW1RX5gRKeQURsHbMQVtj6G0F1UXSgT0Bv3cwxC9--GEqQNSDzQBjknCndi9gkvQcl3eL5h4vUsnG39wkqk7tqzNkQ6BIT3BXOvB_ilY3u7UEKuZ9N1LGISEG6aRGjGbkVKP9QLpUtpKNzgYwaw4ehATpxweYDUo1qOmo8Ryb864ri6_dcjwNBObJKP8WM9RZB0rE-2uXFelxAwZDO2IKSyQW1hZibtdzpANReF17BGUcPBCeAp3uRq4Inl2lna1VMI0eUz4qtmbKdryVufIhoIywj0V5M8tipEanWl_7gh2-oW0VzHDfBwXaFg-guDC8K_fSgXkKB3_D3cdoTT2Cf75TZYHySZAL-6rNU5VrY7_QX13XKXGOM0m9AROneBrchrrjnNGk&sig=Cg0ArKJSzKdEsPrjXnVLEAE&urlfix=1&adurl=
Frame ID: 0E29A5827D572D2F26FA73247AE15E63
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuidSMclx4tWh24jmpelkT79wV1ErSpi5rfTc14qV8fDcaDXNHBXeCs83qvxR9CDVLVptEUchFWTVIyP50R_n7htxGiKJ3yFXpMZ3RpB0df6fZTFFF-fHCrlEqyEaKYHFq3MoVk-lD53gHfuN2jDr2s5wBHTYFt72HpeW_voYOyhF3MCe4dlRa3whVYkF40cqfEVnTG2esmDlgUPvl6DQO_VMg3ybMeinZpLiRIMP4ubeBMyaH-R1NkXeo6vMdxFlJwLV37AUBbZLvAZBea5LUNVgF7tTaJbUgfbXW1x2_IVd8qg30CA0ZigzGRLhN_-0pyeE4rIJ9hvNsL9vZo-GTxf0zYFKm3njBLmxuCvGnUXvvPPR-sVvxORFUjDPpvEcd-10uMAPX0qYo&sig=Cg0ArKJSzErqNX0XatXFEAE&urlfix=1&adurl=
Frame ID: C3949700B9609607CFF8E2F7B89B2767
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYuj-BUcM3L1qHK1rdPUv5obwRavCfIqIjScVmQ_mUMjg5mvTfZO5ZnHuPrRmQb5QmL0b87vOBnhReCHRFY-4p6rz8pb0cSdSWLt_zeHtx2N6C50pe0Gwd2WT-AVpYjTW3DaWwFe2Z6J3XvY8qfkah4E7wHYW6GLsTSEeubZomYlqrSD6EoPmoN_jgMPLBq8ZZnq2BrK_FZqPfhPuOu7_ebKSgSMXi8OIqhinkaiMEgWFKYbDLXP_gqGg8hNNk2KoioRcFvAr2uyjfNEwCR-Ync-JSeUDato7Z2uAk1NCGd9V5qw2Jbp6_qaHk6IIQZqyrqCwlI9LphYBh9Hqe6yAGomtF_sQzh9NDZv_18KmtGTF_zXsF3rcbKwCsInb6lQpqBp00nNQo4puUvyA&sig=Cg0ArKJSzJgKQBA4-1I1EAE&urlfix=1&adurl=
Frame ID: 30F7CA7F88390110587F5E5D22B90569
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzdrB3TxGsd5jfQMH9xsxil1flgbp35BHa0X3iGl-TBd9MWdRIpE3SBOCn3_zcbesVF0PZmq6W_pubztQanapbQVCUeknARWKh30yCtpt7lP7QgpGAu4qthT3O3hlpjSdUTRIOdGIrOTHuEPjbrXwBHph-uc0gpvy8dacd9bUHxhu3iRccyEkXkYlH2MYGCH04Zbfy-OhgEldpipZO5BUJpmHV8C7rUOhyM7LIrwEDxc_8JAthNxjTy2zIOnZqLTgzlb56PL8elKeqtoHAjZIfjyNZV-ROSLfVlK5uL3VT67fTtvAMWDHmU7Ypd-w&sig=Cg0ArKJSzFknCECxxVfdEAE&urlfix=1&adurl=
Frame ID: 74F10ECBD0A622838479F1F72F8C456D
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso3Qk1uLCKSg0_jglmRcZ0CXITS2C1kgND8UBfVLwOh7sYTF6xtPj1nWrWURtqFCzLPNjOINh9zJtZSo-cLmqn28FxBi3kFgKdv4a5QyPjTQGNBVF8Qt9eVjT8-T4TPb_aSEUwG9j2qnfz8uIbBIXAlK6o9NPKwKZdbDOpY8Q3HwKkrFuI4BPIvqP31CWjgwfMkiUiQXSywg9xBTtaumJf1NsqqQiIu0CheYKpX6Ma6Husbrj1n27VD_qweIaoPce-djDwa2iqIEC1STlkT5K_4n_125IScAU0bPBp8uMMPqy-gGYSzqxsQfckkg2H85YvAROpTLd7EvEkFDUkzTbXR42TxxXQoDwuPG06r95jsDsTIBMo59F0HpPxiDBd0pJTAoYAkILCSGsS3k4&sig=Cg0ArKJSzPYlPbUOjG7hEAE&urlfix=1&adurl=
Frame ID: 5C763778183D463000589E53D689FADF
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunemMaYTg98sEwEwoagg49sTpBaby8DIEQ6H1Z3Obuk2R1-pWc9e_hZ9vG50b9o_a2K3Tp6qoKcIKly-8Or_IKtz6DA3-zdKPHdm3Q80yXFop6B0rt1sNDGNQyRUGYqq8CeDLc-j1vxMaLDLtpY2m7xDPovPZXLbncjm8cBQTfqDU3zortDuRo5sJuKKOiu87LgKLEos0fvGTKdn8L1exAX2LygUFUq0AVZg_hsLQOShRZenNoUxwwjWBrXRyE-avYY9p3kXxRCXrjz-WYEZzH7rRq3HK6MBOO-g7b3WRILnKi5-IlQdGxPCkTCGDRtE7Koa4yQxzJCN8VRewwSOutW1oEkd4ChSDjOUFKlLl6TAzR6uN_SKR2S5R7ePmbstU92zjGmMk832k&sig=Cg0ArKJSzDdM0KajMycCEAE&urlfix=1&adurl=
Frame ID: 16F7255910FB7E54FBDC14325A2F4C39
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcbOqp5B-878NCYPjqf4Ba5GN2PvG5cAYqUHd9aAXrvy2JWmXEbAr1IL0b6lwjKRN2jG-4CWuvtApfcdOSlPzzwFrj3FmgnKsHpHIKdFZa1Tbbt1mxk1IEByFfjsTB7mhrdeza-tAIJLkdl5PJAqvpAyEyARap7EutAk_tR81jm60QdX0kC_u0WbQpnF1wXF5nv8-_fpdLpCB47vA5dNEKXi89WwvZM5nZq-6doN176ciMA9AiQmkHvad4EffvUSl4qljFBFaM9kdshpxsUOmQuKkzEXVrwwx-3AbXtJxwCH1cM9JfAdS2_FnhWeUzZ6JT3bmZQW1AdSKPXDtPatMhVUkcbQfdbumKcwviIY2tax8V1MacaD2O2HbhGxxDX6aROdME7EGNLZE&sig=Cg0ArKJSzMBONHhiSV96EAE&urlfix=1&adurl=
Frame ID: E8ABD3C680E6FF63DAD77E2ADF64BBD7
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: F2683422B4B5BD0249FA35C201BD6F58
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 33706AE69472FD88258398C46B34F8D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Frame ID: D43047F711A7A6D00BE4C25C85067AAF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Frame ID: 713C9626D6FD93E40D6570603F568E06
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Frame ID: 68729CF65326D0FD573915FD0F10C7C4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Frame ID: E6E7126DFCF64833F84190CB123E6297
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Frame ID: E646C6E94C720779EDBD4A648BEB67A2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Frame ID: 0FBE81E05F68E693E9D0CA4DC1E034DE
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Frame ID: A7A47F826E0F3B7FFADC07895BD7AF78
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Frame ID: 60315E9D5045691E790FF20E8CB6257D
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAnikG3G6LVg1sdBF_jmNzlKoq1u3PV1rT4eH9V2erEMb0fF-sHHO4iAGWmPrk4uyRzs3zFfHGyafIYQChULsezmGeX7oGP7r6TyqX-LY3ql9EROzV4omMKI-D1uR2HE112yCZwWwLevwFe3dXepiRp9pw7ESRAf6ZMJeQa7wrghSTEBTMQ6M3Ix4CsmfIXmlDLfFAnDf79saGBc8i54VX_e3H4VSbJb_KuX3ebf264Vl1iotyLFW_d5h891P3mbPGE52ki7oIyRg5H6RSw2v0hcuX5Kt3258WrsQAdbEH2tfne38vE7K0uONg-Li2K5xOxDyO_UcaNOyF8nVAfDtvvGMgQ5zDLrA9-LNab6whwyPoNoyXskRqNryEVBL-fjJQgd99wHLhx86fI4U&sig=Cg0ArKJSzCSFmRbDY02FEAE&urlfix=1&adurl=
Frame ID: F9EFC7CFB4DFDE9B1456505CED9CE4B3
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Frame ID: 6AF8D32AD8C4A20B4117E70DFA53D2C2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2ECF077FFDE786240A4D79577BD8711E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Frame ID: EE5AE09BE51CEE80E0421EF32AF59A16
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C83C779D95FD2FF3AB04FB9EF31FC1AC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/index.html
Frame ID: 473859FB04713FF370E53348173AAEE9
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Frame ID: AFEF586BC4D88471E6C1DA5162C706D5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 123C5EBA7CE500E62419EC54E57FECC4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: F147894205965227A5EAA314AAF5D88D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 2A3F97299B22146B426A7D5BE49BE1DE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4E5883B219184CE5E3F05524664E17D6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7120DC53B740424ADBF93BF4CEE320DA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 762A1178BC9FBA7C8206EB0B64F97DDE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FED5213AD7B1F982D58526579293026
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C8FB93E8DED843CFEDD05BED9DAFD0AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0D2DB9709D0AC8A1DCCCA7CF0CBAC6AE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D656C810761854BC72503F6AEF06DB3C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6BA487DEFEB9E8F2D83EA36CB4A79AE5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Frame ID: 69E8550AD7429EB5379D59A4FE59BC01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: AE31BF800F4F3995C50F8ABFDEB635B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Frame ID: 7B6B0208D470A1CC8A686C3126CBBE02
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Frame ID: 530A23EBAF61C0216669369CE2A8236C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Frame ID: 19E2ACA4F58BDE98967305D4810D6011
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 865BEE1B28B3BC719460C44F3285D916
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4E1CDBE8951FC2AADBF1E06BFBF5E2B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3DED8A58EFF2162662DE7C545733C67E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: D575F42E7E983255B6CB7756AC590E2C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: D62D2BEF9556CA78B8943881018151BD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4AF972720354B494776CB6DE2E489658
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 5B02C22CF576670BDB904F4464E4202C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: E7305CFBC4CB12552D583899766EFA29
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: CCB4AF22B5A15F4ECA5FACDFB925990C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: F990E52F1B87087D7A6FD9930FF4AF0D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 659E7DB1C98D8D1AC5683D06E77AA2E9
Requests: 2 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=615173&sz=%5B%5D&dm=1&is=0&sid=56C199291977D2E7&s=1216&appId=966&ct=%7B%7D&h=https%3A%2F%2Fwww.guatevision.com%2F&ts=1614673108588
Frame ID: EA332610D84FC99709ED7707E9D05D90
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=596103&sz=%5B%5D&dm=1&is=0&sid=56C199291977D2E7&s=1216&appId=966&ct=%7B%7D&h=https%3A%2F%2Fwww.guatevision.com%2F&ts=1614673108591
Frame ID: 1C7F975D5FDA52961ABDE7F10052D9C8
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=966&requests=[{%22eaup%22:%22/55904062/gtv_ft%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:728,%22h%22:90,%22eId%22:%22gtv_ft_0%22},{%22eaup%22:%22/55904062/gtv_bx_05%22,%22eolid%22:5077058055,%22advid%22:84515982,%22w%22:300,%22h%22:250,%22eId%22:%22gtv_bx_05_0%22},{%22eaup%22:%22/55904062/gtv_bx_04%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:300,%22h%22:250,%22eId%22:%22gtv_bx_04_0%22},{%22eaup%22:%22/55904062/gtv_bx_clima%22,%22w%22:300,%22h%22:250,%22isda%22:true,%22eId%22:%22gtv_bx_clima_0%22},{%22eaup%22:%22/55904062/gtv_bll_03%22,%22eolid%22:5077058055,%22advid%22:84515982,%22w%22:970,%22h%22:90,%22eId%22:%22gtv_bll_03_0%22},{%22eaup%22:%22/55904062/gtv_bx_03%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:160,%22h%22:600,%22eId%22:%22gtv_bx_03_0%22},{%22eaup%22:%22/55904062/gtv_bll_02%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:728,%22h%22:90,%22eId%22:%22gtv_bll_02_0%22},{%22eaup%22:%22/55904062/gtv_bx_02%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:300,%22h%22:250,%22eId%22:%22gtv_bx_02_0%22},{%22eaup%22:%22/55904062/gtv_bll_01%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:728,%22h%22:90,%22eId%22:%22gtv_bll_01_0%22},{%22eaup%22:%22/55904062/gtv_ntv_01%22,%22eolid%22:5077058055,%22advid%22:84515982,%22w%22:250,%22h%22:250,%22eId%22:%22gtv_ntv_01_0%22},{%22eaup%22:%22/55904062/gtv_bx_01%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:300,%22h%22:250,%22eId%22:%22gtv_bx_01_0%22},{%22eaup%22:%22/55904062/gtv_hd%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:728,%22h%22:90,%22eId%22:%22gtv_hd_0%22}]&h=https%3A%2F%2Fwww.guatevision.com%2F
Frame ID: 0A40094393B5FC8C16DE13598A2DBC9E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 9A74B579C751E2D441A6DFCF8515C731
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44729227&el=adunit&cpn=9DyK_gBZN-WvkJwH&docid=J6SYsbETPjA&ver=2&cmt=0.469&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.guatevision.com%2F&len=17.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=83.0.4103.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=15&rtn=10
Frame ID: FB7A9BD0D5BC9FE50A783E9CBB8C8F59
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 299692F7996C5D4705A093F183CF34FF
Requests: 3 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 317B6C2472CB8875123CF607C6072075
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: 58DA7144915166A82A8004C915C6BA5B
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: 5669FE335860158C820F8DD39C1B9B9A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=3e16684e-7be4-4df3-8475-d209a6de40f1
Frame ID: 98EE3A9F1DB3B2F1B0CFAD04C41D73B0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 27042BC4B8D2EB65F1F4D7A06E7880A3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Frame ID: 9332CFCF3F6E92D64F13226924080F53
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: DDD7AB08C1AF5002F05782A24BAE9DCB
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: E43A94CBD3D338760F12492FB197CF85
Requests: 3 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Frame ID: 8FB9FFDD47BA2853712F8F8BA55E2CB4
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Frame ID: 56A1712AF6FAC782D487E4425F85E822
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: FCFFEC9B10C31FC7156D6F04BAEB834D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Frame ID: EAF6E8D0DA7604B2EDC21C59903FACBF
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CB1F84F10257DEBA2BAA8E3D8F5057F3
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.109&rtn=17.020&ns=yt&fexp=44729227&el=adunit&cpn=9DyK_gBZN-WvkJwH&docid=J6SYsbETPjA&ver=2&cmt=10.109&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.guatevision.com%2F&len=17.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=83.0.4103.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 70763149FAD5516CD99E3600503E8DD9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: E127828D15FAB542148568E2EF2DC661
Requests: 3 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: A4CCD8569294B956295B3B7DEAA3AE18
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: 38D208BE712197AD026A6DFD800E87BF
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: EC524CEAD26FD1C3662AD0CF81164583
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=fc85cfb0-88d2-4072-a17d-11482c401ae9
Frame ID: 88A5491660389D80ED8EEDDDEC2DAD63
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 2853F2A8182717492B439A4C1DC6D56E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Frame ID: 88EF1B9B8E9389517DC13810BD430ABA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 84EA822A94527C8DCB8F1FE7ED74E90D
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: D57398EDCC200A327F1234737468D2AA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 11ADD32191E16B91A03DECE6333EC80C
Requests: 9 HTTP requests in this frame

Frame: https://cdn.insurads.com/sp/sp.htm
Frame ID: AD506E19E174FA5EA260C75F9583C420
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: CE0657C1A4C8C7F2B0651C67F1B8D0D7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 7E75F888B56280879348E561344AF3DF
Requests: 2 HTTP requests in this frame

Frame: https://cdn.insurads.com/sp/sp.htm
Frame ID: 3A9AAF0AA08D5BBA6280EA3CAD7FADCE
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/delayplay?ns=yt&fexp=44729227&el=adunit&cpn=9DyK_gBZN-WvkJwH&docid=J6SYsbETPjA&ver=2&cmt=15.015&fmt=18&rt=14.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.guatevision.com%2F&len=17.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=83.0.4103.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=15
Frame ID: 0AB69DE9BE20BA2F06E8DA32BFA4BAB9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3A19096A2B10FE4DBE7AD6394751B6B2
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 25885D7B947F13F4AB7D7AF924C8E7F4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.insurads.com/sp/sp.htm
Frame ID: C9C9D9251DBF2AC58C39359D76249B60
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=20&st=10.109&et=17.020&final=1&ns=yt&fexp=44729227&el=adunit&cpn=9DyK_gBZN-WvkJwH&docid=J6SYsbETPjA&ver=2&cmt=17.020&fmt=18&rt=16.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.guatevision.com%2F&len=17.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=83.0.4103.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 0DB4E588B7420DDD404A1DEB5A889BCA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Frame ID: 5452ECA846EC0C97173BCAFED01D59BB
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Frame ID: 8DEEC532F8B1721E1A3884A2B945DDC0
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 99275EC13337B7FE39E9E979C7BC1510
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: C0F53C18B66B048265BC45B0C1ED731E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: B5D32E5A5A9ADC98651368B2167500A5
Requests: 3 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 9B45D28923AC617C6F5887BF54A5952F
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: 22FA57100FFD2F43A0BD7A6329CD4C28
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: E4CED631316EB3FE4077BF311CC5E064
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=563745f0-b27c-4029-99b5-428a8985adaa
Frame ID: 6D9652277BA8B812DD170F911014D4F5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 4D97A5A454E076058567BC42CE906226
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Frame ID: 63AF7F19108EC269C7E1A2CAECE875D9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 65982055E7E78CA1271FD9D52F6C468C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

853
Requests

98 %
HTTPS

38 %
IPv6

83
Domains

135
Subdomains

105
IPs

9
Countries

12559 kB
Transfer

30683 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvhd:1200x100!/gtv_hd&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
  • https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?ct=1&rnd=0.5563402910909814&e=gtvhd:1200x100!/gtv_hd&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Request Chain 70
  • https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbx01:300x250!/gtv_bx_01&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1--- HTTP 302
  • https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?ct=1&rnd=0.5563402910909814&e=gtvbx01:300x250!/gtv_bx_01&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Request Chain 98
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D9c6cd322591fb324%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D9c6cd322591fb324%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=9c6cd322591fb324&uid=63128f3469742c5823189599
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJvoRYaEJSnvlHUy2QOQjSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Request Chain 124
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d9aec103-7b2f-11eb-8b15-9e9b130d4f06&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Request Chain 126
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=76b15ee5-943e-408a-8f81-89b7b839e9d0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Request Chain 130
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=64acafb2-1f45-4ef5-a5ff-1c4a89586107&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 131
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a318edb6-8a66-4556-5829-ff87d436a019&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a318edb6-8a66-4556-5829-ff87d436a019&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=61003932093691530740288779498347120457&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Request Chain 133
  • https://bn01.er.bemail.it/zeotap.php?_bid=a318edb6-8a66-4556-5829-ff87d436a019&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021030209-44702-0.761153001614673099-2a7553314e42bf7dd09bb5ed0cb1a334&zdid=533&env=mWeb
Request Chain 134
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6934968162530883729&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Request Chain 136
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a318edb6-8a66-4556-5829-ff87d436a019&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a318edb6-8a66-4556-5829-ff87d436a019&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361&bounce=1&random=1598146152 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=IxB0ESY9OEUFLhXw9kldye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Request Chain 139
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-hx7acgF1lw3xuHNZWYON30uk.3lT25dYEg--&zpartnerid=570&env=mWeb
Request Chain 140
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=6KJGD1LZ1Xve6mVvsimyZF8RSoITblbu%2BS41iYitP1U%3D
Request Chain 144
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361&_test=YD30zQAAAFJe-lLS HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YD30zQAAAFJe-lLS&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&_test=YD30zQAAAFJe-lLS
Request Chain 145
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=fa73603d-f4cd-4d00-b1ae-e38281cf4c03&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Request Chain 146
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Request Chain 147
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a318edb6-8a66-4556-5829-ff87d436a019&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a318edb6-8a66-4556-5829-ff87d436a019&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&dcc=t
Request Chain 148
  • https://tags.bluekai.com/site/87734?id=a318edb6-8a66-4556-5829-ff87d436a019&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 162
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D91012a1ee19abdce%26uid%3D%24UID HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=91012a1ee19abdce&uid=63128f3469742c5823189599
Request Chain 384
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 534
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 537
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 558
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA1u1AM9w57R1Gd1Nl54y8E&google_cver=1&google_push=AQvitUK0V5SiQqLyMgsl4RhTu5OFMKGOBWoyUKqFEacYfLftt8aA7aN7rIKTEOgmHFq5Y1f5d3bhk5Ayt8FTmI92TZC_quTwaLc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUK0V5SiQqLyMgsl4RhTu5OFMKGOBWoyUKqFEacYfLftt8aA7aN7rIKTEOgmHFq5Y1f5d3bhk5Ayt8FTmI92TZC_quTwaLc
Request Chain 560
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEE8xT6_0VrXcsRzwWRGbu0k&google_cver=1&google_push=AQvitULnijE3bd9RKXzNRRyyfuin-JV6F0yLaBB4ZUGXeIcpXm04pNOAZAAen7BJAFuSnK0SgHYMRrxGitbqyeMekZBVXL3C6qI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitULnijE3bd9RKXzNRRyyfuin-JV6F0yLaBB4ZUGXeIcpXm04pNOAZAAen7BJAFuSnK0SgHYMRrxGitbqyeMekZBVXL3C6qI&google_sc&google_hm=EBAQEA
Request Chain 561
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECwTvWRLU83t6QCU4CFyT78&google_cver=1&google_push=AQvitUIPld2yxja_l2Sx3QfabFtvD0MwNKcIHbU1bPmLsUFEQggmdzaYB9aXT_D_I8s-xyklRzmQnyH82wR-0HV0SgPD1hLlyZ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIPld2yxja_l2Sx3QfabFtvD0MwNKcIHbU1bPmLsUFEQggmdzaYB9aXT_D_I8s-xyklRzmQnyH82wR-0HV0SgPD1hLlyZ4&google_hm=qxTQ9wxyTlSU4DbpXkjm5og
Request Chain 563
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitUIQ3QflQpsukx2fxPDEqfDo2z77W1rhF149nvLNeNwQKyGGSGbk9Jgy3VZ4ESO9CeLBvbOLiMc1hJkzQtdI7yrb8RBimFQ HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitUIQ3QflQpsukx2fxPDEqfDo2z77W1rhF149nvLNeNwQKyGGSGbk9Jgy3VZ4ESO9CeLBvbOLiMc1hJkzQtdI7yrb8RBimFQ&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitUIQ3QflQpsukx2fxPDEqfDo2z77W1rhF149nvLNeNwQKyGGSGbk9Jgy3VZ4ESO9CeLBvbOLiMc1hJkzQtdI7yrb8RBimFQ
Request Chain 564
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG3_rZxAs-pTJOXtZloI7sE&google_cver=1&google_push=AQvitUL2kk7hXFbMVfft9Z3JelRUW9phQeNCYv0yYJNCdeU110nkPwla5ocN9S7qkohVpSCVGPDNTxBqBJe87MiqsZmVXpwbCkY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUL2kk7hXFbMVfft9Z3JelRUW9phQeNCYv0yYJNCdeU110nkPwla5ocN9S7qkohVpSCVGPDNTxBqBJe87MiqsZmVXpwbCkY&google_hm=OTA1ODE2NDMzNzc3MzgzNzkzNg%3D%3D
Request Chain 569
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA1u1AM9w57R1Gd1Nl54y8E&google_cver=1&google_push=AQvitUIZcVmV1AUNtwqb0SYjJKUoZ20Au_2UgZArPigfoXxqYdLdMx8H7WCazSPcLlnSbcOC8hEopbByJ_REJ--cf-HeVofZPQkJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIZcVmV1AUNtwqb0SYjJKUoZ20Au_2UgZArPigfoXxqYdLdMx8H7WCazSPcLlnSbcOC8hEopbByJ_REJ--cf-HeVofZPQkJ
Request Chain 570
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEE8xT6_0VrXcsRzwWRGbu0k&google_cver=1&google_push=AQvitUL8XtnByttNca3ZrdUnTRwOem9kJ62Fw4DEUna3TdNSiGYXJaFndsrArcwoccx5L7BtladgeE1cuYppBlm8lwsHEJejvWt1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUL8XtnByttNca3ZrdUnTRwOem9kJ62Fw4DEUna3TdNSiGYXJaFndsrArcwoccx5L7BtladgeE1cuYppBlm8lwsHEJejvWt1&google_sc&google_hm=EBAQEA
Request Chain 571
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECwTvWRLU83t6QCU4CFyT78&google_cver=1&google_push=AQvitULBgzWn6A9sURZDBHsFKF5_DTqIcO9aoFyl_r-zOi7PBIXoF-_B-ovhaCOsvKr4IYSEXQ4SFyBNHRqHWzSWoFT12TeqEUEf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULBgzWn6A9sURZDBHsFKF5_DTqIcO9aoFyl_r-zOi7PBIXoF-_B-ovhaCOsvKr4IYSEXQ4SFyBNHRqHWzSWoFT12TeqEUEf&google_hm=LRUNn84fRp2TpyvL4slnzIg
Request Chain 573
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitULLaNyPhA8p4ZpGuMgwQFWN0JAa5s8MvN4F5MAx1DsVeD32YbtwbEp3YoibUUbrd0gVNixlZ3_BOr2sgwW2k4bzFD7DREnB HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitULLaNyPhA8p4ZpGuMgwQFWN0JAa5s8MvN4F5MAx1DsVeD32YbtwbEp3YoibUUbrd0gVNixlZ3_BOr2sgwW2k4bzFD7DREnB&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitULLaNyPhA8p4ZpGuMgwQFWN0JAa5s8MvN4F5MAx1DsVeD32YbtwbEp3YoibUUbrd0gVNixlZ3_BOr2sgwW2k4bzFD7DREnB
Request Chain 574
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG3_rZxAs-pTJOXtZloI7sE&google_cver=1&google_push=AQvitUIO03zY5Yo8Hk5aiKHpGooAz2ebDVb3Z2lDGah4bi2JUks-PmN8x_CzHHeWaU-So6DSpWyDcubLkCefQP4HLSwib4JXDfo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIO03zY5Yo8Hk5aiKHpGooAz2ebDVb3Z2lDGah4bi2JUks-PmN8x_CzHHeWaU-So6DSpWyDcubLkCefQP4HLSwib4JXDfo&google_hm=MjcyODY2NDk0MjczODg0MDU0
Request Chain 578
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 585
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 605
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA1u1AM9w57R1Gd1Nl54y8E&google_cver=1&google_push=AQvitULqbAeMDT-uP0WI_pjW4kiCaGWIeKu_28rGS5dRYUtwA68_OP6c5MykLSdbk9f8QotYhJO6XBm9wNvyddduM6ok2WhpQ_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=-BdgPfTSRAC2hp7gISf8kw&google_push=AQvitULqbAeMDT-uP0WI_pjW4kiCaGWIeKu_28rGS5dRYUtwA68_OP6c5MykLSdbk9f8QotYhJO6XBm9wNvyddduM6ok2WhpQ_g
Request Chain 607
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECwTvWRLU83t6QCU4CFyT78&google_cver=1&google_push=AQvitUKQWKFpjd3pAagbnwobRKX0OFzX2D3L0sgW5iIHbYFPBPmQF-gyxkF-NB0I2WRzZ-YIrYucYa1wh7F1XTXrhlcezjhXnXGq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKQWKFpjd3pAagbnwobRKX0OFzX2D3L0sgW5iIHbYFPBPmQF-gyxkF-NB0I2WRzZ-YIrYucYa1wh7F1XTXrhlcezjhXnXGq&google_hm=LRUNn84fRp2TpyvL4slnzIg
Request Chain 609
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitUJR8Gbci-azZO2tzND7Y6fH43YMIims0Jn-eGryiv9MSQwvLNi8a5yhHuh8viumDKGd2P8TdpFPxpjzuP2FIi-3BmozgV-R HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitUJR8Gbci-azZO2tzND7Y6fH43YMIims0Jn-eGryiv9MSQwvLNi8a5yhHuh8viumDKGd2P8TdpFPxpjzuP2FIi-3BmozgV-R
Request Chain 610
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG3_rZxAs-pTJOXtZloI7sE&google_cver=1&google_push=AQvitUIEevtgQZ2TEDzWwuf2FGwnT5ZUJDHVZbbGQOh8LtQizlZ6NhWZ5U5EyvV4NbxwsPBbvY2Qe0Q4zobWhQfkyAmgQS4UbBY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIEevtgQZ2TEDzWwuf2FGwnT5ZUJDHVZbbGQOh8LtQizlZ6NhWZ5U5EyvV4NbxwsPBbvY2Qe0Q4zobWhQfkyAmgQS4UbBY&google_hm=OTA1ODE2NDMzNzc3MzgzNzkzNg%3D%3D
Request Chain 633
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 672
  • https://r3---sn-5hne6nlr.googlevideo.com/videoplayback?expire=1614701906&ei=0vQ9YPONDY7t1gKkyYeYDQ&ip=82.102.19.136&id=27a498b1b1133e30&itag=22&source=youtube&requiressl=yes&mh=IO&mm=31&mn=sn-5hne6nlr&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=17.066&lmt=1611119891128719&mt=1614673007&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAPG9jxm5NkXmgYIs6Z2jv1CMiXEgEJB4nG6U89CukRWhAiEA-xtIGkOn_3jUB22GgfZ0w3Q91Wd03Fb_-b2lxWIt7CU=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgNwE16sq2Z2KUU4YH4bgWLFIi6i1zLy9iaXEVYJnpC9QCIQDq9-63tS-UZaxq-3YG3317j6EvweR8cW71wGWGhuZJQQ==&cpn=9DyK_gBZN-WvkJwH HTTP 302
  • https://r3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1614701906&ei=0vQ9YPONDY7t1gKkyYeYDQ&ip=82.102.19.136&id=27a498b1b1133e30&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=17.066&lmt=1611119891128719&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAPG9jxm5NkXmgYIs6Z2jv1CMiXEgEJB4nG6U89CukRWhAiEA-xtIGkOn_3jUB22GgfZ0w3Q91Wd03Fb_-b2lxWIt7CU=&cpn=9DyK_gBZN-WvkJwH&redirect_counter=1&rm=sn-5hneed7s&req_id=9e47a8e7b60036e2&cms_redirect=yes&ipbypass=yes&mh=IO&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1614672765&mv=m&mvi=3&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAINtjj6eovNtqEBnXej9_e8dd_q-JCNnnuNbqy-IcOaqAiBLgG1ImO2IyyEfrtbiWtVGJW6vev1BQil9YBSpIYr3ZA%3D%3D
Request Chain 730
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=3e16684e-7be4-4df3-8475-d209a6de40f1
Request Chain 743
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b5e6d3f2b39beedc9c6be9a762899865&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g006_6934968222656125315 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YjVlNmQzZjJiMzliZWVkYzljNmJlOWE3NjI4OTk4NjU=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOmn059PbhbdLBqms_pOjfY&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=15fede90-59c5-4e22-b268-668391aaf74d HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YD303AAAAL2_2lLS HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YD303AAAAL2_2lLS&_test=YD303AAAAL2_2lLS HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9141423018933765955 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=58f1603d-f4dc-4800-a5e3-add9e6f1379a&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACwik7Ae-oAABFRpQWLRw HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/b5e6d3f2b39beedc9c6be9a762899865&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-gVt.Kjh1lwTm_r.nfJDyZwJ_K0X.Rsfs1SGW89cD
Request Chain 761
  • https://bcp.crwdcntrl.net/5/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Request Chain 769
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/fb088e58708801206e3d0dbe6fa03d3/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4191424814974412831
Request Chain 771
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=fb088e58708801206e3d0dbe6fa03d3&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=fb088e58708801206e3d0dbe6fa03d3&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=e4ae2731-7b2f-11eb-8b15-9e9b130d4f06
Request Chain 773
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YD303wAAAKic1FZV HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YD303wAAAKic1FZV&_test=YD303wAAAKic1FZV
Request Chain 774
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Request Chain 780
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=Ch8oz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHDs8inJMrCAF-nZzp16HmeBu-p0VW3OL1UdNjABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHbEJ1Mt6xQMFtO2ACgOYCwHICwHQCw64DAHYEw3iFgIIAQ&num=1&cid=CAASPeRoRojY6FlqQ8uXnoHG5KZh6gW7JfcTrNcHpATPri9Q_Yp6bM1oQAjnKy9Hxnzcl5vuxOiunqjPPpno4L4&sig=AOD64_3mgPsrmDTN4sPOTDtbX0TcxrjRwQ&client=ca-pub-2361925867181735&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_us_-.cc-ww_en.g-m.a-2554.au-all.opt-cpa.com-newac.lp-loot.cr-mightytower11a_h_17.dt-youtube.cid-12206165757.csd-290121.-%26l%3Dloot%26cp%3D-.cid-12206165757.agid-112310717730.tgid-.intgeo-.phgeo-1001150.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-495431601117.pt-www.guatevision.com_pt.ptc-.-&ctype=110&label=video_10s_engaged_view&ad_mt=10109&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26p0%3D995,1250,1200,1600%26p1%3D995,1250,1200,1600%26p2%3D995,1250,1200,1600%26tos%3D10027,0,0,0,0%26mtos%3D10027,10027,10027,10027,10027%26amtos%3D0,0,0,0,0%26mtos1%3D4355,0,0%26mtos2%3D4249,0,0%26mcvt%3D10027%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10027%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2160%26pst%3D519%26dur%3D17020%26vmtime%3D10109%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1423,1423,1423,1423,1423%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D47%26emuc%3D0%26emb%3D47,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1614673120082%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10027%26ss0%3D0.03%26ss1%3D0.03%26ss2%3D0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1614673109029 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CYCbv0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHDs8inJMrCAF-nZzp16HmeBu-p0VW3OL1UdNjABKKa9rGiA-AEAcAFbqAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHZoJFmh0dHBzOi8vaGVyby13YXJzLmNvbS-xCdTLesUDBbTtgAoDmAsByAsB0AsOuAwB2BMN4hYCCAE&num=1&cid=CAASPeRoRojY6FlqQ8uXnoHG5KZh6gW7JfcTrNcHpATPri9Q_Yp6bM1oQAjnKy9Hxnzcl5vuxOiunqjPPpno4L4&client=ca-pub-2361925867181735&ctype=110&label=video_10s_engaged_view&ad_mt=10109&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26p0%3D995,1250,1200,1600%26p1%3D995,1250,1200,1600%26p2%3D995,1250,1200,1600%26tos%3D10027,0,0,0,0%26mtos%3D10027,10027,10027,10027,10027%26amtos%3D0,0,0,0,0%26mtos1%3D4355,0,0%26mtos2%3D4249,0,0%26mcvt%3D10027%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10027%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2160%26pst%3D519%26dur%3D17020%26vmtime%3D10109%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1423,1423,1423,1423,1423%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D47%26emuc%3D0%26emb%3D47,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1614673120082%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10027%26ss0%3D0.03%26ss1%3D0.03%26ss2%3D0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1614673109029&dblrd=1&uid=Ci0AZWm_Uk6ZJ8E1Nhvqp_SCu2iT9sSfSExb28zHsPEka4TR4FkcHehJSk31QFAQ0un3gQYYDw&sig=AOD64_0Za86jZ0gJSJQGpIvM8Qp9_f3vZA&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_us_-.cc-ww_en.g-m.a-2554.au-all.opt-cpa.com-newac.lp-loot.cr-mightytower11a_h_17.dt-youtube.cid-12206165757.csd-290121.-%26l%3Dloot%26cp%3D-.cid-12206165757.agid-112310717730.tgid-.intgeo-.phgeo-1001150.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-495431601117.pt-www.guatevision.com_pt.ptc-.-
Request Chain 794
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=fc85cfb0-88d2-4072-a17d-11482c401ae9
Request Chain 807
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9857c8b2945a4cf466f6e0fb95dbf8bd&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g053_6934968248425358277 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTg1N2M4YjI5NDVhNGNmNDY2ZjZlMGZiOTVkYmY4YmQ=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOSqMoLhE1rSjiXUydbjfnE&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YD303wAAAKic1FZV&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=99425a75-2a0f-4c8e-939e-2960d5501999 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=755933590036071591
Request Chain 810
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTg1N2M4YjI5NDVhNGNmNDY2ZjZlMGZiOTVkYmY4YmQ=&gdpr=0&gdpr_consent=
Request Chain 811
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=9857c8b2945a4cf466f6e0fb95dbf8bd&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 830
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4346803846097853&output=html&h=90&slotname=guatevision_970x90-upr&adk=1056814020&adf=1174745123&pi=t.ma~as.guatevision_970x90-_&w=970&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673124358&bpp=14&bdt=31&idt=73&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&correlator=885621000075&frm=23&ife=1&pv=2&ga_vid=152445140.1614673124&ga_sid=1614673124&ga_hid=776376156&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2608634385&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2636599224330355&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CoEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yr06729ajvv2&fsb=1&dtd=91 HTTP 302
  • https://cdn.insurads.com/sp/sp.htm
Request Chain 841
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4346803846097853&output=html&h=66&slotname=guatevision_970x66-upr&adk=304258441&adf=1174745122&pi=t.ma~as.guatevision_970x66-_&w=970&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673124843&bpp=6&bdt=35&idt=74&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6380ad579c6f84be-226057d3eca60009%3AT%3D1614673124%3ART%3D1614673124%3AS%3DALNI_MbruoVGtfVF_P8qCApSQA_j895v7A&correlator=885621000075&frm=23&ife=1&pv=1&ga_vid=214910708.1614673125&ga_sid=1614673125&ga_hid=283488232&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2608634385&scr_x=0&scr_y=0&eid=31060288%2C21067425&oid=3&pvsid=2586437195371634&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CoEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.i2xgo1m54tpv&fsb=1&dtd=81 HTTP 302
  • https://cdn.insurads.com/sp/sp.htm
Request Chain 854
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4346803846097853&output=html&h=90&slotname=guatevision_728x90-upr&adk=1607279909&adf=1174745121&pi=t.ma~as.guatevision_728x90-_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673125239&bpp=6&bdt=64&idt=82&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6380ad579c6f84be-226057d3eca60009%3AT%3D1614673124%3ART%3D1614673124%3AS%3DALNI_MbruoVGtfVF_P8qCApSQA_j895v7A&correlator=885621000075&frm=23&ife=1&pv=1&ga_vid=1975601501.1614673125&ga_sid=1614673125&ga_hid=1341764654&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2608634385&scr_x=0&scr_y=0&eid=31060292%2C42530671%2C44736376&oid=3&pvsid=3874713171372525&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CoEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.z8ql72gsmsm8&fsb=1&dtd=89 HTTP 302
  • https://cdn.insurads.com/sp/sp.htm
Request Chain 895
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=563745f0-b27c-4029-99b5-428a8985adaa

853 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.guatevision.com/ 		171 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
1959fa686e8281aaa829a8608d27a104e39346d023f1b8799f89e0d6a3cbf693

Request headers

:method
GET
:authority
www.guatevision.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Tue, 02 Mar 2021 08:18:20 GMT
content-type
text/html; charset=UTF-8
content-length
23627
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.guatevision.com/wp-json/>; rel="https://api.w.org/"
x-tec-api-version
v1
x-tec-api-root
https://www.guatevision.com/wp-json/tribe/events/v1/
x-tec-api-origin
https://www.guatevision.com
content-encoding
gzip
x-rq
ams8 116 107 3108
cache-control
max-age=300, must-revalidate
age
1102
x-cache
hit
vary
Accept-Encoding
accept-ranges
bytes
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 		118 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
468724
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16149
cf-request-id
08939d55530000c2903030b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-1d970"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dvDe8KUISv22PfYd0rua%2Fgph9%2FEK0R%2BHb9MwpmGK6AnrIIXsIcHCH8s8L%2F25%2ByfPTtDz798Cap5ZkR50DTe0GBzV%2B3f0MrrxhngmnXvK0VGdYD7yMZY%2F8JXOqfgixpwmQQ%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319bbcd3c290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
bootstrap-theme.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2279758
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2209
cf-request-id
08939d55530000c290fd1e6000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-5b71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HTZepvoDq0mJbJ7it%2FERV6lmILgViLrdDMAibURWaUtQ%2FJfWnNtHfRXfX9MSYLRXkXwBXDC5Jhp%2BNODrjk0fRxLbykPcrBdnbgKdOlUI3MHpArBWoGs4J2GhF2EhQkvtjQ%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319bbcd5c290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2281604
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
cf-request-id
08939d55530000c2909809e000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w9mIi2aIDh%2FB2bROjQLdk6reiaypObWebZERFmNHY3nZyjNUkyq1Y8T94X584xaiLl6YZiRehWyQ5lTWUsJInYdO711wXv5pN4DkA3lFqVPiE%2FZbqNBd1CzLKzpCCq%2FQdA%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319bbcd6c290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
material-icons.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-icons/3.0.1/iconfont/ 		717 B
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-icons/3.0.1/iconfont/material-icons.min.css
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c3d898b283f3747d4ffb189899f58f78acfdc86125dc92ca17adfc9b879df6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
468000
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
282
cf-request-id
08939d55540000c2909d143000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03efb-2cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JaqFan1b76PXslrYFwvb5m1pEJIKZyiI5ofU1X%2FK%2BtQtLjp%2B2rGWN92qRu2ZsrcUYAESE2EY00H8Rx37sXhSDpnwmClWIClfqfEc0VaMoOqfDB3yQdKxfwaLqMouEwc%2FDw%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319bbcd7c290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
simple-line-icons.min.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eced437d4bb8a726d823bb80013c37e1e0eb81069618e7cc57ff1eadf0d0cff4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1210184
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2041
cf-request-id
08939d55540000c290ba16e000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd2-2af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TVR1p3Y6J%2BgP2vOffP3m4SGobKFZluIhYbEsPsx6SM3ejD%2BhoTrgGVCd8XnKs7drR8CiIaLx4qE6NeEcXYDNimCycQKHd5hyiqAkumozwkA3Mo8mVq%2FmsjKIY8TcNaGmhg%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319bbcd9c290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
css
fonts.googleapis.com/ 		1 KB
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla:400,700
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45ea8657d8d4a2e53745c2729005d78a5de70c7486ed5506b908fc374c7a677b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
ESF
date
Tue, 02 Mar 2021 08:18:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 08:18:20 GMT
css
fonts.googleapis.com/ 		12 KB
938 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
562e753a84d4da8093afe466440eadfb2fef13ac714f963341d34caa20db73e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
ESF
date
Tue, 02 Mar 2021 08:18:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 08:18:20 GMT
css
fonts.googleapis.com/ 		6 KB
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:200,400,600,700
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64c8d8ae0fe92e186775c160f60a9ce6e35541de61534a5a3fb8e71d709f36ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
ESF
date
Tue, 02 Mar 2021 08:18:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 08:18:20 GMT
ekko-lightbox.css
cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.css
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2896375
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2408
cf-request-id
08939d55550000c290920b7000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e41-1be7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l%2BATRwfgP9eI3Johf%2BaOmknGfQBx3n%2BpjXr4%2F2ZQbLa1F9DGoAsl6nz2hez7kBdLOnIuYAxcSaVlpzro%2B9vXfCfZWX6ZBXosFuRRTxZ6vsGpwf%2B87ROJjcH1Y6uD4Dltbw%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319bbcdac290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
weather-icons.min.css
cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.9/css/ 		26 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.9/css/weather-icons.min.css
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c09c6a4a8c69a981ad315ac5bf6d92b3f68aad57f2f527b26f3a5bca517202
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1209094
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2884
cf-request-id
08939d55550000c290878eb000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-6839"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UxhBFStRHyWYeSHthd%2FqHohAbfnD5J4598OkfMzil%2BacFosC0NQA7W7YWaddLfBgQxzRUVxWwLUGkzX%2F9eErdShAu5ZPRWrlghxis6c0cMrnkUWHxdAlJsMYuJY5GRXvgA%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319bbcdcc290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
/
www.guatevision.com/_static/ 		195 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guatevision.com/_static/??-eJyNjskOwjAMRH+I1BRVLAfEt2QxwdRZ1CRU/XtSKAgJDhzH4zczMEahg8/oM0QulnwCaQTLCYcEOn0oYc6xqZcV/M+8/8lrLgaftqGUQXHQvWBSgxwmSHlibBz5r4Z8QVc5W2TGGyUKHjTT7KhCbB6BloOS/BN3Rbw2XjFHWTsPTQcumMI1diRjMSfAUonQE9bh47Lmz6h5wKJn5OSO7bbt2nW322/uQ7mA+w==
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cbde72f55033308679ac76e626ede4ed0e1a1a157e5b8e00344ca769215116e0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-rq
ams8 118 120 3139
last-modified
Mon, 22 Feb 2021 16:03:34 GMT
server
nginx
age
377447
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35027
/
www.guatevision.com/_static/ 		789 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guatevision.com/_static/??-eJydkWFqwzAMhS80xQ0r7f6MncWxtUSZbHmR3ZDbzyljlDFGazAIWe97esZmTUDRcfGoZq7ns+CyfZcuUOxmfTL/iSDQuNiMt2InMWPMJnEZKaqxHthuuFzpnwb8e3qM+K3OE4YaaSx1/4WUJBrHtE+GQux3dmQZLHdDiZ7/zHiHR5BQ+2YQVsoTsDjL2PIEZXIfjdEVdb9vINHqBrZkcRISY/3gBo9EKp5EQdEubrrDolIX8iiwWuaqfwuv/ak/9ofj+eV5/gLlRgLL
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dc7f56719c7696c18d4069a99545c73e1bd800ae38f62263f4aa121f97bc7bf9

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-rq
ams8 118 181 3156
last-modified
Mon, 22 Feb 2021 16:03:43 GMT
server
nginx
age
377447
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
174340
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js?ver=1.0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B71) /
Resource Hash
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1026
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28744
x-tw-cdn
VZ
Last-Modified
Mon, 08 Feb 2021 21:21:01 GMT
Server
ECS (amb/6B71)
Etag
"11a0c75a945561958f0b924da0e67334+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
client.js
cdn.gravitec.net/storage/b49af53ee54bf2346a1a393f41aec2ea/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/b49af53ee54bf2346a1a393f41aec2ea/client.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b3d0f5e02b5178b0be7682cb8615ec2c500e7b6943e057f5c5da2925635a90bc

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
last-modified
Wed, 23 Dec 2020 13:27:50 GMT
server
nginx
etag
W/"5fe345d6-fff0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 30 Dec 2020 15:59:45 GMT
cache-control
max-age=10
x-proxy-cache
HIT
cx.js
cdn.cxense.com/ 		111 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92001db752eba691556966ac429ececc8d7802b8a12322b698345145e608ce6c

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Mar 2021 14:48:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26757
Expires
Tue, 02 Mar 2021 09:18:20 GMT
player2.js
streann-static.s3.amazonaws.com/inside-ad-ima-2/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.74.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4b2da2b658d250bc584930481d15a8cde9be567bbfdd967e5ba0250421b5e6b1

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:21 GMT
Last-Modified
Thu, 19 Nov 2020 22:46:26 GMT
Server
AmazonS3
x-amz-request-id
CC6D4DE149B760CB
ETag
"f13debe201ded29f8da219483d32e8a3"
Content-Type
application/javascript
x-amz-version-id
XOp5rkhdbkpj3USwjz06cBJ0eetC0mM.
Accept-Ranges
bytes
Content-Length
2913
x-amz-id-2
hJsS/tIeBC0XS6EMPntHyksujfeGm/qWyXegRarKLPHEuwfb2wBlKCaqFK/1QMcfjDQIAel3ARY=
logo-1.png
www.guatevision.com/wp-content/uploads/sites/2/2019/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2019/09/logo-1.png?quality=82
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
16e4200d87e3033f07e3c06d260a04a565fa94729cfc2f84b403fdc1b30b9dba

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 30 443
last-modified
Fri, 13 Nov 2020 18:55:30 GMT
server
nginx
etag
"e5a5fe5882824360"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5870
expires
Sat, 13 Nov 2021 18:55:30 GMT
page.js
static.addtoany.com/menu/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
4639
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08939d56000000971ebe175000000001
last-modified
Thu, 08 Oct 2020 23:55:07 GMT
server
cloudflare
etag
W/"146c7-5b1318fce2e58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
6299319ccaef971e-FRA
cf-bgj
minify
responsive-videos.css
www.guatevision.com/wp-content/mu-plugins/jetpack-9.4/modules/theme-tools/responsive-videos/ 		207 B
334 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.guatevision.com/wp-content/mu-plugins/jetpack-9.4/modules/theme-tools/responsive-videos/responsive-videos.css?m=1611697450g
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e5af1eb6993dc2df14e003d0fe5f3e3d48c188332f3ffa5ede99559fcf0eef3a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 115 211 3088
last-modified
Tue, 26 Jan 2021 21:44:10 GMT
server
nginx
age
2210607
etag
"60108d2a-cf"
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
207
expires
Wed, 02 Mar 2022 08:18:20 GMT
pym.v1.min.js
graphics.afpforum.com/vendors/pym/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://graphics.afpforum.com/vendors/pym/pym.v1.min.js?ver=1.0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.178.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-178-151.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Aug 2018 13:42:37 GMT
Server
Apache/2.4.6 (Red Hat Enterprise Linux)
ETag
"234a-5741a6e9fc7fa-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2804
Expires
Tue, 09 Mar 2021 08:18:20 GMT
/
www.guatevision.com/_static/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guatevision.com/_static/??-eJyFjcEKwjAQRH/IdFsoag/ip0jbDHXbJBvcpPl9I3hQEDzODG8elWhmCQkhkc8murxwUFqR4jhvZmh6unGYacrsLBW2C5IScoVkYxg3lu/UeA7NqgeqxxV02aLe6SvCT7Cf+x+xF5tdpdMdHiaJOKUHNEpQ3mF2tpAfzdtw9Zfu2PVtO5y70/oEv2lUWw==
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
32979410f763fe5e852c26a8b4401c0501a7c77026516a087e5c50335d0f7ec3

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-rq
ams8 116 149 3199
last-modified
Mon, 22 Feb 2021 16:03:36 GMT
server
nginx
age
376042
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1671
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js?ver=1.0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1210210
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8722
cf-request-id
08939d56000000c290980a6000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aTbcNpvX3X7HAHVS3flSfXTLWSIrrOBZrpU5wJGb8gzFvlTeUU8V5WSiEJho%2BLxhMOyTMXIB3edbS3c6uMD4X%2BqyYJEb%2FExjbKZvnaCVqT5MDDzy1TtCrKxlW%2FN5FMxG0Q%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319cce19c290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
jquery.marquee.min.js
cdn.jsdelivr.net/jquery.marquee/1.4.0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.marquee/1.4.0/jquery.marquee.min.js?ver=1.0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2278cada41d2bcc06dfa905b1e859133291c58dc7fb209a57f9f5d02c11a92e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1761545
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
2004
etag
W/"1606-H/ZiGK7LO21Ah1cIOjYq5Am4CNQ"
x-served-by
cache-fra19154-FRA, cache-hhn4022-HHN
date
Tue, 02 Mar 2021 08:18:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
ekko-lightbox.js
cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.js?ver=1.0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c602424ede1bea2037389c8635b1f87f14f6d5f942bed4dfb124983acf3afb0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3495369
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5576
cf-request-id
08939d56000000c290878f2000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e41-6171"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XITm8R6X6BP%2BfpEmuNrnHNfmgzYfJZq6ttCTtTw2zwVR8qJiEVALIS3ipwENX0w6Pfn7u9sxeLldmQ%2F%2BGzt79E%2FvMM7ppYjUWbASMMCORG%2B%2FJLjHNZJN8o2X%2BqCv5rRtWQ%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319cce1bc290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
jquery.easing.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js?ver=1.0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
470973
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1507
cf-request-id
08939d56000000c290ba176000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-15b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GQSEzGyQoY3VyxRZN9jGXqrWoZDatQ2sE7zS%2FLt1F%2F8rCIK2g%2BR2pwnD%2Bedrl3qyC%2Bc3GQbXLP9iMJKgHPl6aDZNuwbjsgjDVJKHmiPTPlDpybhA6KXM51ME95z8YDA2iA%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319cce1cc290-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
e-202109.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202109.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT ams
date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Mon, 21 Feb 2022 07:19:45 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.187.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 00:34:48 GMT
Via
1.1 e25359babcc045566ea407b8f6ab0b65.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
13333413
ETag
"96c08723796affab377d9bb08d631cd0"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
4264
X-Amz-Cf-Id
BhdeBR6ibGG3LuHdfiaUCy-21VTvnkS2Cjkk44PW0yg3ty5MkP8grQ==
wp-emoji-release.min.js
www.guatevision.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.guatevision.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-rq
ams8 118 120 3136
last-modified
Mon, 22 Feb 2021 16:03:44 GMT
server
nginx
age
645597
etag
W/"6033d5e0-3795"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4712
expires
Wed, 02 Mar 2022 08:18:20 GMT
sdk.js
connect.facebook.net/es_LA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_LA/sdk.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0f7a991dba1c286bc587ea7c7f7fb996a9bf32f0cdcf0f0083cf1d04558a23f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HLDHda5lx+/b5kPkMjOP0Q==
cross-origin-resource-policy
cross-origin
expires
Tue, 02 Mar 2021 08:31:19 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
s7+BX/T5jxlruFG1OlBbFBNNV+aTKVs2mJ9UH0v559YA7dDkPvDMJfX7icZo9Y5er5kJYkifgPDo/DhdlwXPqg==
x-fb-trip-id
686109401
x-fb-content-md5
1047a8e4f64b371de00e9ff093734fd5
date
Tue, 02 Mar 2021 08:18:20 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0257d4b2233a306e9a0b0f821ab84044"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
gtm.js
www.googletagmanager.com/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXZWLMX
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6c1fd15bfad1cc1cdd05951acef991311169cf8090c9dc29028d1e247f617f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34031
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Mar 2021 08:18:20 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:9200:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:13:14 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 02:03:13 GMT
server
nginx
age
50705
etag
W/"60121b61-8e23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a65cc3f0f56427b7099c895c026d63f0.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
7_gVrIRgnpNvKUvixwelwhtwCyk0_DcJAUrjoI9p1XDbv-my35L4Vw==
expires
Tue, 02 Mar 2021 18:13:14 GMT
gpt.js
www.googletagservices.com/tag/js/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 689 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19330
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:20 GMT
segment
api.cxense.com/profile/user/ 		77 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCBklrqo9wdn0m04n59&persisted=a8df373943318b35fe3562d515c94be9c5a7b367&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22klrqo9w7fs101r7q%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
8cbb756d3fc8ff831352f57e2f612b248daaa6539a01a635d565431bf9b63cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:20 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
77
expires
Mon, 26 Jul 1997 05:00:00 GMT
rep.gif
scomcluster.cxense.com/Repo/ 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=klrqo9vjwrfbb5vg&acc=0&sid=1140711080501017819&loc=https%3A%2F%2Fwww.guatevision.com%2F&gol=&pgn=&new=0&arf=0&ltm=1614673100287&ref=&tzo=-60&res=1600x1200&dpr=1&col=24&jav=0&bln=en-US&chs=UTF-8&cks=klrqo9wfgbgtthm5&ckp=klrqo9w7fs101r7q&glb=&wsz=1600x1200&fls=0&flv=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.80.167 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.167.80.202.116.clients.your-server.de
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
sdk.js
connect.facebook.net/es_LA/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_LA/sdk.js?hash=64257461277dd97d521a59d9bed37c88&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b7c063d0edb440ff1da66e1b8b13cf1f74ff1022e7d7be295b2a978c7f527ab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.guatevision.com
Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
p1eWlNv1c5XEjIFL6EewpQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60512
x-fb-rlafr
0
x-fb-debug
St9fkz3p1g8zBfc6ZCSExYAhXZUWR33UiE/xA2teCoVIMlN3KJ8R8I/sVdZJkdhvRp6/sAhlVG7/dnE98Dpw7A==
x-fb-trip-id
686109401
x-fb-content-md5
7440f6c20e32769c8d0697d46bb105c1
x-frame-options
DENY
date
Tue, 02 Mar 2021 08:18:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ccb50a4ab00db4c316581e469e0ae592"
timing-allow-origin
*
expires
Wed, 02 Mar 2022 06:11:03 GMT
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYM3007WFQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXZWLMX
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c8dfb8372b6d0f558b4ff2ce2b0eb98e8c31a0b6a86af32bbd56699b5c13921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53734
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:20 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXZWLMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1863
date
Tue, 02 Mar 2021 07:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 02 Mar 2021 09:47:17 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.24.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-24-97.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:11:29 GMT
content-encoding
gzip
last-modified
Wed, 15 Jul 2015 00:00:00 GMT
server
nginx/1.18.0
age
416
etag
"55a5a280-672"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
content-length
1650
x-amz-cf-id
bJIOo4s5wSkPoKqcfgjxNJ_1sLR-AnQlHBltZIEcC5oQWE4n1Afl7w==
hbdfp.js
sakimg.e-planning.net/layers/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sakimg.e-planning.net/layers/hbdfp.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
b9a8dba234d28039daae9bd2b823586d2d23be450d10d17658053e78bb4360f0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
86400.000
x-cf1
29080:fA.ams1:co:1612288420:cacheN.ams1-01:H
content-length
14036
x-cf-tsc
1614621859
x-cf2
H
last-modified
Tue, 02 Feb 2021 17:10:41 GMT
server
CFS 0215
x-cff
B
etag
"60198791-9a45"
content-type
application/x-javascript
cache-control
max-age=86400
cf4age
570
accept-ranges
bytes
x-cf-rand
52.949
expires
Tue, 02 Mar 2021 18:04:18 GMT
Z5FJF925.js
cdn.insurads.com/bootstrap/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/Z5FJF925.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXZWLMX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
0688cce42b1a9902871f772fb11eacdfbe9444ee3c0a62403369525606544dd8

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
cdn-edgestorageid
481
x-amz-request-id
3AE3E28FF47AACE0
cdn-cachedat
2021-02-27 18:17:16
cdn-pullzone
55316
content-length
1022
x-amz-id-2
SEgN6XLkEqLoNny+4rLmh0U1WtFrQjSjFXy6VO/5/mjg/Sh7arZ9FEizkRHOrNZqMUNusgwYR4s=
last-modified
Tue, 02 Jun 2020 18:25:06 GMT
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=31536000
cdn-requestid
4e73e1fdafcdc6026e608fc2befc9880
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:20 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1215220447&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guatevision.com%2F&ul=en-us&de=UTF-8&dt=Guatevision%20%E2%80%93%20%C2%A1Lo%20mejor%20que%20ves!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1740849360&gjid=187232585&cid=1851004131.1614673100&tid=UA-18123214-2&_gid=1240917375.1614673100&_r=1&gtm=2wg2h0NXZWLMX&z=1944964202
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RYM3007WFQ&gtm=2oe2h0&_p=1215220447&sr=1600x1200&ul=en-us&cid=1851004131.1614673100&_s=1&dl=https%3A%2F%2Fwww.guatevision.com%2F&dt=Guatevision%20%E2%80%93%20%C2%A1Lo%20mejor%20que%20ves!&sid=1614673100&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYM3007WFQ&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Guatevision%20%E2%80%93%20%C2%A1Lo%20mejor%20que%20ves!&time=1614673100473&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.guatevision.com%2F&random_number=3191358343&sess_cookie=ebe5b9b9177f2043eb8f4a984ea&sess_cookie_flag=1&user_cookie=ebe5b9b9177f2043eb8f4a984ea&user_cookie_flag=1&dynamic=true&domain=guatevision.com&account=Onzao1IW1810S+&jsv=20130128&user_lang=en-US
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.97.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 04:11:26 GMT
Via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
14814
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
f79V4si-X4068--a3woGzawEkglo8oPxa6_BIc6Ua-uNpEq62UcFtA==
collect
stats.g.doubleclick.net/j/ 		4 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-18123214-2&cid=1851004131.1614673100&jid=1740849360&gjid=187232585&_gid=1240917375.1614673100&_u=YEBAAEAAAAAAAC~&z=392721143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 02 Mar 2021 08:18:20 GMT
content-type
text/plain
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
services.insurads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/init?appId=Z5FJF925&h=https%3A%2F%2Fwww.guatevision.com%2F&oo=&v=1.5&t=1614673100476
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/Z5FJF925.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.241.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-241-242.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
92ef3fcb174a2190ef74a7dbc6321dbded5c0430f11c4a7b5e5ff50ff1d6cf4f

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 03:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16138
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 03 Mar 2021 03:49:22 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
last-modified
Wed, 17 Feb 2021 13:51:00 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 01 Apr 2021 08:18:20 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-18123214-2&cid=1851004131.1614673100&jid=1740849360&_u=YEBAAEAAAAAAAC~&z=1150319793
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-18123214-2&cid=1851004131.1614673100&jid=1740849360&_u=YEBAAEAAAAAAAC~&z=1150319793
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.cxense.com/profile/user/ 		77 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cxense.com/profile/user/segment?callback=cXJsonpCBklrqoa3iwp45kfb8&persisted=a8df373943318b35fe3562d515c94be9c5a7b367&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22klrqo9w7fs101r7q%22%2C%22type%22%3A%22cx%22%7D%5D%7D
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
36095719a11704a1eafffc35d913b19e1ae0a30630878c08eaa21d617c37abed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:20 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-type
text/javascript;charset=utf-8
content-length
77
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
streann-static.s3.amazonaws.com/inside-ad-ima-2/ 		695 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streann-static.s3.amazonaws.com/inside-ad-ima-2/index.html
Requested by
Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.74.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c6af01426d89e8844b1fd327f104cb9486ffe5e95885940a800a07e5fa519eb2

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:21 GMT
Last-Modified
Tue, 29 Sep 2020 09:12:31 GMT
Server
AmazonS3
x-amz-request-id
700272404CF9956E
ETag
"daa4b58a517bf040ab9721da04ab93a0"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
null
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Type
text/html
Content-Length
695
x-amz-id-2
4Pfo2EY0TzcupnUA5tDFpkU0ijum0mJggxdalm5BgGXG8kNbtxONSZo7IFwBK90Z/Xkauu+txbs=
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/
Redirect Chain
  • https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvhd:1200x100!/gtv_hd&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&...
  • https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?ct=1&rnd=0.5563402910909814&e=gtvhd:1200x100!/gtv_hd&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&...
366 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?ct=1&rnd=0.5563402910909814&e=gtvhd:1200x100!/gtv_hd&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b30638860c1e72bc5c77245e7837ecdd7f1ca7f3bad275f02b5a8bbd72c666de

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
366
x-sid
AMS-745

Redirect headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
access-control-allow-origin
https://www.guatevision.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2765b/55904062/www.guatevision.com/ROS?ct=1&rnd=0.5563402910909814&e=gtvhd:1200x100!/gtv_hd&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-745
Capturaasdgwt3.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/Capturaasdgwt3.jpg?quality=82&w=498&h=378&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b9ab951a31627c969b0b96b04172da0c70979bc7bcc85b42f6a54b9ab073711

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 32 443
last-modified
Tue, 02 Mar 2021 05:10:08 GMT
server
nginx
etag
"a33f64504c5c7d6b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9408
expires
Wed, 02 Mar 2022 05:10:08 GMT
portadaLS.png
guatevision.s3.amazonaws.com/img/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guatevision.s3.amazonaws.com/img/portadaLS.png
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.209.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cad19bcfa3dca7b3aa9aafb8abb9b350cf7b86beea3d6bf28264d3140ba36fe9

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:24 GMT
Last-Modified
Mon, 26 Mar 2018 21:49:50 GMT
Server
AmazonS3
x-amz-request-id
Y36804RSJBXR7SGH
ETag
"00a9eacb1e4a4e91313efe3338adc6fb"
Content-Type
image/png
Cache-Control
public,max-age=9000
Accept-Ranges
bytes
Content-Length
30110
x-amz-id-2
XQLMGv2JBAOivDcysSBXKvAjJBSzQ+hgH4uzNeIzf8rsiYIJlhHG9iy5CBn0gBU5JBxbJ8y59xc=
Expires
Wed, 25 Apr 2018 21:49:21 UTC
Simple-Line-Icons.woff2
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/fonts/Simple-Line-Icons.woff2?v=2.4.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.guatevision.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1074945
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30064
cf-request-id
08939d573200004ac38633f000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd2-7570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b6a5u2awLZueXFtoskRQzM3sB%2FxD%2BpohnY%2F9oGNVVr3b7seoaEfapGaCswBDVqeQj%2Fya5SHoeMlVTrfD2ofa8JEc6nF5HkVt5INH%2Frhv3MNTMtG2iKirEQkbx%2BGiLvw6dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319ebedf4ac3-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.guatevision.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1210208
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
08939d573200004ac36310a000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=elxXSZKF3H5RhoqzoGgdLRKhRdz%2FGnGa6HQZIGr05U6X5YYY5gr79XjR1jBGYlksyQZ6rkHdCVwhpnhHnU16ZMN6e8A%2BGFBoQ865XfD9PWxpjL3cp7iMCiufGnhgui3vSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319ebee14ac3-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.guatevision.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 09:18:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
age
341966
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Sat, 26 Feb 2022 09:18:54 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.guatevision.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
50568
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:15:32 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.guatevision.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
391014
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:41:26 GMT
weathericons-regular-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.9/font/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.9/font/weathericons-regular-webfont.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.9/css/weather-icons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc7a54cc508ecd7f9bc9e5f1d648535f60e24adf4b667f8c92d66d2ca367e99
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.guatevision.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.9/css/weather-icons.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
461636
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44720
cf-request-id
08939d573300004ac38724f000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-aeb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xWBWSawT02SRFe5BbJR1CA2gN25YDMD7FkqJb79R0Sg%2BclezOLQYp%2BTyn40QZ3KZCYT1uLRqrj%2BLKU3KHAFaZ9jZbVeq0EvdHGq7KqzC0LG6BFsIoQh3LFtefGzg%2FDzaJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6299319ebee34ac3-FRA
expires
Sun, 20 Feb 2022 08:18:20 GMT
qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v15/qkBbXvYC6trAT7RVLtyU5rZP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b2fa706d33b212b5924d7ea4db659fe1f9a64682f507535fdf1bb8e4161e665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.guatevision.com
Referer
https://fonts.googleapis.com/css?family=Karla:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:00:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 21:59:21 GMT
server
sffe
age
350293
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29328
x-xss-protection
0
expires
Sat, 26 Feb 2022 07:00:07 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v19/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:200,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.guatevision.com
Referer
https://fonts.googleapis.com/css?family=Raleway:200,400,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 10:55:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:51:07 GMT
server
sffe
age
249798
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42444
x-xss-protection
0
expires
Sun, 27 Feb 2022 10:55:02 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.guatevision.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:45:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
48757
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:45:43 GMT
180x180_El-term%C3%B3metro.jpg
www.guatevision.com/wp-content/uploads/sites/2/2019/01/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2019/01/180x180_El-term%C3%B3metro.jpg?quality=82
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
41001b96a634dd96fdd8ed43cdfa7e24870a80e16e61553c579e5eba7afc303b

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 200 443
last-modified
Fri, 13 Nov 2020 22:12:06 GMT
server
nginx
etag
"04511906e919875f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3564
expires
Sat, 13 Nov 2021 22:12:06 GMT
REG-010321HC-F2.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/REG-010321HC-F2.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c2cc5579450440fae459c1376ecfe52c62dc18576d84942fbf68ed13f50ef669

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 142 443
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
nginx
etag
"bbad3f39f088a40f"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
89748
expires
Wed, 02 Mar 2022 08:18:20 GMT
REG-01032021-MC-MAESTROS2.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/REG-01032021-MC-MAESTROS2.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
52ab3cbaa159e4d0afd406452ba9d7591d977ef035e1c7e63904dd1a5f013450

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 140 443
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
nginx
etag
"223cc7bf55f8b9dd"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
62426
expires
Wed, 02 Mar 2022 08:18:20 GMT
nimajuyu-1.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/nimajuyu-1.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b984ef74c306a4e95af79910422f1a0845cb5a55ede842c4c4a93f69a5307be

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 140 443
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
nginx
etag
"59a3a3189875c618"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
52508
expires
Wed, 02 Mar 2022 08:18:20 GMT
NAC-26022021-EA-ELECCIONES012_57850950.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/NAC-26022021-EA-ELECCIONES012_57850950.jpg?quality=82&w=640&h=427&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
71b8419d620449a49d2c701bc42acd597cf24b43ad07026491bad69518bf76f1

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 139 443
last-modified
Tue, 02 Mar 2021 00:42:12 GMT
server
nginx
etag
"96f8850948a2fcb3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33830
expires
Wed, 02 Mar 2022 00:42:12 GMT
EudBAXZWQAYlEnF.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/EudBAXZWQAYlEnF.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8d7056a38ae50273b2508ef09ba76e2cc058361abb337ee2f339f580b1c6ec63

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 84 443
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
nginx
etag
"07fa04f58a03ebb0"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
72898
expires
Wed, 02 Mar 2022 08:18:20 GMT
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/
Redirect Chain
  • https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbx01:300x250!/gtv_bx_01&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&d...
  • https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?ct=1&rnd=0.5563402910909814&e=gtvbx01:300x250!/gtv_bx_01&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&t...
508 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?ct=1&rnd=0.5563402910909814&e=gtvbx01:300x250!/gtv_bx_01&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
bafb66c5faabb4937a8055340069c0f78224f6fb4ef89a93f2a641bad8bc15db

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
508
x-sid
AMS-745

Redirect headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
access-control-allow-origin
https://www.guatevision.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2765b/55904062/www.guatevision.com/ROS?ct=1&rnd=0.5563402910909814&e=gtvbx01:300x250!/gtv_bx_01&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-745
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		509 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbll01:970x250!/gtv_bll_01&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b942c3fd7ca45673fdfa105cea6b1c952b6496d2758f1cdbe8bb9bbfd8d26de4

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
509
x-sid
AMS-745
capturado-peligro-2.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/capturado-peligro-2.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aedcc69bcf904f8d92d4966ebb346a687fcda9bfc42e7aa7caba1d8ace1aadad

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 139 443
last-modified
Mon, 01 Mar 2021 14:45:40 GMT
server
nginx
etag
"6c2ac7fa49454375"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
31326
expires
Tue, 01 Mar 2022 14:45:40 GMT
migrantees.jpeg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/migrantees.jpeg?quality=82&w=385&h=227&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
51fb7368162c445fc539ca377de08bbf57d794ff7ff76e630f9ef1e335ead41a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 139 443
last-modified
Sun, 28 Feb 2021 17:23:43 GMT
server
nginx
etag
"e9b4d18ca2238843"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15600
expires
Mon, 28 Feb 2022 17:23:43 GMT
el-duke.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/el-duke.jpg?quality=82&w=573&h=329&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5e41e00c561ba29873d02cde5f5f542b86b676f88f81621ec217a16d86a2a1f7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 142 443
last-modified
Fri, 26 Feb 2021 13:42:49 GMT
server
nginx
etag
"867484468cbe8888"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16638
expires
Sat, 26 Feb 2022 13:42:49 GMT
REG-25022021MC-EMBAJADOR2.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/REG-25022021MC-EMBAJADOR2.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5c6d65bdbe11363540218c98197e55c47a70a8102c8107e01f246a35fe392227

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 200 443
last-modified
Fri, 26 Feb 2021 18:57:18 GMT
server
nginx
etag
"631ebb4653396703"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
85554
expires
Sat, 26 Feb 2022 18:57:18 GMT
bictoin-bbc-news-1.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/bictoin-bbc-news-1.jpg?quality=82&w=633&h=357&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
be336a11570a2f4e307f8e4d7874709d2b5da0f99945192fd8d441c5dd7e778c

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 88 443
last-modified
Sun, 28 Feb 2021 17:23:44 GMT
server
nginx
etag
"df7017a6363ee1e5"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
35494
expires
Mon, 28 Feb 2022 17:23:44 GMT
bitcoin-2.jpeg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/bitcoin-2.jpeg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9b8dba1300ac9d3835249d745fbd95fa78ec11c86c4db96c0a8d910a2eb9b5d5

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 32 443
last-modified
Sat, 27 Feb 2021 19:24:17 GMT
server
nginx
etag
"1fee098957c7e6fe"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
46664
expires
Sun, 27 Feb 2022 19:24:17 GMT
117302969_gettyimages-707504485.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/117302969_gettyimages-707504485.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f625a1076825135ef10d738157919a229ac046644691610cad13326470452eb3

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 198 443
last-modified
Sat, 27 Feb 2021 06:16:34 GMT
server
nginx
etag
"41ad7ab2ebfebcb3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25550
expires
Sun, 27 Feb 2022 06:16:34 GMT
bill-gates-afp-1.jpg
www.guatevision.com/wp-content/uploads/sites/2/2020/12/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2020/12/bill-gates-afp-1.jpg?quality=82&w=580&h=330&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ebac3fd6dd8b3278c263ae4ee1e1035e4fbd94a84f54d5c21b313492af25ed16

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 83 443
last-modified
Wed, 24 Feb 2021 22:59:59 GMT
server
nginx
etag
"8494ad3cb49f280f"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21504
expires
Thu, 24 Feb 2022 22:59:59 GMT
d93f95fa-89ba-45ac-bdfa-0de0456fae62.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/d93f95fa-89ba-45ac-bdfa-0de0456fae62.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
654b3561e265c0cee0d06e8da12e926ef892a7736db6f83ce47252705b02eac1

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 196 443
last-modified
Wed, 24 Feb 2021 12:18:47 GMT
server
nginx
etag
"9c4df92ba6d8c6d7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
57308
expires
Thu, 24 Feb 2022 12:18:47 GMT
tm60118.js
tag.navdmp.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2890
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
08939d57f800002c5651b9f000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6299319ff8952c56-FRA
expires
Tue, 02 Mar 2021 08:30:10 GMT
/
spl.zeotap.com/ Frame 3FF7 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106fe76b55997d47da03403e8c71b972111d726f319394d84073842e27a1f789

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-type
text/html
set-cookie
__cfduid=d26d6fcc5cf6f90eaf3aa402bd8e92a401614673100; expires=Thu, 01-Apr-21 08:18:20 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=a318edb6-8a66-4556-5829-ff87d436a019; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%CB4%92%3F%40wn%802%BD%D1%BF%87%89%B6%D3%EA%C1z%8E%9EO%1E%F2%92%E7%F3%5E%F1%164%8B%F5%DF%92%98%BDj%24%7D%CD%19%D4rb%3F%08%9AT%5E%82%D97%CFE%89%7F%19%B3%96%D3%B3%FDs%0C%22Y%DDxx%D1%8C%D6H%BB%E5%EE%0D%EAu%C7%B8%5D%A6%3F%FD%F3oU%2F%02V%1D%AB%F1%F2a%F4THKLp%BA%A0%0B%87%A1%B8%5Co%A2%EB%EA%CAI%FA%857%AC%2CQp%DE9x%F1%E7%3C%F9%E8%1B%C9%29r%CF%97%DC%F8%AF%23%D8d%96%EC%C9%22%D3%99vi%F3a%3D%BF6%F5jm%8F%17Nn%CC%AE%26%E3; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://www.guatevision.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08939d57f800004e8c7617a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6299319ffb0a4e8c-FRA
content-encoding
br
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 01 Mar 2026 08:18:20 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_hd&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C1200x100&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673100&dt=1614673100792&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=15&adys=206&adks=1460864393&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=1570x90&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
c23ec5e8ff3125a3ba4565f318b196b7cd234633ddf602817ea57b38a134b38a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3087
x-xss-protection
0
google-lineitem-id
4922612131
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296179737
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ced04a3d4345ad4588667ebe0a67d0e0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ced04a3d4345ad4588667ebe0a67d0e0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		508 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbx02:300x250!/gtv_bx_02&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
36808a4262b0abf919450baa68521987513c590ae0c233fd15edf8ea8b128b7d

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
508
x-sid
AMS-745
brasil.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/brasil.jpg?quality=82&w=627&h=475&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
34f2c61b1863f511f66d9e774e3261e0b5e346661c7a9f6a2769ee55cee22f98

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 28 443
last-modified
Fri, 19 Feb 2021 13:38:50 GMT
server
nginx
etag
"2fe95541b98a6613"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14106
expires
Sat, 19 Feb 2022 13:38:50 GMT
escondido.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/escondido.jpg?quality=82&w=640&h=392&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7dde07483446142b97ae4a296d267ee5b7521e4463761c63efe3337901bc2f4a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 196 443
last-modified
Wed, 17 Feb 2021 02:13:01 GMT
server
nginx
etag
"aa5cd9ab2bd5c73e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28040
expires
Thu, 17 Feb 2022 02:13:01 GMT
FQ4I2RLHBVHHVO3ZIK6ZQR4TEM.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/FQ4I2RLHBVHHVO3ZIK6ZQR4TEM.jpg?quality=82&w=731&h=428&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc0ff710379ab0adb9d2ec1a433fd7bf8a26bb71cda64fc45297dd7740a9eaa1

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 32 443
last-modified
Thu, 11 Feb 2021 07:07:52 GMT
server
nginx
etag
"16dc2cdeb37c670c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14036
expires
Fri, 11 Feb 2022 07:07:52 GMT
gato.jpeg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/gato.jpeg?quality=82&w=612&h=340&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
00accf2eaf7854186b4a7aed4140a27159b1efbb56d54c9d5ae30c827d3d3ced

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 140 443
last-modified
Wed, 10 Feb 2021 05:31:28 GMT
server
nginx
etag
"702c275e500b112a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17950
expires
Thu, 10 Feb 2022 05:31:28 GMT
ataque.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/ataque.jpg?quality=82&w=330&h=228&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
838d08eb743cc1b3763c210e23e71bbd38f7c9339db842d0a0c31fc66fde0a83

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 83 443
last-modified
Tue, 09 Feb 2021 00:00:44 GMT
server
nginx
etag
"a6b37d807ce8f408"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12060
expires
Wed, 09 Feb 2022 00:00:44 GMT
tita.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/tita.jpg?quality=82&w=700&h=394&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8601ea61d9e42da55c7df210b049f4817228998f799df5f6b6ef537d6b909e07

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 30 443
last-modified
Tue, 02 Mar 2021 05:10:09 GMT
server
nginx
etag
"936de88b0e9d8e67"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28750
expires
Wed, 02 Mar 2022 05:10:09 GMT
117312141_whatsubject.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/117312141_whatsubject.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
342b5e6b727cc4aa24989dba01acd73e38dabd64e2503b2f0b77a77a8131fb7b

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 142 443
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
nginx
etag
"bc815e816d9dc592"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
45126
expires
Wed, 02 Mar 2022 08:18:20 GMT
AFP_8R92BP-1.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/AFP_8R92BP-1.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca68e15d383685ec72c57efbcb66e764075fa9471421ce79398448caf09563c7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 142 443
last-modified
Tue, 02 Mar 2021 00:42:12 GMT
server
nginx
etag
"afad9bbe5b43c60c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17096
expires
Wed, 02 Mar 2022 00:42:12 GMT
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D9c6cd322591fb324%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D9c6cd322591fb324%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=9c6cd322591fb324&uid=63128f3469742c5823189599
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=9c6cd322591fb324&uid=63128f3469742c5823189599
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Tue, 02 Mar 2021 08:18:20 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=9c6cd322591fb324&uid=63128f3469742c5823189599
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bll_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C1200x300%7C1200x100%7C970x90&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673100&dt=1614673100818&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=15&adys=2101&adks=4046144992&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=1570x90&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ff7ae2ea3af4dbd690c1680fb5a2d12eb3f8649fff32539dabbdea6e977153f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3117
x-xss-protection
0
google-lineitem-id
4922612131
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296179689
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		509 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbll02:970x250!/gtv_bll_02&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
1f4e9fee2f1487b355e7136342398bc7dc98cd407a3d457012e9f65eebbda8e2

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
509
x-sid
AMS-745
117342443_gettyimages-1231237368.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/117342443_gettyimages-1231237368.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
98e8020f132fe3f4d3d162ddc32d4629fd749ab651a877a9a8f2ab57b68d6f78

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 27 443
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
nginx
etag
"861d18d4207c2ddf"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11544
expires
Wed, 02 Mar 2022 08:18:20 GMT
Maria-Cardoso1.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/Maria-Cardoso1.jpg?quality=82&w=581&h=422&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
64d312237e2fdf8ec84e25dc0cb357d306e2031c01dd804731c93d1a57c9d493

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 27 443
last-modified
Mon, 01 Mar 2021 21:22:29 GMT
server
nginx
etag
"008e8d0f85e3d777"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17936
expires
Tue, 01 Mar 2022 21:22:29 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bx_02&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673100&dt=1614673100872&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=2621&adks=1761337398&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=390x313&msz=360x250&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
5fdbd469304d07c9dbcfab3fc127c6f437f5377262d5fa9e74dade9c4092e94c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2897
x-xss-protection
0
google-lineitem-id
4922612131
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296484415
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bx_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673100&dt=1614673100888&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=1347&adks=3962286394&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=390x313&msz=360x250&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b48b787e8261d755398f818d2915f1b36cc36058524e563449b4f0aa4d598629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2913
x-xss-protection
0
google-lineitem-id
4922612131
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296179683
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		508 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbx03:300x250!/gtv_bx_03&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
cf47cfafab4d53956b47dcb450dbfe629fb7ca15f2f6bbfd53ee83a438f36cd8

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
508
x-sid
AMS-745
toxico.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/toxico.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ea2a107048e0129825feed8f29fec3c8181a6c1794f879d4584fdf8c76ab535d

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 86 443
last-modified
Tue, 02 Mar 2021 08:18:20 GMT
server
nginx
etag
"cb9e587984bbfc5b"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22570
expires
Wed, 02 Mar 2022 08:18:20 GMT
bbc-news-mundo.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/bbc-news-mundo.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
01f42758bd76559da899dfd92275f13e8764763730436e9023a49d2187640801

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 200 443
last-modified
Mon, 01 Mar 2021 14:45:49 GMT
server
nginx
etag
"94df389a00357d89"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
84322
expires
Tue, 01 Mar 2022 14:45:49 GMT
117174873_diana6.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/117174873_diana6.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
58a62ef8102455884128429bffeee859d6bae1d6ed8d8114ace23acb81f5e44b

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 200 443
last-modified
Mon, 01 Mar 2021 14:45:55 GMT
server
nginx
etag
"b41ffc9c8cd97db2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
39420
expires
Tue, 01 Mar 2022 14:45:55 GMT
Captura-de-pantalla-2018-03-12-a-las-4.28.55-PM.png
www.guatevision.com/wp-content/uploads/sites/2/2018/03/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2018/03/Captura-de-pantalla-2018-03-12-a-las-4.28.55-PM.png?quality=82&w=660&h=371&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
30467f3fd80fe26eae9c0300eaf496c7aa216e11ea7d1425c4c8b18ec286de6a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 86 443
last-modified
Sun, 28 Feb 2021 02:15:13 GMT
server
nginx
etag
"861ac459879e478e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
39042
expires
Mon, 28 Feb 2022 02:15:13 GMT
bbc-continente.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/bbc-continente.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7403c94c0498c189ad7bdae4b2c7980174d5d11a373b9286d4623073d6721a3f

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 195 443
last-modified
Sun, 28 Feb 2021 17:23:44 GMT
server
nginx
etag
"7ea728322e264804"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
35036
expires
Mon, 28 Feb 2022 17:23:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bll_02&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C1200x300%7C1200x100%7C970x90&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673100&dt=1614673100962&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=15&adys=3855&adks=1162916769&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250&msz=1570x250&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
393d77537f46e572df99ac45da630f1129f17a4b08f45f5471f8b3a105f4de8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3074
x-xss-protection
0
google-lineitem-id
4922612131
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296179107
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		508 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbx04:300x250!/gtv_bx_04&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
01c0935b9b9e56b3727ae6030b904248499a435f20484a5bff3593cb9eceaee7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
508
x-sid
AMS-745
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		509 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbll03:970x250!/gtv_bll_03&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673100&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
fab8009bfca1d997aefa40b183e71b9b7664be86c83a67c7ae6de020a257d18c

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
509
x-sid
AMS-745
importada-feed_429074103_1140x520.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/importada-feed_429074103_1140x520.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dd14a724100b7bf3c6f98b43e18b624d8c1e7436abcc1dd5c2b32e6f6930f50f

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 27 443
last-modified
Mon, 01 Mar 2021 14:45:52 GMT
server
nginx
etag
"489b6347ed4501b1"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
26320
expires
Tue, 01 Mar 2022 14:45:52 GMT
El-inmunologo-Luke-ONeill.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/El-inmunologo-Luke-ONeill.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
46859450500f90ce1370a79d43f2554dc2f98af99e3989406f69e3cd5c6186b5

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 142 443
last-modified
Tue, 23 Feb 2021 11:55:57 GMT
server
nginx
etag
"e704c62aea6e6ecc"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14622
expires
Wed, 23 Feb 2022 11:55:57 GMT
mascarillas_.png
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/mascarillas_.png?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
64fde7c3a690b22043b2f73e6608607f8bb91f0594caa4876a4763a4d4715141

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 142 443
last-modified
Fri, 19 Feb 2021 13:47:40 GMT
server
nginx
etag
"398e018b9fab7ca2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18316
expires
Sat, 19 Feb 2022 13:47:40 GMT
Bartomeu-2.jpg
www.guatevision.com/wp-content/uploads/sites/2/2020/10/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2020/10/Bartomeu-2.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
35fff52a984acf4facb76f8a50e2b5139d60ffd8569b43fbd58bc2291c1c20c6

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:20 GMT
x-rq
ams8 109 30 443
last-modified
Mon, 01 Mar 2021 14:45:54 GMT
server
nginx
etag
"5684ac1036a67366"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
32356
expires
Tue, 01 Mar 2022 14:45:54 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bx_03&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673100&dt=1614673100990&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=4125&adks=1363723544&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=390x313&msz=360x250&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
61e077d8b2c060abfd0e39928d84a3167e3842604738de2ba3424f9f5c0879cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3046
x-xss-protection
0
google-lineitem-id
4922612131
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138276417895
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		509 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvntv01:250x250!/gtv_ntv_01&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673101&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d739ad8f058fd45476e5ebe96c41b1c6197e0af5f939e7f5871f55157c75b96b

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
509
x-sid
AMS-745
getuid
ib.adnxs.com/ Frame 3FF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJvoRYaEJSnvlHUy2QOQjSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEJvoRYaEJSnvlHUy2QOQjSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a378994e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5a2d00004e8c230ff000000001

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEJvoRYaEJSnvlHUy2QOQjSs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=d9aec103-7b2f-11eb-8b15-9e9b130d4f06&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186...
95 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=d9aec103-7b2f-11eb-8b15-9e9b130d4f06&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a2ef9e4e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d59d400004e8c0409f000000001

Redirect headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=d9aec103-7b2f-11eb-8b15-9e9b130d4f06&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 3FF7 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dc...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dc...
  • https://mwzeom.zeotap.com/mw?cid=76b15ee5-943e-408a-8f81-89b7b839e9d0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=76b15ee5-943e-408a-8f81-89b7b839e9d0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a328174e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d59f400004e8c6d061000000001

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=76b15ee5-943e-408a-8f81-89b7b839e9d0&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 3FF7 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
66
date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1614673101.079935,VS0,VE66
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19178-FRA
u
dmp.v.fwmrm.net/ad/ Frame 3FF7 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.57.158.51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
amsadvip2.fwmrm.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:21 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3FF7 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da318edb6-8a66-4556-5829-ff87d436a019%26reqId%3Dcce4f7fa-3f91-4186-5b98-9ff265e8ea78%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:20 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=64acafb2-1f45-4ef5-a5ff-1c4a89586107&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=64acafb2-1f45-4ef5-a5ff-1c4a89586107&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a318104e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d59f300004e8c6a1c5000000001

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=64acafb2-1f45-4ef5-a5ff-1c4a89586107&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a318edb6-8a66-4556-5829-ff87d436a019&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a318edb6-8a66-4556-5829-ff87d436a019&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=61003932093691530740288779498347120457&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=61003932093691530740288779498347120457&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a409834e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5a8200004e8c2ab17000000001

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
mBL4G2tIQoQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=61003932093691530740288779498347120457&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
loadeu.exelator.com/load/ Frame 3FF7 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=a318edb6-8a66-4556-5829-ff87d436a019&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021030209-44702-0.761153001614673099-2a7553314e42bf7dd09bb5ed0cb1a334&zdid=533&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021030209-44702-0.761153001614673099-2a7553314e42bf7dd09bb5ed0cb1a334&zdid=533&env=mWeb
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a3f9714e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5a7d00004e8c33398000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021030209-44702-0.761153001614673099-2a7553314e42bf7dd09bb5ed0cb1a334&zdid=533&env=mWeb
Date
Tue, 02 Mar 2021 08:18:19 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6934968162530883729&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6934968162530883729&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a358714e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5a1700004e8c1c0be000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6934968162530883729&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Date
Tue, 02 Mar 2021 08:18:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 3FF7 		95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a318edb6-8a66-4556-5829-ff87d436a019
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a318edb6-8a66-4556-5829-ff87d436a019&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a318edb6-8a66-4556-5829-ff87d436a019&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=IxB0ESY9OEUFLhXw9kldye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-41...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=IxB0ESY9OEUFLhXw9kldye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a43a1c4e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5a9f00004e8c348e0000000001

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
last-modified
Tue, 02 Mar 2021 08:18:21 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=IxB0ESY9OEUFLhXw9kldye&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 3FF7 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a318edb6-8a66-4556-5829-ff87d436a019&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.163.159.106 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
tpid=a318edb6-8a66-4556-5829-ff87d436a019
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 3FF7 		49 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a318edb6-8a66-4556-5829-ff87d436a019?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.160
content-type
image/gif
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-hx7acgF1lw3xuHNZWYON30uk.3lT25dYEg--&zpartnerid=570&env=mWeb
95 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-hx7acgF1lw3xuHNZWYON30uk.3lT25dYEg--&zpartnerid=570&env=mWeb
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a42a034e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5a9600004e8c049d7000000001

Redirect headers

date
Tue, 02 Mar 2021 08:18:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-hx7acgF1lw3xuHNZWYON30uk.3lT25dYEg--&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=6KJGD1LZ1Xve6mVvsimyZF8RSoITblbu%2BS41iYitP1U%3D
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=6KJGD1LZ1Xve6mVvsimyZF8RSoITblbu%2BS41iYitP1U%3D
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a419bf4e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5a8d00004e8c5f88b000000001

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=6KJGD1LZ1Xve6mVvsimyZF8RSoITblbu%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 3FF7 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a318edb6-8a66-4556-5829-ff87d436a019&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 3FF7 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.1.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1614673101
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 3FF7 		95 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a318edb6-8a66-4556-5829-ff87d436a019&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.64.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:21 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Type
image/png
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YD30zQAAAFJe-lLS&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff...
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YD30zQAAAFJe-lLS&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&_test=YD30zQAAAFJe-lLS
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a78fe44e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5cb700004e8c168e1000000001

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614673102.821409,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YD30zQAAAFJe-lLS&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&_test=YD30zQAAAFJe-lLS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=fa73603d-f4cd-4d00-b1ae-e38281cf4c03&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7f...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=fa73603d-f4cd-4d00-b1ae-e38281cf4c03&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a48ab54e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5ad400004e8c1c0cb000000001

Redirect headers

Date
Tue, 02 Mar 2021 08:18:21 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=fa73603d-f4cd-4d00-b1ae-e38281cf4c03&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Tue, 02 Mar 2021 08:18:20 GMT
usermatch.gif
beacon.krxd.net/ Frame 3FF7
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.1.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1614673101
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
date
Tue, 02 Mar 2021 08:18:21 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a005-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3FF7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a318edb6-8a66-4556-5829-ff87d436a019&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-582...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a318edb6-8a66-4556-5829-ff87d436a019&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-582...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a318edb6-8a66-4556-5829-ff87d436a019&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&dcc=t
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:21 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:21 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a318edb6-8a66-4556-5829-ff87d436a019&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3FF7
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=a318edb6-8a66-4556-5829-ff87d436a019&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
629931a6be444e8c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08939d5c3400004e8c23121000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Tue, 02 Mar 2021 08:18:21 GMT
Connection
keep-alive
Content-Length
0
BK-Server
b5b4
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cmp.min.js
spl.zeotap.com/ Frame 3FF7 		557 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7633d4836cea66858479d69119c3ee45d47a664a441b067762a9ed75d7839af

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
629931a15d044e8c-FRA
date
Tue, 02 Mar 2021 08:18:21 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
08939d58d400004e8c62a29000000001
cc.js
tags.crwdcntrl.net/c/15238/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 09:00:10 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
83892
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nep9cexrOv8ZdmHgxGW-uP9MFPj1XfugbSXlc1wGUTrRltBeRX0IlA==
lester-martinez-2.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/lester-martinez-2.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
91edc21e203faa108c83863ea26d4966908f49caa0424f4b065833f2be580986

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 140 443
last-modified
Sat, 27 Feb 2021 16:08:04 GMT
server
nginx
etag
"604f918128ec9c42"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13928
expires
Sun, 27 Feb 2022 16:08:04 GMT
IMG_0005-e1614211569200.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/IMG_0005-e1614211569200.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c95fc2265cec6deed3b44dca710fced2c9def5202c1e8f69445eeb579abada25

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 198 443
last-modified
Thu, 25 Feb 2021 04:10:17 GMT
server
nginx
etag
"79681719514a78df"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
42348
expires
Fri, 25 Feb 2022 04:10:17 GMT
taylor_swift.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/taylor_swift.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9a2c64a5cc20e6f3aaa2526d6f29d0c48acca50449e49a79bff8b4023ac492db

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 142 443
last-modified
Tue, 02 Mar 2021 08:18:21 GMT
server
nginx
etag
"36aa200b4a55d5ae"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
32666
expires
Wed, 02 Mar 2022 08:18:21 GMT
arjona02.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/arjona02.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
28f4a57b8084b3c45e16c5981b4452f49b621aea1f067db22d7fadf8f1978d1b

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 140 443
last-modified
Tue, 02 Mar 2021 08:18:21 GMT
server
nginx
etag
"4d2ab1c0c242d0b7"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
39648
expires
Wed, 02 Mar 2022 08:18:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bx_04&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673101&dt=1614673101033&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=4864&adks=3465526377&ucis=7&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=390x313&msz=360x250&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
5b2491d2a114da9e340486b6d313ac6bf1d7fb69db70690f41122e1a7667f3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3062
x-xss-protection
0
google-lineitem-id
4922612131
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296179734
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bll_03&enc_prev_ius=%2F0%2F1&prev_iu_szs=1200x300%7C1200x100%7C970x90&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673101&dt=1614673101043&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=15&adys=5208&adks=3708041130&ucis=8&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x300&msz=1570x300&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=7
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
231424636341481c61436adac3b5cbf65309c564c28951204fdac45d866087dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2937
x-xss-protection
0
google-lineitem-id
5077058055
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271826785
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		508 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbx05:300x250!/gtv_bx_05&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673101&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
8704f634f415e3a652d15ac5d61178fd8ec92413d21eaaf33a35ada33341e24a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
508
x-sid
AMS-745
UjVVh38tC1g
www.youtube.com/embed/ Frame B013 		51 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d388a8b7c8a09cfcabcf6a0593829ad751b0c96a60c17c400ccc52cc6db9ae9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 02 Mar 2021 08:18:21 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=OPchX7QPJAM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=qRWMXnsVOos; Domain=.youtube.com; Expires=Sun, 29-Aug-2021 08:18:21 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+153; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Karate-Kid-Netflix-1280x720-1.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/Karate-Kid-Netflix-1280x720-1.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6d17863455b303058488e5c98474fde144bdf62c15493684dee65782a9036989

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 30 443
last-modified
Mon, 01 Mar 2021 14:45:56 GMT
server
nginx
etag
"d974c76c75f48b87"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
59302
expires
Tue, 01 Mar 2022 14:45:56 GMT
Globos-de-Oro-AFP.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/Globos-de-Oro-AFP.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
129a45f37856d08a88b80083362d129f17287c5d269155e9e9a6724f37729390

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 84 443
last-modified
Sun, 28 Feb 2021 17:23:44 GMT
server
nginx
etag
"0249328677c04393"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
56368
expires
Mon, 28 Feb 2022 17:23:44 GMT
bbc-escritora.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/bbc-escritora.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9dc5554275733c22afe4c624df4b108b3725ab0f3665d0801a231e8c7f9de87e

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 28 443
last-modified
Sun, 28 Feb 2021 17:23:45 GMT
server
nginx
etag
"fb6a54ecda55cd6d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
59932
expires
Mon, 28 Feb 2022 17:23:45 GMT
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D91012a1ee19abdce%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=91012a1ee19abdce&uid=63128f3469742c5823189599
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=91012a1ee19abdce&uid=63128f3469742c5823189599
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Tue, 02 Mar 2021 08:18:20 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=91012a1ee19abdce&uid=63128f3469742c5823189599
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_ntv_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250&fluid=height&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673101&dt=1614673101077&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=523&adys=6019&adks=2901876886&ucis=9&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=292x313&msz=262x250&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6726eeab15eb2464e322804aef1c2cdfb66cd390b14194c59f7136d41cb84a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2950
x-xss-protection
0
google-lineitem-id
5077058055
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271553526
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		511 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvbxclima:300x250!/gtv_bx_clima&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673101&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
4c11bc020fff9083a681de0df3f11d23f9b45a6c811a5bb97fc45c100a5fb26f

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
511
x-sid
AMS-745
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bx_clima&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673101&dt=1614673101095&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=1070&adys=7496&adks=2955301417&ucis=a&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=9
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
41212564ee31be6663cea1829e8d2c907664860b73f8b82537e9bf2b6355846c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10459
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
117338573_gettyimages-1231446054.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/117338573_gettyimages-1231446054.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
10690b2c2ab8205640e4732b1dfe9a7d33438c904212e5e52ec850fdeebcb8b5

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 140 443
last-modified
Tue, 02 Mar 2021 08:18:21 GMT
server
nginx
etag
"18d64eb885c5293f"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18234
expires
Wed, 02 Mar 2022 08:18:21 GMT
familia.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/03/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/03/familia.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0a90842a365a0772d60dee509fc3584d6aeb958c3f79fe1d1bfe06b8743ea4a7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 142 443
last-modified
Tue, 02 Mar 2021 08:18:21 GMT
server
nginx
etag
"759137c6f23f7f30"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
23402
expires
Wed, 02 Mar 2022 08:18:21 GMT
116738389_gettyimages-1212502754-1.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/116738389_gettyimages-1212502754-1.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
551521640876c0ac10f1f7db6208d896c8982531a1eff36c62a4b6d5630b74e3

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 32 443
last-modified
Mon, 01 Mar 2021 07:13:14 GMT
server
nginx
etag
"5339a64a61067891"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
38598
expires
Tue, 01 Mar 2022 07:13:14 GMT
bbc-haiti.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/bbc-haiti.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d55fa4ebea3823fbfaffe7e5e1cfee5e978c5e8b5b9f1a4d151910e093ca9be1

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 84 443
last-modified
Mon, 01 Mar 2021 14:45:54 GMT
server
nginx
etag
"f00d9386ff914860"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
52734
expires
Tue, 01 Mar 2022 14:45:54 GMT
117329421_c2cca0c6-c07a-46df-ad6d-8e8d88b8973a.jpg
www.guatevision.com/wp-content/uploads/sites/2/2021/02/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.guatevision.com/wp-content/uploads/sites/2/2021/02/117329421_c2cca0c6-c07a-46df-ad6d-8e8d88b8973a.jpg?quality=82&w=760&h=430&crop=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9a8ae07b1238e30a2526583ff4a77e43ffdacb77ce7ae6cdd8baeee757f80253

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
x-rq
ams8 109 88 443
last-modified
Mon, 01 Mar 2021 14:45:49 GMT
server
nginx
etag
"f38150f720b147d4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
57082
expires
Tue, 01 Mar 2022 14:45:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=4136868039817317&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bx_05&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673101&dt=1614673101115&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=6429&adks=1691654720&ucis=b&ifi=11&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=390x313&msz=360x250&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=10
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
acc186288d247f3c2008a4b29d094ec56faa386249f2e9d5c0f6fbd403a583b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2479
x-xss-protection
0
google-lineitem-id
5077058055
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271553352
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp
spl.zeotap.com/ Frame 3FF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a318edb6-8a66-4556-5829-ff87d436a019&reqId=cce4f7fa-3f91-4186-5b98-9ff265e8ea78&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=a318edb6-8a66-4556-5829-ff87d436a019; zsc=%CB4%92%3F%40wn%802%BD%D1%BF%87%89%B6%D3%EA%C1z%8E%9EO%1E%F2%92%E7%F3%5E%F1%164%8B%F5%DF%92%98%BDj%24%7D%CD%19%D4rb%3F%08%9AT%5E%82%D97%CFE%89%7F%19%B3%96%D3%B3%FDs%0C%22Y%DDxx%D1%8C%D6H%BB%E5%EE%0D%EAu%C7%B8%5D%A6%3F%FD%F3oU%2F%02V%1D%AB%F1%F2a%F4THKLp%BA%A0%0B%87%A1%B8%5Co%A2%EB%EA%CAI%FA%857%AC%2CQp%DE9x%F1%E7%3C%F9%E8%1B%C9%29r%CF%97%DC%F8%AF%23%D8d%96%EC%C9%22%D3%99vi%F3a%3D%BF6%F5jm%8F%17Nn%CC%AE%26%E3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
set-cookie
__cfduid=d090c9e8cbf352e1f008e2705b55bf1841614673101; expires=Thu, 01-Apr-21 08:18:21 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
08939d594600004e8c5d1d8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
629931a20e334e8c-FRA
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		506 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvft:1200x100!/gtv_ft&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673101&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
a718525434de17b3623614c344f9e41e391c45a2f9752694a87caa11471c097e

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
506
x-sid
AMS-745
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		508 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvrchm:1x1!/gtv_rchm&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673101&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
40e9eb7d775717209d3d3990ddf2cd707ce68e468cd0b7806915430b4b0b7f68

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
508
x-sid
AMS-745
ROS
ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ 		511 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2765b/55904062/www.guatevision.com/ROS?rnd=0.5563402910909814&e=gtvrchmout:1x1!/gtv_rchm_out&fv=0&ur=https%3A//www.guatevision.com/&cb=hbepl.rH&ts=1614673101&tz=1&dc=1&srvtarg=gtv_page_type:homepage;CxSegments:&sltarg=~&crs=UTF-8&vs=F&ncb=1&gdpr=0&ccpa=1---
Requested by
Host: sakimg.e-planning.net
URL: https://sakimg.e-planning.net/layers/hbdfp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d99c24f3c226d84ef7d3314740509acdd0ae1227e4e447a95654d71bc1f05e1d

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.guatevision.com
expires
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
511
x-sid
AMS-745
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.4.1&blog=165314105&post=0&tz=-6&srv=www.guatevision.com&host=www.guatevision.com&ref=&fcp=664&rand=0.4953683254698904
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html
platform.twitter.com/widgets/ Frame 35FC 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.guatevision.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB7) /
Resource Hash
99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1768327
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Mar 2021 08:18:21 GMT
Etag
"d9fdaa7a36dc36e57ad53c2039f52486+gzip"
Last-Modified
Mon, 08 Feb 2021 21:19:37 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105677
es.js
static.addtoany.com/menu/locale/ 		790 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/locale/es.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc06d21080605d90dc15ada7638b226a505b2ebc519aaba432f786cec351750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
e2s
x-content-type-options
nosniff
cf-cache-status
HIT
age
1209574
cf-polished
origSize=957
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08939d59bf0000971e92093000000001
last-modified
Sun, 02 Dec 2018 07:26:03 GMT
server
cloudflare
etag
W/"3bd-57c04f1e71f24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
cf-ray
629931a2cc13971e-FRA
cf-bgj
minify
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=1900720402781280&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_ft&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C1200x100&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673101&dt=1614673101279&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=15&adys=8162&adks=1807988414&ucis=c&ifi=12&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=1570x90&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=11
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3645989f58dcd5e50754648368ad3757b1992aba4be45fb6f6224b3221f4b20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2775
x-xss-protection
0
google-lineitem-id
4922612131
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296179689
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		425 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=1900720402781280&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_rchm&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673101&dt=1614673101287&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=8467&adks=1426951064&ucis=d&ifi=13&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8468&msz=1600x1&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=12
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2e720c4d4729373ac244d3c2a6142f0714fac0a9c1f7375689ddef289f5ad8c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
221
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		429 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=1900720402781280&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_rchm_out&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1614673101&dt=1614673101293&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=8468&adks=3867994557&ucis=e&ifi=14&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8469&msz=1600x1&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=13
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
87306a2724c3372833c09c0aca44bd1794c75f39f94ab94a053d0d87736bf04e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ADD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOapNPfApGf3ahbadhFNBsT6GGF4MLRebcc3Qo1R592ATO33nxdt1-aQbsG02xh3XDXm_7sHNf2Tsa4PlmMARdOx41LYAIP8eDDgaakK1aSEtxdaFRR8l2XT4idcbw_JQtfFCqBPqZ6h_p--bYrkVKyqb8Eo20Gfm41Ayqv74Jg9rR_7umyNOQsx4Gn_KmyQISPqrVJIJoBpxV3omMSLX26F7aALnDlAyhxrFyc2YloQlCbWnBZi0G12RxMCWePl4flW2IUPWwb1AaQ4mCXJVyRk4L_rXNtlwUgkiuqcpK7A&sai=AMfl-YTvdYCIyEU9-Y9LSoi2D-G0jydc-mokTZBv_Uv9qNSB29-8pFkotl4Bd0AWBqml66OC6MOH01302ohvKXBJbabAlwPus_C6AY71bFeFPvcLPOP34s7JHRMTEMYwUPQ&sig=Cg0ArKJSzMYOUweIfM7zEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame ADD0 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e7468d3f989dabcf9033b5311b805b4a538cde01d6c12bb07fa709636b97ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 912 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19331
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ADD0 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E6B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugg05uDIM9K_F2YG1aLIPwg7eRsUtOG-1sAudK7cdo__l6vl2HqtR-GNySoNqqeMpxyzm2bhpUu1CyDXggXos81ySxncfo1QjyA1L5oLxGFRAjd5MtWK-kZP0dt6aLrHFKJK3yOLgHiBZFoTtd-7dztbSCgZBnXbGzanAEXkYgfErkSQd2mnyLn8bh_kfmvTOii4_SxS0Oc4wR-iUaMt44d17qQfDZ_kssrccdji9OXH69u9xqLEJVQN0Srxk9BFYUWqx5HZ2PJ-OaEPhNk21Cz3ENtZRvRleaYPL6rE0pKUhfzg&sai=AMfl-YRm1Lhe1nne5bssZmOW1qaGWFfxnPTsaa6g8Hdwl32O_PJ7daIglwyHpADU-S-HRzFYVWgqmK65x_P_LB_vyHHHVDJTN1EqhSh2vfKIgnQpxsTPwNsOANch7E_bLQU&sig=Cg0ArKJSzBaEXsRfCtxBEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E6B8 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e7468d3f989dabcf9033b5311b805b4a538cde01d6c12bb07fa709636b97ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 471 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19331
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6B8 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FD0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNHII6Z2H6OiznPeQay9fT7TuavKO2TCx0cw3H7LEJdgnNjOJOBihoJBm9i-5W61rQ_VCCbkhNxFDiUpNSi660TOiIkE9N4qPFVdM90gyPtYnmHvNwUjr9QLou2_XQQRwpvXGpneed-zqNAtWfRya6U_AqoMVj9yko3rMOeXtU8jpfMg-RoYnR-0ibC0-fyGn8QHTgZ-osLh4vkfrCDdYWp0IUYXRJQV3iXFgYRYaB2bizuDhAWNU88zPd4NBL3ly9Z2wFNxk5ae1yJh6JyTnN71ODyxOizpENnESthie53ls-K64qg-WFHA&sai=AMfl-YRyBAh3-wBz37NZxdo5ii9DRtVHAyLWHN_Kr4fXoUhja4tDSDMujxQ1g9esM5CLG_zWFGiVUoHc7OytOUF7bmn-2y7e5lMbddAfWCR3nuhnbWeHM9nndCbu1F0nz4Y&sig=Cg0ArKJSzCLyc6ZrtTj6EAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FD0E 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e7468d3f989dabcf9033b5311b805b4a538cde01d6c12bb07fa709636b97ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 643 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19331
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD0E 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A964 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdU3y48Ne6xo1sClFB-TcROs99uhnPNI5G7OWObErOEQGlckkQqfHUyfyQQJ5dMsUxifWh-gFPhppm49prNHVDyaG8H9s1WCGLCVKE7-CU2n5amGX32Q9cvgx18QygFvnbfnaq8b6nYwQuPZwwq21pNKfxq5rkoYE9I0k2Hp3kKGXAMvACZghxNEDfC7oGyqt26udmMIKn8xgnYKgePipPOrhKhuIvOngwHFyc_DQejVU41amvhdDHzLZG5iA2Roe_fxL7VWtGLkKHUf2GIr55z-iZZDdHu5p6QC1fuHkYQLg83g&sai=AMfl-YRM2wPbupNE_xA1WwJx2f0PB5gSJxjXZHiRuTzwuHlF0QaWSHkRH63A8efvsFegDPMZgTod2vsJRpt3rudPNRBDPW9hyRxQuE7XOAER9UcC82DKcXigkDfWj2ItbUos&sig=Cg0ArKJSzIwReWRdLQtBEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A964 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e7468d3f989dabcf9033b5311b805b4a538cde01d6c12bb07fa709636b97ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 860 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19331
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A964 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4E23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4Xgz1q5_9-TZ5FlNBE4dfrbv5OtT-vjtUUqTcu7EKAwbrfQzOGubd8a956vyrUrbE0NeTEvumDMV6QW5gOj5FZxEPhEx75885YRnSYSh-rK1dZLSeYm3wjXKk4tO1J6qJJMPmA6nDTcbVAx5H0ylBU-pxZMG9WrAI-Kf9ZqeSWG2W5_W4nc0OH2l7SW56yHpUiguYYUyTQ0vfu28pkhgd7MK1ab6zqSC5mI3Pt6IGYp_alM_abvA04TfN5g_kfzDfHQ8gHeLtPc9S2tAWdSK3g6MI16r6o0BYUYNsFa6ET8GlFw&sai=AMfl-YSQ-ZeNXmtZYefcwu7lReYtk9xYgeX7Vn2mufSoD215HVEK17TR1S0N58BEf1zr_-GEyUDzJKChdp6WiMuQxtYjDAZLftytHXOlQ3Zhwi4h8__g8Yk1LJbkIvoE-64&sig=Cg0ArKJSzL-JYIHbetyZEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4E23 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
71babc861d54fd27adf8fa0c372675968580d55938f69aba71945eb2df7477f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 233 of 1000 / last-modified: 1614640419"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19500
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E23 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BC3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoPZTiC1oRiGfpK10nAclmBLZ_b5F8QD2aZ_c7J_BLPmIatubyl4zpmArZ-ejHPsUB3UoiepMGXespGmV_BNHYJ7r-eL7Q0vBoKy0k8-GobVtWydD5hXnVV7abPH5iAhJN3ZBW9J-LFw7TvKzhZBAocnkvyF51838rSavZ5Zgo4LCFD7giMPjCfXtbuwWN18P3KeMTBXfevyaRYB6ar55CWD6LOuT2VN75vRvl7pCPDjhrE8K_IWT9nRtkRhL1i90x2pM-THZkoIaeBsaQHwbI5GTz3p-VP2JZnQcugzKa9vKYjHU&sai=AMfl-YTZ1oU3Gwv3rIb3o7KovuvXb8rlda6kNLa4jykO6mmGoClzviujHBBjp59EIaCHJh0ododN7KPMShXFOFP2JjYkcuWePwufw7DzfVAFFMAW0REbpZujgmx9Jq1lJiU&sig=Cg0ArKJSzLOL-qunV534EAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BC3C 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e7468d3f989dabcf9033b5311b805b4a538cde01d6c12bb07fa709636b97ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 746 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19331
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC3C 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
admin-ajax.php
plconnect.prensalibre.com/wp-admin/ 		91 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plconnect.prensalibre.com/wp-admin/admin-ajax.php?action=verify_user_session&callback=jQuery35109774099000730678_1614673100240&_=1614673100241
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/_static/??-eJydkWFqwzAMhS80xQ0r7f6MncWxtUSZbHmR3ZDbzyljlDFGazAIWe97esZmTUDRcfGoZq7ns+CyfZcuUOxmfTL/iSDQuNiMt2InMWPMJnEZKaqxHthuuFzpnwb8e3qM+K3OE4YaaSx1/4WUJBrHtE+GQux3dmQZLHdDiZ7/zHiHR5BQ+2YQVsoTsDjL2PIEZXIfjdEVdb9vINHqBrZkcRISY/3gBo9EKp5EQdEubrrDolIX8iiwWuaqfwuv/ak/9ofj+eV5/gLlRgLL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.16 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
90e532ee416afe145be06a5c2d2cde8bba5aef8446a920319ea7062953f6f399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Imperva
x-powered-by
PHP/5.6.40
x-iinfo
7-14794078-14794079 NNNN CT(163 327 0) RT(1614673101241 0) q(0 0 5 2) r(7 7) U2
content-length
104
pragma
no-cache
referrer-policy
same-origin
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=guatevision.com&p=%2F&u=0-0TFD0GnRcCB9jLm&d=guatevision.com&g=65187&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8626&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1376&t=-e6H4CT-MCWB1m2OMDJ00ANDi9dAr&V=122&i=Guatevision%20%E2%80%93%20%C2%A1Lo%20mejor%20que%20ves!&tz=-60&sn=1&sv=BGXtiVB_Hhw3_kLzC9kRCZDL9t8E&sd=1&im=06530c4f&_
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.98.49 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame D1DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3n5qZ56rC7L6HvyXP7vbPg2Q3umoJ5CPiMBgAsycMCKdB-dGwNT6LP2R2g0LdQ5gD4cPFInbDYwkCF8AR7cCGprh_BjxptNdJoAohpV4kgEI41S4IYTsPGMGIOZ6KFZTmddYZpv7gVn7eF-qi3Kt2gR6XjreMgCSpuiGqi_tkONiqIYnbj888WDBKQUOUBFuQqBYdyls5SWbL1T1Dq_2csdJml-4rj9qbxG_ml_GhDWLywQpognuFPDUiD3-OdpDzWgeVaDyEzAV3UHc_cY1GXYjC4tzGj1azLiTDCICd9s7qMg&sai=AMfl-YS-AejL-R2UKbnsgyaKgEUp0i4ClOvfNKBq3udaSbCL0m1u7OSjZXmP8vMesW10fEvUoVqWJ2b1Ra9wguEmZurN8RCE0PZ_FwIM6UzUaRwSFfND-au6Jn63lmCajvs&sig=Cg0ArKJSzFzFoIjibP0bEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D1DC 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e7468d3f989dabcf9033b5311b805b4a538cde01d6c12bb07fa709636b97ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 720 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19331
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D1DC 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
icons.29.svg.js
static.addtoany.com/menu/svg/ 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
via
e2s
x-content-type-options
nosniff
cf-cache-status
HIT
age
9867065
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08939d5a7f0000971ec0075000000001
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
629931a3fc43971e-FRA
cf-bgj
minify
style.css
streann-static.s3.amazonaws.com/inside-ad-ima-2/ Frame D14E 		307 B
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://streann-static.s3.amazonaws.com/inside-ad-ima-2/style.css
Requested by
Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.74.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a6f3243241dccd923a986b35fe5675e16b5930e6ef4432baf73a213dc513c9b3

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:22 GMT
Last-Modified
Tue, 29 Sep 2020 09:12:31 GMT
Server
AmazonS3
x-amz-request-id
28A6B5F4AB0A65A8
ETag
"b893c9b5d04d56c55d7f3fc75332c0dc"
Content-Type
text/css
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
307
x-amz-id-2
aDl4iffjAadbVMvIfgBwbpSB8qQhbRx/h/k/sgeW25/HiNt2sFR3y8efqLDiKCVdp8jC2SaFSME=
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D14E 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114726
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
ads-2.js
streann-static.s3.amazonaws.com/inside-ad-ima-2/ Frame D14E 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ads-2.js
Requested by
Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/player2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.74.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
abef7e470690fdc0f41e09acab3c1306279b9425f379da6012ff4f25c36124e8

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:22 GMT
Last-Modified
Mon, 01 Mar 2021 15:25:42 GMT
Server
AmazonS3
x-amz-request-id
2EF0F7FB6E3C0BEA
ETag
"482e2ec2103f6c88c0de0f83e5ae4c30"
Content-Type
application/javascript
x-amz-version-id
co3Av9RFVTGoLIDEvgp7vgQActCXHlhS
Accept-Ranges
bytes
Content-Length
13442
x-amz-id-2
pCjZxXnuQEeLsTx9xmbMvSDqUPi/P/Lx9m+3ob2nfgknEkxHKkypAKlk55ptpkckC4ht8dQ4kDk=
view
securepubads.g.doubleclick.net/pcs/ Frame 84A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoBCploYh9e-fjIrzY8fRqmV00_QjBQamQc2yAdZCVpf5h-Fq2l_wMUsnB9W-FgsH9_tuhOsszmOejOTdyVNRlq5OrMHjGKu6J27yDpp9muMh6qEx2kJd5MQQdFLDnmpgsTb0EPmPRBi8VKxW6-PMiwecWYdsynRcWJTQaaJ2DqaLCk5d-4wFOFIhVrM57jyjvZoR8EtjhFvw7fQlil9rAS3pDglgR3Xqx2_YN2hzd-cpmMGcILZIvi2zkWiyUmRqqcskd5WPNpVr6uvuXFXsWekU_TUNc00veavAKDXn1GpLDEkM&sai=AMfl-YTO9FJtdv2qjOZQiTwRXjlAKK6n3_J2MKpb2PrwWrMlWVMjy9-pnbN9CwgWGu9imwDs3KCR0pD8OhiyzYtgMB3TL8cUuHS-ns9YbEFWRpofw_SZGOjqcP7AIFA-0f1i&sig=Cg0ArKJSzNdUPfXw-x53EAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 84A7 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49425
x-xss-protection
0
server
cafe
etag
12511417949189125007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84A7 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
truncated
/ Frame ADD0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a31fc18fd15376214a05f1769a630effcd156501abd6836372a374e04800a2a4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E6B8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
180d22295af2e97896455b88c35e0926dc3605ae0358344263b945d44c3768e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FD0E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4c0c81e8cb51976ca12dfb95c8f3283a13bad52aad06304cb350f744eacffad

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A964 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2d20ed383e7f2d73b05f32c034276266e41cf757f3f6d1107228319131d5e57

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4E23 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
608aa5910966d4e4e16b83e18283a8b7941004e3592c8af3ca9783eca01e0614

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BC3C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9da066900cbd6ed7d17ac52d517edceb8e29ddfe614652313068b8d798d9a00

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
www-player-webp.css
www.youtube.com/s/player/4fe52f49/ Frame B013 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 05:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
9466
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52149
x-xss-protection
0
expires
Wed, 02 Mar 2022 05:40:35 GMT
www-embed-player.js
www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/ Frame B013 		157 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 13:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
67590
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58416
x-xss-protection
0
expires
Tue, 01 Mar 2022 13:31:51 GMT
base.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame B013 		2 MB
501 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
50198
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
513497
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:21:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/ Frame B013 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:51:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
52029
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Tue, 01 Mar 2022 17:51:12 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B013 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
359563
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10748
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:38 GMT
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame ADD0 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
truncated
/ Frame D1DC 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab4346ba3c176e9392f3ebdc4c4bb89bf84a4f65257712e5a167f38edeb31d2b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame E6B8 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame FD0E 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame A964 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
pubads_impl_2021030101.js
securepubads.g.doubleclick.net/gpt/ Frame 4E23 		282 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 09:37:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101543
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame BC3C 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 95F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxF6oUhlcX1LHkJYdrno-YwKYav-467j_SvGleRMg9aHmcDsiH0c7ZZcCNdX5GzDfDS4A6gKCt8ZOIS-24P_QeYxK-odO12rO6tIovfwFsRkIa0q5EiXR6eI65fiHrWSx5vxpsTPt9ISsYEbropYW2H28vUcoq9oOk2qlhZ-xUOiZAly1XamLzjcm8gOQQWpfSasu0mlvWWOOi5Gn_P6r7JIm7mb6KpQv-hNYoW2j2C9YQVLMuYNksJqUDSNJTKplw9rq2Nq5fuZ_8jk4HXU8yVGRszMfNs00uPaiJSD5qGsGFQqg&sai=AMfl-YTnfiqeLLL6NVf5Jpyfxf7QclmoGvxN5QSQAkcDwidPVUSpsbjWcCFgT7P1iYhBMlTr4oybgiJTJfpXItBYoJjdBhs1yBJ38HkPh8hejhirXH4BL3RvuluhsPnv3Qzc&sig=Cg0ArKJSzEeNnStM5woCEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 95F6 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49425
x-xss-protection
0
server
cafe
etag
12511417949189125007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 95F6 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame D1DC 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
truncated
/ Frame 84A7 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5756808f357ecfa61e18176f9135dd806de13636cf754324291bd60a28305f0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 73F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPlNDSg1Hvc0oMYadSXQV1-_f1NnBD5BTrm5n5BzPma3bfBYL4q-s8NM_rXN-u2Onnp2mP2T0KKBOdRhKV0aRM0xP_OE01K2KhTFvJEeki9rt89cgRND7BT9YGCRFBDwsJRFXLr69Tqdk_4OcW1bY-2vMM3SOXqbjLWxm9cY8F7qCkgW8d0vB0EqKJ99djdQHJ1F5DRJ0CwtRlFx8kYQk9AcPMtl7tmrZe0aPxzqutrAxeB4X6IiG1ehwpsQibhmH0YeVln3KRUF2C_hUj4yik1KffiE39vr3ZY88uQSIvjQ&sig=Cg0ArKJSzHm7zwlRPLpgEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 73F5 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e7468d3f989dabcf9033b5311b805b4a538cde01d6c12bb07fa709636b97ac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"799 / 659 of 1000 / last-modified: 1614640338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19331
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73F5 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:21 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/042011202030000/ Frame 377A 		187 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042011202030000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
79542
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53598
x-xss-protection
0
server
sffe
date
Mon, 01 Mar 2021 10:12:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dadbef2cde78a425"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 10:12:40 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/042011202030000/v0/ Frame 377A 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042011202030000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
264130
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Sat, 27 Feb 2021 06:56:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e013278ead2acad8"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 06:56:12 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/042011202030000/v0/ Frame 377A 		90 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042011202030000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
232114
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27701
x-xss-protection
0
server
sffe
date
Sat, 27 Feb 2021 15:49:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5c90db2aa9aed9b7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 15:49:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/042011202030000/v0/ Frame 377A 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042011202030000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266193
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1346
x-xss-protection
0
server
sffe
date
Sat, 27 Feb 2021 06:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee2fcd04144120a6"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 06:21:49 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/042011202030000/v0/ Frame 377A 		41 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042011202030000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
147849
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
sffe
date
Sun, 28 Feb 2021 15:14:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"52961b8c810f9351"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Feb 2022 15:14:13 GMT
truncated
/ Frame 377A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51788c7de91f95db85505f5abd9086dafc96f5ada3612eb1a40d4a000f0f299a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
1866585107746493370
tpc.googlesyndication.com/simgad/ Frame 377A 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1866585107746493370?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmMfs1xWh_6h7jc-__bBo8JmopWmQ
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
510ad45e57537e844d5a2be03374a679df840aaf24918cbe9f7d73b5a5ad6afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 20:30:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 13:39:33 GMT
server
sffe
age
474471
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46207
x-xss-protection
0
expires
Thu, 24 Feb 2022 20:30:31 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 377A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 04:27:12 GMT
x-content-type-options
nosniff
server
cafe
age
13870
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:27:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 377A 		295 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
36077
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 02 Mar 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame 377A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR--mueQ5FMmdw3am43_O3Bdar47Tvw08hmxpBdfm35Gccn7EF3e0dpu1DeBvDWadf0rccwtj0QHIWxcjD7TXnhmfuUJQ
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 377A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ci0k6zfQ9YMqaKc_u7gP-xpHwC4S6kMxhifGsp6UNos2Q3dogEAEgwbDsdGC5-MeA3AGgAan07PUCyAEC4AIAqAMByAMIqgTdAU_QexmjC8n-Z-92TWPBIER_n_TPpHGhlzCvCvZmEweNHkRcMvUlu6T5WjCWjJy7d7zvUhWZC6UrckIsYRVTVLmEv98HbnjBpon2Y1KB8OWNqeQM9n4z57Wu6btYS7hnblXuDrfEhjhgflii9zipZYJx1-4duN_Re5D2IPpPwdkg1ptVog9BprkjHHGhLGriULjElV1M-aR_kwGuAUGXhuVh2CDRCwm-IkpCBZBgOJ6W2q2mj117fKsgHgyS3PphOG87rCFigz3zoty627ZAfQHlXEcki5NOLHqYvxsGwAS4kZTouQPgBAGSBQQIBBgBkgUECAUYBKAGAoAHsKHjxwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQwrUM0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNTA2OTgxMjgwMzY2NDIxgAoDyAsB2BMMshcaChgIABIUcHViLTI5NjA3OTU4NzYyMDYyNTM&sigh=VzbLmVPg5l8&tpd=AGWhJmsHTNzrf6WLUl8bkDhl9LNO5kac4b-r2U78utAsW7PJdg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 84A7 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame C89D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210224/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 02 Mar 2021 02:25:28 GMT
expires
Tue, 16 Mar 2021 02:25:28 GMT
content-type
text/html; charset=UTF-8
etag
6440208225989294717
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4777
x-xss-protection
0
age
21174
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.444.1_en.html
imasdk.googleapis.com/js/core/ Frame 66E7 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.444.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192862
date
Mon, 01 Mar 2021 18:27:39 GMT
expires
Tue, 01 Mar 2022 18:27:39 GMT
last-modified
Fri, 26 Feb 2021 01:03:43 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
49843
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame D14E 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:22 GMT
campaign-web
ott.streann.com/web/services/public/ Frame D14E 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ott.streann.com/web/services/public/campaign-web
Requested by
Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ads-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.86.238.174 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
2853068375a809f9e2d9d7e8d54dc7cbdbe07906654acb8728bd0c68add84575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 02 Mar 2021 08:18:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
nginx/1.16.1
X-Frame-Options
DENY
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Headers
Authorization, Content-Type, Pragma, x-app-name, x-app-platform, x-app-version, x-os-version
Expires
0
integrator.js
adservice.google.be/adsid/ Frame ADD0 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ADD0 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ADD0 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2956666198917736&correlator=46953767340242&output=ldjh&impl=fifs&eid=21068422%2C31060309%2C21068030%2C21068864&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=245837125%2Cguatevision.com%2Cguatevision.com_display%2Cguatevision.com_desktop_allsite_ros_horizontal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C970x250%7C468x60%7C970x90%7C300x50&cookie=ID%3D25dcb44b072f10c4%3AT%3D1614673101%3AS%3DALNI_MYv-hJ8ngi_fDcA8AO-MDNr3_XEIQ&cdm=www.guatevision.com&bc=31&abxe=1&lmt=1614673102&dt=1614673102484&dlt=1614673101312&idt=878&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=236&adks=2139551937&ucis=nm6otct4j2cl&ifi=1&ifk=1464207566&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guatevision.com%2F&top=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1851004131.1614673100&ga_sid=1614673102&ga_hid=1651107310&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
698650c9ff9d881029f3ff593df5d76024853c0b0f731924cebc4bc695e70daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2735
x-xss-protection
0
google-lineitem-id
5234261026
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296230501
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6d45976d15ae950b386981bbf04d250f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame ADD0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://6d45976d15ae950b386981bbf04d250f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame ADD0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
truncated
/ Frame 95F6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
165b7280c585c6e89d4d88c8490a1df5588abec7c494cafa1c4b8d9c79fce2eb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F034 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDNhuwGPT19DMK0NaR1FqC-rmKR_K0A2WBb4KxRnnlELc5IzAcai0nrcCIdBTixBtWNKCw46oQJmhVy2bs1-aTiKrq0ClmKECxUJLCVf0Hqel0jXswOemJgrQnXgFCn3GNsPIhhcmlIjSoq8sTUp1D7s0sOVRIQUvwUZwMJIxd34k9dmlZ8DTCNksqKQD4eO6hwc89EWx3qj8Jn1dmsQfpsZeAKzU825x0UU1HUgAuyu2irfav2ZeWhqKxtX19cIuFBfqC2kx5Yq6AvvfrCwqYxn5gB_OyvEZ0Mvy3Q1PMcOo9Yw&sig=Cg0ArKJSzG0olRc4io6-EAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F034 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49425
x-xss-protection
0
server
cafe
etag
12511417949189125007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F034 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:22 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4037078421924708&correlator=1900720402781280&output=ldjh&impl=fif&eid=21068529%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=55904062%2Cgtv_bx_clima&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&ris=1&rcs=1&eri=1&cust_params=gtv_page_type%3Dhomepage%26CxSegments%3D&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&bc=31&abxe=1&lmt=1614673102&dt=1614673102543&dlt=1614673100107&idt=450&frm=20&biw=1600&bih=1200&oid=3&adxs=1070&adys=7102&adks=2955301417&ucis=f&ifi=15&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8QeKitLGQTjR6zAJ9EenjaPThEqXLMSKWCyfL6zMLFVu6Hr97mZ1BaywIp7dUvHz9NNKbnJBtQ9OieIO2lVuCfXsw2lpWlkdI%2CAGkb-H_6oY9LV0_NzrJEsurTRnwHpKAOei_zJj1mEcwTNQXIQ6DWm_goQ4bCNJXPnHkFx3r06A3pskxc8FG3ODq6B8M4lA0059TOAes%2CAGkb-H9gEYZXdCUYyZW-eJlwcPEWFaqQVO9UFl1T4MRvNmC0KiSiRTKx1nbqfE-MBMmrUHj3vy6snJVErMBbAdqFwlRNVg%2CAGkb-H8pJcJc1-0VevWmC1fUVtJr8-2z-9dciZl_ZqnKVv3Y9UhKgyroKrVYyVm_aQoj6wbQO5n4WuLrKvkUk0HkaIShkxjQ9t-6jYU%2CAGkb-H9TgvqOVUoYLp9dHAF-33tp-LuAQq2I7XuhSwKfOdllcS_Nqv54wrx3eAx1edKjW8x8plXoLx_pZNRbmcHgN5LGJElUu9IUJTM%2CAGkb-H8hKLbv9ioHQ029drMpIH45OFAe5Vq3PJ4HbrUDySpCwNCdWN31JsRnqIYt7TALXDhruoObY5uJWogLT3gRMluM3IdVdGGmZoE%2CAGkb-H-5Z9lLDgdQCsws8NvN7a5rvBaMElNDKYZ3i22y4SnrR0ukQlVFSGSYN3SNiakOyEE5ym4Y8ZQnkTcOh66RLqvJTEKHg9mJXVw%2CAGkb-H97hG58jpUi7UZ9exC2m6BW0FrG1o-z9YPUramGX4xgeb6J4l33uvmPHR-a9uVdHvySjr3lNXOT3DTiI15ueu_aog%2CAGkb-H80o4nAW7DRdmfCvrCARt2gOEX6ff67s9lZNFKYDA1HxPS-APLaDzWIR3WUqeBugYGv3Jq8flryll7jhuxy4RrctXpp6qQsmBQ%2CAGkb-H_hRwqVqFBVZ4ANP3NfPPDKPOF3yL3ybLmI5MVhQitk8GWxqDUXYXBvqhB5TPa5ieHALJAr8L0XrVp5nm92_El5nA%2CAGkb-H-qNfwdccZ1YrI2xXTo9xfidY8B-pS-n4Vw6LC558XemOjgowbUqBQuNclUPmzm-YwMwhLqS_x4RcLRr1HdXp3gemYtw9OGx-I&ga_vid=1851004131.1614673100&ga_sid=1614673101&ga_hid=1215220447&fws=0&ohw=0&btvi=14
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
aaabcd3244efb93caa2cb582a42a777881eeacc8f307ac6fb4e6a29919ac00b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10393
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.be/adsid/ Frame E6B8 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E6B8 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E6B8 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1243738724398832&correlator=2549173695681271&output=ldjh&impl=fifs&eid=31060270%2C21068110%2C31060011%2C44733567%2C21069710&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=245837125%2Cguatevision.com%2Cguatevision.com_display%2Cguatevision.com_desktop_allsite_ros_square&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=200x200%7C250x250%7C336x280%7C125x125%7C300x250%7C180x150&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&cdm=www.guatevision.com&bc=31&abxe=1&lmt=1614673102&dt=1614673102574&dlt=1614673101332&idt=1232&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1010&adys=1376&adks=203191398&ucis=um89sfiz6pw9&ifi=1&ifk=1070646526&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guatevision.com%2F&top=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x200&msz=300x200&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=724267033&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e957e83f7c084aa3c8c59e863bbdb17436f901bc2caedf5324409693eb2558bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2621
x-xss-protection
0
google-lineitem-id
5234554232
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138295922939
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fd1446388e48171d2ca8dabd8dc6d58f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E6B8 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fd1446388e48171d2ca8dabd8dc6d58f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E6B8 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.be/adsid/ Frame FD0E 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FD0E 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FD0E 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1472611813426457&correlator=1950595677082945&output=ldjh&impl=fifs&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=245837125%2Cguatevision.com%2Cguatevision.com_display%2Cguatevision.com_desktop_allsite_ros_horizontal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C970x250%7C468x60%7C970x90%7C300x50&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&cdm=www.guatevision.com&bc=31&abxe=1&lmt=1614673102&dt=1614673102591&dlt=1614673101349&idt=1231&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=2128&adks=2139551937&ucis=30e4jmqbuibv&ifi=1&ifk=845326570&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guatevision.com%2F&top=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1027120828&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
26086fb965567a38eee311a29f303443828677225c513bac25313073e86adb38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2600
x-xss-protection
0
google-lineitem-id
5234261026
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138295915539
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
63730eeb8116fe6633fcc0426f941673.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame FD0E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://63730eeb8116fe6633fcc0426f941673.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame FD0E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.be/adsid/ Frame BC3C 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BC3C 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BC3C 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3822500437201877&correlator=4122041942618552&output=ldjh&impl=fifs&eid=31060033%2C21068864&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=245837125%2Cguatevision.com%2Cguatevision.com_display%2Cguatevision.com_desktop_allsite_ros_horizontal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C970x250%7C468x60%7C970x90%7C300x50&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&cdm=www.guatevision.com&bc=31&abxe=1&lmt=1614673102&dt=1614673102621&dlt=1614673101379&idt=1231&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=3879&adks=2139551937&ucis=lhgdjtbp62uj&ifi=1&ifk=955080962&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guatevision.com%2F&top=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1491676479&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
40431ab27bab69f00e22cc1762b5cda7983289df95dad74d98db73b2b98081f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2601
x-xss-protection
0
google-lineitem-id
5234261026
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138295915539
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cd00bbc51b90209ba3e508328f3b6574.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame BC3C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cd00bbc51b90209ba3e508328f3b6574.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame BC3C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.be/adsid/ Frame A964 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A964 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A964 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=25017539370792&correlator=2325546524882976&output=ldjh&impl=fifs&eid=31060309%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=33437307%2Cprensalibre.com_Display&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&cdm=www.guatevision.com&bc=31&abxe=1&lmt=1614673102&dt=1614673102646&dlt=1614673101359&idt=1271&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1010&adys=3989&adks=167950121&ucis=bu1peu1bh4c9&ifi=1&ifk=773265911&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guatevision.com%2F&top=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1924851601&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
df51ebb58e29c9d5555c3e3603d109338db42a5ce6f5732bb5b8fbb3bc6d8afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3421
x-xss-protection
0
google-lineitem-id
5106741282
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274645955
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
024851ddcc4d53e3df145ce2b2bee238.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A964 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://024851ddcc4d53e3df145ce2b2bee238.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame A964 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.be/adsid/ Frame 4E23 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4E23 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4E23 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1680154774251010&correlator=2369269373808787&output=ldjh&impl=fifs&eid=31060237%2C31060315%2C21068031&vrg=2021030101&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=245837125%2Cguatevision.com%2Cguatevision.com_display%2Cguatevision.com_desktop_allsite_ros_square&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=200x200%7C250x250%7C336x280%7C125x125%7C300x250%7C180x150&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&cdm=www.guatevision.com&bc=31&abxe=1&lmt=1614673102&dt=1614673102680&dlt=1614673101370&idt=1289&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1010&adys=2647&adks=203191398&ucis=lohohd9urbv&ifi=1&ifk=2535737549&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guatevision.com%2F&top=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x200&msz=300x200&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=188744955&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d95f00101202cc94b7d7d5f2ce8321d5f795302a478c8c47fc64e5adbf94a36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
google-lineitem-id
5234554232
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138295922942
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0bd28a3fb7462fd80e8907ee49860446.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4E23 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://0bd28a3fb7462fd80e8907ee49860446.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4E23 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 95F6 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:22 GMT
integrator.js
adservice.google.com/adsid/ Frame D14E 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.be/adsid/ Frame D1DC 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D1DC 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D1DC 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1587338410190581&correlator=1330260361340903&output=ldjh&impl=fifs&eid=21068530%2C31060237%2C44733567&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=245837125%2Cguatevision.com%2Cguatevision.com_display%2Cguatevision.com_desktop_allsite_ros_square&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=200x200%7C250x250%7C336x280%7C125x125%7C300x250%7C180x150&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&cdm=www.guatevision.com&bc=31&abxe=1&lmt=1614673102&dt=1614673102749&dlt=1614673101426&idt=1310&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1010&adys=5013&adks=203191398&ucis=xu1qb9z71e2e&ifi=1&ifk=3803550196&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guatevision.com%2F&top=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x200&msz=300x200&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1158729664&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2345760bb81971826211abbbd04a0c5d63fbdd9235ae756aa2c8852918f7384a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2577
x-xss-protection
0
google-lineitem-id
5234554232
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138295922939
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0fb87077e30a6b9fa4446eae7d81619f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D1DC 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://0fb87077e30a6b9fa4446eae7d81619f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D1DC 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
settings
syndication.twitter.com/ Frame 35FC 		183 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=f3259172a8b24098a000dce729086b9d0cc4e3f0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.guatevision.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.guatevision.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time
112
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 08:18:22 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
2195b0a11153ef6977efa69542c53f52
strict-transport-security
max-age=631138519
content-length
152
view
securepubads.g.doubleclick.net/pcs/ Frame 0E29 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup0ZV-PQPW1RX5gRKeQURsHbMQVtj6G0F1UXSgT0Bv3cwxC9--GEqQNSDzQBjknCndi9gkvQcl3eL5h4vUsnG39wkqk7tqzNkQ6BIT3BXOvB_ilY3u7UEKuZ9N1LGISEG6aRGjGbkVKP9QLpUtpKNzgYwaw4ehATpxweYDUo1qOmo8Ryb864ri6_dcjwNBObJKP8WM9RZB0rE-2uXFelxAwZDO2IKSyQW1hZibtdzpANReF17BGUcPBCeAp3uRq4Inl2lna1VMI0eUz4qtmbKdryVufIhoIywj0V5M8tipEanWl_7gh2-oW0VzHDfBwXaFg-guDC8K_fSgXkKB3_D3cdoTT2Cf75TZYHySZAL-6rNU5VrY7_QX13XKXGOM0m9AROneBrchrrjnNGk&sig=Cg0ArKJSzKdEsPrjXnVLEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
smart.js
ced.sascdn.com/tag/3060/ Frame 0E29 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/3060/smart.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94a8a54597671a92b6a5c081f02c4117852e878ec895e9efcf704011655ac1e3

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:22 GMT
Content-Encoding
gzip
Cache-Control
public, max-age=287
Content-Length
11334
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E29 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:22 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame ADD0 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:22 GMT
id
googleads.g.doubleclick.net/pagead/ Frame B013 		113 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84458152f011ef3d6d6bdfedf62eee5142314cb70834c112a1de59ccb89a27f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame B013 		29 B
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:11:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
385
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:26:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C394 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuidSMclx4tWh24jmpelkT79wV1ErSpi5rfTc14qV8fDcaDXNHBXeCs83qvxR9CDVLVptEUchFWTVIyP50R_n7htxGiKJ3yFXpMZ3RpB0df6fZTFFF-fHCrlEqyEaKYHFq3MoVk-lD53gHfuN2jDr2s5wBHTYFt72HpeW_voYOyhF3MCe4dlRa3whVYkF40cqfEVnTG2esmDlgUPvl6DQO_VMg3ybMeinZpLiRIMP4ubeBMyaH-R1NkXeo6vMdxFlJwLV37AUBbZLvAZBea5LUNVgF7tTaJbUgfbXW1x2_IVd8qg30CA0ZigzGRLhN_-0pyeE4rIJ9hvNsL9vZo-GTxf0zYFKm3njBLmxuCvGnUXvvPPR-sVvxORFUjDPpvEcd-10uMAPX0qYo&sig=Cg0ArKJSzErqNX0XatXFEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C394 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01c1c3258f954bd0d94c5050c4b9b1ec1dfe1a1dba77d43a3d3f4a2afb4c28ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34374
x-xss-protection
0
server
cafe
etag
18199295410799919595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C394 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:22 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame E6B8 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:22 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 30F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYuj-BUcM3L1qHK1rdPUv5obwRavCfIqIjScVmQ_mUMjg5mvTfZO5ZnHuPrRmQb5QmL0b87vOBnhReCHRFY-4p6rz8pb0cSdSWLt_zeHtx2N6C50pe0Gwd2WT-AVpYjTW3DaWwFe2Z6J3XvY8qfkah4E7wHYW6GLsTSEeubZomYlqrSD6EoPmoN_jgMPLBq8ZZnq2BrK_FZqPfhPuOu7_ebKSgSMXi8OIqhinkaiMEgWFKYbDLXP_gqGg8hNNk2KoioRcFvAr2uyjfNEwCR-Ync-JSeUDato7Z2uAk1NCGd9V5qw2Jbp6_qaHk6IIQZqyrqCwlI9LphYBh9Hqe6yAGomtF_sQzh9NDZv_18KmtGTF_zXsF3rcbKwCsInb6lQpqBp00nNQo4puUvyA&sig=Cg0ArKJSzJgKQBA4-1I1EAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 30F7 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01c1c3258f954bd0d94c5050c4b9b1ec1dfe1a1dba77d43a3d3f4a2afb4c28ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34374
x-xss-protection
0
server
cafe
etag
18199295410799919595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30F7 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame BC3C 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 74F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzdrB3TxGsd5jfQMH9xsxil1flgbp35BHa0X3iGl-TBd9MWdRIpE3SBOCn3_zcbesVF0PZmq6W_pubztQanapbQVCUeknARWKh30yCtpt7lP7QgpGAu4qthT3O3hlpjSdUTRIOdGIrOTHuEPjbrXwBHph-uc0gpvy8dacd9bUHxhu3iRccyEkXkYlH2MYGCH04Zbfy-OhgEldpipZO5BUJpmHV8C7rUOhyM7LIrwEDxc_8JAthNxjTy2zIOnZqLTgzlb56PL8elKeqtoHAjZIfjyNZV-ROSLfVlK5uL3VT67fTtvAMWDHmU7Ypd-w&sig=Cg0ArKJSzFknCECxxVfdEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
smart.js
ced.sascdn.com/tag/3060/ Frame 74F1 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/3060/smart.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94a8a54597671a92b6a5c081f02c4117852e878ec895e9efcf704011655ac1e3

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:23 GMT
Content-Encoding
gzip
Cache-Control
public, max-age=286
Content-Length
11334
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
lo-vslider-v1207.min.js
dkae4asr0dphj.cloudfront.net/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f800:18:e253:91c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3cbb0fc2022e7a5c1291c20674c3547cb5cc7acb9b1f1f897ecae026f3a02fce

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
znPrU_xkNnyeCnV_dQEyXGOnVq6x4zpX
content-encoding
gzip
last-modified
Wed, 18 Nov 2020 15:59:05 GMT
server
AmazonS3
age
22167
etag
W/"c8c96f4e943bfb68521172b410221dbe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
date
Tue, 02 Mar 2021 02:14:07 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
oueykocraP_qiJFCykSG4vrhnz-2W9qc1-ANWbU9LFFutv3zgxM8Nw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74F1 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame A964 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5C76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso3Qk1uLCKSg0_jglmRcZ0CXITS2C1kgND8UBfVLwOh7sYTF6xtPj1nWrWURtqFCzLPNjOINh9zJtZSo-cLmqn28FxBi3kFgKdv4a5QyPjTQGNBVF8Qt9eVjT8-T4TPb_aSEUwG9j2qnfz8uIbBIXAlK6o9NPKwKZdbDOpY8Q3HwKkrFuI4BPIvqP31CWjgwfMkiUiQXSywg9xBTtaumJf1NsqqQiIu0CheYKpX6Ma6Husbrj1n27VD_qweIaoPce-djDwa2iqIEC1STlkT5K_4n_125IScAU0bPBp8uMMPqy-gGYSzqxsQfckkg2H85YvAROpTLd7EvEkFDUkzTbXR42TxxXQoDwuPG06r95jsDsTIBMo59F0HpPxiDBd0pJTAoYAkILCSGsS3k4&sig=Cg0ArKJSzPYlPbUOjG7hEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5C76 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01c1c3258f954bd0d94c5050c4b9b1ec1dfe1a1dba77d43a3d3f4a2afb4c28ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34374
x-xss-protection
0
server
cafe
etag
18199295410799919595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C76 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame FD0E 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 16F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunemMaYTg98sEwEwoagg49sTpBaby8DIEQ6H1Z3Obuk2R1-pWc9e_hZ9vG50b9o_a2K3Tp6qoKcIKly-8Or_IKtz6DA3-zdKPHdm3Q80yXFop6B0rt1sNDGNQyRUGYqq8CeDLc-j1vxMaLDLtpY2m7xDPovPZXLbncjm8cBQTfqDU3zortDuRo5sJuKKOiu87LgKLEos0fvGTKdn8L1exAX2LygUFUq0AVZg_hsLQOShRZenNoUxwwjWBrXRyE-avYY9p3kXxRCXrjz-WYEZzH7rRq3HK6MBOO-g7b3WRILnKi5-IlQdGxPCkTCGDRtE7Koa4yQxzJCN8VRewwSOutW1oEkd4ChSDjOUFKlLl6TAzR6uN_SKR2S5R7ePmbstU92zjGmMk832k&sig=Cg0ArKJSzDdM0KajMycCEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
smart.js
ced.sascdn.com/tag/3060/ Frame 16F7 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/3060/smart.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94a8a54597671a92b6a5c081f02c4117852e878ec895e9efcf704011655ac1e3

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:23 GMT
Content-Encoding
gzip
Cache-Control
public, max-age=286
Content-Length
11334
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 16F7 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4E23 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
truncated
/ Frame F034 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da97faa925633343530efd95674fae46002607f41f4ca9ec0dbeff1d7a15a973

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E8AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcbOqp5B-878NCYPjqf4Ba5GN2PvG5cAYqUHd9aAXrvy2JWmXEbAr1IL0b6lwjKRN2jG-4CWuvtApfcdOSlPzzwFrj3FmgnKsHpHIKdFZa1Tbbt1mxk1IEByFfjsTB7mhrdeza-tAIJLkdl5PJAqvpAyEyARap7EutAk_tR81jm60QdX0kC_u0WbQpnF1wXF5nv8-_fpdLpCB47vA5dNEKXi89WwvZM5nZq-6doN176ciMA9AiQmkHvad4EffvUSl4qljFBFaM9kdshpxsUOmQuKkzEXVrwwx-3AbXtJxwCH1cM9JfAdS2_FnhWeUzZ6JT3bmZQW1AdSKPXDtPatMhVUkcbQfdbumKcwviIY2tax8V1MacaD2O2HbhGxxDX6aROdME7EGNLZE&sig=Cg0ArKJSzMBONHhiSV96EAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E8AB 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01c1c3258f954bd0d94c5050c4b9b1ec1dfe1a1dba77d43a3d3f4a2afb4c28ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34374
x-xss-protection
0
server
cafe
etag
18199295410799919595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E8AB 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame D1DC 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame F268 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
382293
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame F268 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
382293
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame F268 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
97957
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Mon, 01 Mar 2021 05:05:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:05:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame F268 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
382293
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame F268 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
382293
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 22:06:50 GMT
1866585107746493370
tpc.googlesyndication.com/simgad/ Frame F268 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1866585107746493370?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmMfs1xWh_6h7jc-__bBo8JmopWmQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
510ad45e57537e844d5a2be03374a679df840aaf24918cbe9f7d73b5a5ad6afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 20:30:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 13:39:33 GMT
server
sffe
age
474472
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46207
x-xss-protection
0
expires
Thu, 24 Feb 2022 20:30:31 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F268 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 04:27:12 GMT
x-content-type-options
nosniff
server
cafe
age
13871
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:27:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F268 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
36078
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 02 Mar 2021 22:17:05 GMT
truncated
/ Frame F268 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
997040a22f2acdff00363060213cbf3d82b59e95cec160a9742639923a99105c

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame F268 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgqDlg19_P7byC21fHNGJC-tW0IUiuvXJNCK6xIyh5I5_iX5CMP00NwUFQxT6r10sxQ9MMh1oOLxSwdg-w6WOHhcbHsw
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame F268 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9sc7zvQ9YNOVJNeP-gb48J2wB4S6kMxhifGsp6UNos2Q3dogEAEgwbDsdGC5-MeA3AGgAan07PUCyAEC4AIAqAMByAMIqgTcAU_QXgmbaWS6LlQW_RpEO0S1BhRkIs8UW1THtgUWeuw5sOptQWg6pHhhFbGnZgJVUEMA9mTl8sIBGtXprA8cPT8pK_J-WbHpsqgdsfMOrSlGPTsXECFnvDG3PTxI0ADmpky3lH1yFlt4mtdZaoNgQmU3_Di9AW9pR7Pme6WMQU7l3He64oISBuUUhCwoPTLORpsztR-zz_CComD_UjlQ8hl-HNIuWNZMS4OawBnBUxcV1v1HnVbufGfkZw9p0JpGk06uU_9VsrODbKwbgzbsuBAj0iuyzSFfMuZOa0fABLiRlOi5A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAewoePHAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC0-w7SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE1MDY5ODEyODAzNjY0MjGACgPICwHYEwyyFxoKGAgAEhRwdWItMjk2MDc5NTg3NjIwNjI1Mw&sigh=YqN_7x9lDIM&tpd=AGWhJmvW5B5xeGUbv3-KjGP44ImLDxAhm0Cj3wbsRJcVDJ4mAA
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
HfXIXAcbu3vvOdfwbZ6OIJlJ-pve1PYe8zXJ4L3ZlEs.js
www.google.com/js/th/ Frame B013 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/HfXIXAcbu3vvOdfwbZ6OIJlJ-pve1PYe8zXJ4L3ZlEs.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1df5c85c071bbb7bef39d7f06d9e8e209949fa9bded4f61ef335c9e0bdd9944b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 23:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
205366
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14132
x-xss-protection
0
expires
Sun, 27 Feb 2022 23:15:37 GMT
embed.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame B013 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 02:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
22668
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9681
x-xss-protection
0
expires
Wed, 02 Mar 2022 02:00:35 GMT
truncated
/ Frame B013 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnivifB8mJNB4oS77I1DS6ANFXHrfoZXmNbZLm2V=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B013 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnivifB8mJNB4oS77I1DS6ANFXHrfoZXmNbZLm2V=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ab8e498238d78aa9ba8358ee7a99b154934c5a4c289a9f731cced2801c6794b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 04:38:19 GMT
x-content-type-options
nosniff
age
13204
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2861
x-xss-protection
0
server
fife
etag
"v15"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Mar 2021 17:02:05 GMT
sddefault.webp
i.ytimg.com/vi_webp/UjVVh38tC1g/ Frame B013 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/UjVVh38tC1g/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
968dcbfedc9d25d535164e75d5add0c47371689b0b8800aeed03d0d8b7f46193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1578687005"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35254
x-xss-protection
0
expires
Tue, 02 Mar 2021 10:18:23 GMT
tg-1.3.54.js
cdn.insurads.com/ 		150 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/tg-1.3.54.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=Z5FJF925&h=https%3A%2F%2Fwww.guatevision.com%2F&oo=&v=1.5&t=1614673100476
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
21d3616168aa7c124601171eb571169758206687934e0768f91f53558bf31a90

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
cdn-edgestorageid
481
x-amz-request-id
6F35DC61E322231B
cdn-cachedat
2021-02-20 14:44:08
cdn-pullzone
55316
content-length
40096
x-amz-id-2
YH+7YHTIj601cWdTwo+0x4hv7iILHli/btkawiPkW3pDERNkpwWAXRp0VDnpv8cgvV3/gYRWZNA=
last-modified
Fri, 13 Nov 2020 15:33:53 GMT
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
2e9eaec006713ffd98c8c6b53ff0fa93
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
initcb
services.insurads.com/ 		0
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/initcb?appId=966&vId=56C199291977D2E7&cId=8615&s=1216&dads=0&fpc=1&lts=0&nv=1&npv=1&h=https%3A%2F%2Fwww.guatevision.com%2F&ts=1614673103289
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/Z5FJF925.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.241.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-241-242.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:23 GMT
server
nginx/1.10.3 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3370 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 07:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2674
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:33:49 GMT
truncated
/ Frame 73F5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
967e9eb9a463d40b6643b6715770d86a776197c4568df7f9d5bdac18c03143f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0E29 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82102ebc7b9db490acc2066baa0534eadbe3b36718af9eedf9bb96d15846720f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame F034 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:23 GMT
pubads_impl_2021022501.js
securepubads.g.doubleclick.net/gpt/ Frame 73F5 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 09:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103137
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 84A7 		205 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-3062993627248396&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0dfd8bf221c1f6cdf38a4b07de1f37ebaa990280ea53df6052d143323c343ad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 84A7 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 84A7 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D430 		60 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fdd9174b64dcecd22924157f166a3d12727545991081076db38badaad375183
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6EjIaWke8CFRXGuwgddC8M9Q&gqi=z_Q9YNmvHYrogAfEyofACw&layout=/sadbundle/%24csp%253Der3%24/4684834894734426112/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6EjIaWke8CFRXGuwgddC8M9Q&gqi=z_Q9YNmvHYrogAfEyofACw&layout=/sadbundle/%24csp%253Der3%24/4684834894734426112/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:23 GMT
server
cafe
content-length
21018
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 84A7 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame C394 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:23 GMT
truncated
/ Frame C394 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c04677cdd5494f3532c72b763c7711bc1407560d20c715c9550e4d6658c7a62f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 95F6 		205 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-3062993627248396&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
854e739f066402b6ea1231d7fab1a449665ab59a853fb8be57df16a67595f9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 95F6 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 95F6 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 713C 		59 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fc0975f7d9dba7d39853917d125469a99f6641d286f4355ee8617915d862289
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPb9j4aWke8CFc3BuwgdTG4PHQ&gqi=z_Q9YL-bIYzFgAflzL3YDQ&layout=/sadbundle/%24csp%253Der3%24/4684834894734426112/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPb9j4aWke8CFc3BuwgdTG4PHQ&gqi=z_Q9YL-bIYzFgAflzL3YDQ&layout=/sadbundle/%24csp%253Der3%24/4684834894734426112/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:24 GMT
server
cafe
content-length
20905
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 95F6 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:23 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 30F7 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:23 GMT
truncated
/ Frame 30F7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e0f4f6476736c9d9a5045335be5b98667a6e626b7ebe6d6b3d9e56d78034e4f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 74F1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb8726dd4e35c7b165d46f5f3e13ca8b671cc6fff90aeffdeaeee81c1b3507e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 5C76 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:23 GMT
truncated
/ Frame 5C76 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fff0499ca94b9ffd80bd230e8f7dea19d40c7e2e00e765566bb792797c026d42

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 16F7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60cd5d43e64347ff1017ffa9da2dc209a9675a4be6ceba25a96fab32e5e72220

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame E8AB 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:23 GMT
truncated
/ Frame E8AB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc7b3a8e3a51cf8ac1ddc69cdc59449291f80eb325f7f3b72222ac4c3b9773b9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
ac
prg.smartadserver.com/ Frame 0E29 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/ac?nwid=3060&siteid=307656&pgid=1115738&fmtid=64846&async=1&visit=m&tmstp=354407511&tag=sas_64846&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.guatevision.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3060/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
deed2ca4058628d13a6df12fa309fef4c28f34c4510fef38a02bd1d5375b1b73

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:22 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b19%3b72
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
prg.smartadserver.com/ Frame 74F1 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/ac?nwid=3060&siteid=249937&pgid=965818&fmtid=65672&async=1&visit=m&tmstp=2902284793&tag=sas_65672&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.guatevision.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3060/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
29b11ec3f30c51a622030c019ea5239bd5ae4086a79733ebbce4da23a5280e16

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b30%3b91
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
prg.smartadserver.com/ Frame 16F7 		22 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/ac?nwid=3060&siteid=307656&pgid=1115738&fmtid=64845&async=1&visit=m&tmstp=3219293866&tag=sas_64845&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.guatevision.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3060/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
ad807434f1faf72a716a33ca32416f0501adabefc7aff13558f6229cd742a541

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b5%3b64
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ima3vpaid
tpc.googlesyndication.com/ 		897 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F245837125%2Fprensalibre.com%2Fprensalibre.com_Video%2Fprensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear
Requested by
Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
699a3c1d94a30af13b6161123bab47852dc237e3bcecc3834398f512a422bb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.guatevision.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
534
x-xss-protection
0
CLOSE-BIG_button_izquierda.png
dkae4asr0dphj.cloudfront.net/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dkae4asr0dphj.cloudfront.net/images/CLOSE-BIG_button_izquierda.png
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f800:18:e253:91c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeb34a5fb47419c733c342495588cdb2b9ba2a0554b6e8fb814161574bfd3e60

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
uDt73eBKtnw7lmquoccdWoUSE7unkMZp
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
last-modified
Mon, 02 Nov 2020 15:24:21 GMT
server
AmazonS3
age
89426
etag
"9de4c4476749e9800eeb47b46315dcb5"
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 01 Mar 2021 11:41:47 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2339
x-amz-cf-id
LKnMZVLzAdHPwSPrC_5mrljz0y5irhdwN9izF6kCrK3pozrRtiFuJg==
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 6872 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Requested by
Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7add09a196bf556491a0011bad2ba8453c7b558b230948e1b3755a3844b4dce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:33:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F268
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Tue, 02 Mar 2021 08:18:24 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
1866585107746493370
tpc.googlesyndication.com/simgad/ Frame F268 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1866585107746493370?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmMfs1xWh_6h7jc-__bBo8JmopWmQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
510ad45e57537e844d5a2be03374a679df840aaf24918cbe9f7d73b5a5ad6afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 20:30:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 13:39:33 GMT
server
sffe
age
474473
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46207
x-xss-protection
0
expires
Thu, 24 Feb 2022 20:30:31 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F268 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 04:27:12 GMT
x-content-type-options
nosniff
server
cafe
age
13872
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Wed, 03 Mar 2021 04:27:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F268 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
36079
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 02 Mar 2021 22:17:05 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F034 		205 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-3062993627248396&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1041c9e1f32332d32459b147a3f21a419d4bd9d1ac8d32b2900c6cce704888eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F034 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F034 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E6E7 		65 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f5ac21aee51b704bcd69da5737d53f97d0fbbcf715ed17e0a5d7ebd9c4c0afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:24 GMT
server
cafe
content-length
23459
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame F034 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
integrator.js
adservice.google.be/adsid/ Frame 73F5 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 73F5 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 73F5 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3094524569477426&correlator=3944191833209712&output=ldjh&impl=fifs&eid=21065645%2C31060027%2C21069710&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210302&iu_parts=245837125%2Cguatevision.com%2Cguatevision.com_display%2Cguatevision.com_desktop_allsite_ros_horizontal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C970x250%7C468x60%7C970x90%7C300x50&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&cdm=www.guatevision.com&bc=31&abxe=1&lmt=1614673104&dt=1614673104154&dlt=1614673101975&idt=2162&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=8109&adks=2139551937&ucis=xfiw8avzpmy&ifi=1&ifk=1795986984&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.guatevision.com%2F&top=https%3A%2F%2Fwww.guatevision.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=843967115&ga_fc=true&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7f31fd62d0c9fbab1e248f69e65b161ce9f2c862a00c72c0f0367a8150169796
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2718
x-xss-protection
0
google-lineitem-id
5234261026
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296230501
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2a34dcbb2fc79f908d3fb6a953154092.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 73F5 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://2a34dcbb2fc79f908d3fb6a953154092.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 73F5 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame C394 		12 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-5994300388126378&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame C394 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C394 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E646 		92 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a93b2eb3c4b805fb76cc9ef390cb1fe94532be19d40fa06b6f45dfd3fd9c4f03
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPnGuYaWke8CFfzLuwgdrXUO0A&gqi=0PQ9YNPyDc_4gQe0u6KIAQ&layout=/sadbundle/%24csp%253Der3%24/16078219597566589636/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPnGuYaWke8CFfzLuwgdrXUO0A&gqi=0PQ9YNPyDc_4gQe0u6KIAQ&layout=/sadbundle/%24csp%253Der3%24/16078219597566589636/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:24 GMT
server
cafe
content-length
33490
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame C394 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 30F7 		12 B
55 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-5994300388126378&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 30F7 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 30F7 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0FBE 		74 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2684d2cc0b209a807f3199b86c2402fc7212ada40f68241b848e2bfbd5468ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:24 GMT
server
cafe
content-length
25206
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 30F7 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 5C76 		12 B
55 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-5994300388126378&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 5C76 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5C76 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A7A4 		62 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61c79e965e63cc726a9e46d476c78f892b6e6c325650ee919bc855ba610cc80b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:24 GMT
server
cafe
content-length
23274
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5C76 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
generate_204
www.youtube.com/ Frame B013 		0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ua2H0w
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie.js
partner.googleadservices.com/gampad/ Frame E8AB 		12 B
55 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-5994300388126378&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E8AB 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E8AB 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6031 		73 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d5bbdd7becdea0232c8e8c46847593ffcdbc0eae13f8b462cb37ad922d6dee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:24 GMT
server
cafe
content-length
25029
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame E8AB 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F9EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAnikG3G6LVg1sdBF_jmNzlKoq1u3PV1rT4eH9V2erEMb0fF-sHHO4iAGWmPrk4uyRzs3zFfHGyafIYQChULsezmGeX7oGP7r6TyqX-LY3ql9EROzV4omMKI-D1uR2HE112yCZwWwLevwFe3dXepiRp9pw7ESRAf6ZMJeQa7wrghSTEBTMQ6M3Ix4CsmfIXmlDLfFAnDf79saGBc8i54VX_e3H4VSbJb_KuX3ebf264Vl1iotyLFW_d5h891P3mbPGE52ki7oIyRg5H6RSw2v0hcuX5Kt3258WrsQAdbEH2tfne38vE7K0uONg-Li2K5xOxDyO_UcaNOyF8nVAfDtvvGMgQ5zDLrA9-LNab6whwyPoNoyXskRqNryEVBL-fjJQgd99wHLhx86fI4U&sig=Cg0ArKJSzCSFmRbDY02FEAE&urlfix=1&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
smart.js
ced.sascdn.com/tag/3060/ Frame F9EF 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/3060/smart.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
94a8a54597671a92b6a5c081f02c4117852e878ec895e9efcf704011655ac1e3

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:24 GMT
Content-Encoding
gzip
Cache-Control
public, max-age=285
Content-Length
11334
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F9EF 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 73F5 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6872 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114726
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame ADD0 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10dcb7c265aeb336a4de77d360cd047c2954adddf9c453ef9ffe7a0ec9eb70cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6553
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4E23 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83de8828e19a0585e14cb176467a4683d6e83d2714f2561bb8be2edf09699502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6419
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame D430 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D430 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame D430 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:24 GMT
l
www.google.com/ads/measurement/ Frame D430 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTAyN6bkjRcvs7ZBd3up8K-zSAz4ZqN6QjqY1DASx_3CcvNy60UGGFFBoSddieijhXdwhotuEhxpPClEOAJnNsHD8fmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame 6AF8 		132 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d31c7186b962ba4eb8bbf5138319edeaaaf05f84bd8ea7a7bf340a7e4bc5348
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/4684834894734426112/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 25 Feb 2021 09:24:56 GMT
expires
Fri, 25 Feb 2022 09:24:56 GMT
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
25952
age
428008
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame D430 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ci5cOz_Q9YI7hHZWM7_UP9N6wqA-btcanYbPAvN26DdvZHhABIM--pCdglQKgAdj24foCyAEJqQJVyXhSMC-0PqgDAcgDAqoExAFP0CQj5Yrjenr4aTR2lRRNBYC9YfoEqXfcSZRW38R_LQNHUjS6NFdpTfjitCHFot6RgkDGAP2CugAaVPMN2OZpDrKpYjynYfUCSFFxRPp0slA9jQsRWZDci86gPy64pOGJ7TzQg2RmCMQkRIOYtBS7uemIcym9XTLksf4gM2qEyf19Szu9vbkoWGSuqDnPy5rUlSBM71Qd-O8xttEm5KYMLpwSOF_u-m210tfE413uTvrJLO_NNNCCTIl2-HI5PBryh2QuwATZ2J75uwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAHkImehQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ9LE20ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTMwNjI5OTM2MjcyNDgzOTY&sigh=z5IN9a9gMyg&tpd=AGWhJmtGfSFToc5qw0AL3lTqyw59lM84ycKCh3CstBY7OpP0_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 02 Mar 2021 08:18:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2ECF 		143 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 02 Mar 2021 07:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2220
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 0E29 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjc9nOaa53-tDhZztTvyub996TzVtnM4f-n7ROPyupG-FfFaFWw5Vdw0nDuSK2SK2UBWEDYuTsEmwQt_GTILgY5WeRzPf0TXE7I6_V97YgGywZIMqz3L4M4T1BEpd55oxF3EGnBD7vbfXACQ0NquIh_ae9yqWq6P3A4Hei6tinR_2zZB1ioTLWaQsT52WttKylrmDwCh1L-PYKYlCfWwhZYeCPvMsnY6t-S7jr1TPqyRAaA7LJ9oZmHyVKDK_cze3owFe1u5CvEvCjGKgk3-TW_F7gtpIJOk9R0Me-NFjgN05lCQKNAsLKanJicx5AUMI5TcxXKTWnagHUU6Lo2ujUsj_NDPk-IigJkkU5PgE5T7z_J3YoRBcngVk1I09ltoLAFWFvZUIiqj764ZeYSQ&sig=Cg0ArKJSzJ-aRxz4JgXWEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ADD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXbLQ05-4zdhKGfV1luhzrqQpsAJCBiBRwqE26Ow68Jw6CzHv9yuXsKTDPtCiI5r-KHC_y7o0XVhFoPMBamBokUatclhg-Ey6mGhNY8QhJya14gt3VGhKgQIDtxBCZMuKl8RxP0mxhzmQR50fthIKOCSNhGXAPbMhyzgLZOXLOjZ9uXDKzXtKVdFzJAv7MuUYmFe5DfQnTAYTuzgAl1A9lgjIwlbkhxJWKzwCnELrLSl7kgksl0c4EmNO6M-3GJXn3COyXiC9pozuyA_fZCN-5u6UKA49rfrzNg0Y4775_cEav&sai=AMfl-YT3l-IImBRVgWRSvJn8g7GaOMS2rY505kTaS96281gq543V1d_6gIOzXAnXzy1LtRguC_B79IM_B6ObadvCKNmrIdm9YeBs8syjKVZgnr5wxMi0rgdE8XOWAULO9GE&sig=Cg0ArKJSzLiZTQqoTBjeEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 16F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5ks8Ej_PMUB9nDdkrDUYr5xIy4eFySrydEcB7D6ZayvZ21ZOLvsLNm3vRkwttnzl9a59rRATyo-AMkv1dM3Zeo9KUuCen05l-LyB56x9eHfdIQ9A5QAjxrt8mJsvujWzCg631a823D4x9UJ3xmMvXXOpCxgsI_7hrJd0HfqrrqJB9IYCHMHIP-msH-8POMFoM5JZJ9y_A8dvi4FlSmTTgwrW4qiJmBq32oVRwDwpvBxvxPxfOR9va-2X--gcwiPYAHk36Wmc0Iv2609JrI3CVU616dDpKvaeaSunLJj2s-Qda5zNq380nv5EVPdk-snWJ_XlCbWgMlU7uQbQV69oZoPBYi2VLdvmzLw-I1polIeWvZPRFLEjbK_2lYXgn3-okNTZn3f2xvsyalQ&sig=Cg0ArKJSzNil2YiUPfTkEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A964 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4fd213ede62b996f4413e5816946dbda1d5c6dc33307e472686ca0010fb2a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6459
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4E23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3cwAOyzatL27NVfpZH1tKt3_7pXolSH9fx80nW9RqySoxCnWlflO__ZzbSAgDi4PM4DFaMcHqTNZKLbB8NmWGLU37LOqNUTKV7Jai5y9aEvaFSIRIZ9YcRSHxkbf6P5LnrcFLykEW_9AJJmIynBX7OLP4JITr8gQ-XpUvmAo6cGOM4iYDpFZmHnn8HJumdWlyyaXbZvdH88i3M4DwJCqgWTUFbyXvBvdBnmXEkF9BuFbWlifD7sawbVrOUW7VRRQEBq-Y_dE2WT7mszUfQJkQDif1sL34DZbJ2zZZnfyHX4OzmEjN&sai=AMfl-YSmydT8tGAKs7DQvI8AM9GLVRvo7rXPR4-5hpTIV6sdqrFt0HfOnC7LPVzHiHxQeFs2wL3hUIUid7jHBesyytGaM5ZsOxGsoN3onrAOiut4rFdfY-FBbm8iJ5ci6jY&sig=Cg0ArKJSzAROuMzk9Nt2EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 713C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 713C 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 713C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:24 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame EE5A 		132 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d31c7186b962ba4eb8bbf5138319edeaaaf05f84bd8ea7a7bf340a7e4bc5348
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/4684834894734426112/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 25 Feb 2021 09:24:56 GMT
expires
Fri, 25 Feb 2022 09:24:56 GMT
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
25952
age
428008
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 713C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ci6uYz_Q9YLbaIc2D7_UPzNy96AGbtcanYbPAvN26DdvZHhABIM--pCdglQKgAdj24foCyAEJqQKkxVIVFSy0PqgDAcgDAqoExQFP0NNtkJMJfeHyg6u4h3wsWJ_V5N0-1doxDmBxiBNrAn8as6gc3OI33K0xsxiCbH04ES4i2PWdBpOl699YlvAIYx6nU_T2RqqWGfvad0r9ixX-cnkC_J9zIGGpn6FmifcDmRvAelvgmb7f2ivsdNeaOhNwsJaA0EYlI9yJKf10gKNhgbUlxdLnctbuql7C-efB5O3D66OLbBbL4O52tfUpgil83Q7diuvH5D5vnWvjx0gwLfg5MEU7cA48FmcWcH3OQwmbAcAE2die-bsDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB5CJnoUBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOa-MdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0zMDYyOTkzNjI3MjQ4Mzk2&sigh=6Y7vMpz0uIM&tpd=AGWhJmsVIowXxw8TAhysoTEqA8CgQgznZYXt33I5iiVUzDwWiA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 02 Mar 2021 08:18:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame C83C 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 02 Mar 2021 07:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2220
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F9EF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7a6e998827783e22bbd99ed5df09207c7920e296755bb5671f3ce23d15f9b32

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ADD0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4E23 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame D430 		0
111 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6EjIaWke8CFRXGuwgddC8M9Q&gqi=z_Q9YNmvHYrogAfEyofACw&layout=/sadbundle/%24csp%253Der3%24/4684834894734426112/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 0FBE 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 06:58:46 GMT
server
ESF
date
Tue, 02 Mar 2021 08:18:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 08:18:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 74F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrvMsGbIM5z0YpuInsQFmyI2VPHj3wAddKBHwIlVFpc91q102OTEd7fFDUQe1YjMSham-NJogc8Ci_bUOwc4Ox7HRc9y3Ep6EHahBMuSAfAX14Xn45eYxUCmDAFme4Opw47oM8aTJIMOxNfEkpKlU7DwMWOMgbqhFSnvlh5R8V-B9v43lsar0w-H0NTnM0zSF1ME43S8L5dl_3RdmAYBG7laHci2J221pT-5V4DkAtxCDK6-VpgQ6G2GP1pU3755NYBi8AP7TudeNbnqn2wqI2rMqRVgD82v0xoMzriJGcJ8okXZxNSRzvCKwzlL_nWg&sig=Cg0ArKJSzLE8FL3zxojCEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:25 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A964 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3fRf7bzWs4P4YtWOBtjD6__koV2L7UjPLokzVuMsGQkrX8SwFepJWyrQRSgLaVfOGPzvr0rg_y-_4u0fC4p7T0lAV-_bMupdBrCGGhUAKB9s8zf26W29FNJ3P8bnhOpbJsbM822Hewhx1lpPMSNbUaUPIvhrF17CK5c3uLWp6my7drQ6BXWup4JRMpxrDo0GlUgfJgtEH8rU7fzjoHo3IPSKmJh7EROGo6-gqW8nvxIAiAIkMwgH-RU5LF0WXtYassN2qEXrNwWCsln-61LRTXmBz9KAkUfwrl4PU3-lvzS3RgC7Q&sai=AMfl-YRozVBnSh33p5tdixNJELfk10GPLTUtUzmrNE_magjdgBpuxZ2rhQN9klZ7xnqnugzLzdX8nDpXZ-0nE1JnqH2FP5wXfhhj3wMaNJvOy1skBHH-eiWXE1K5hatj3Ewv&sig=Cg0ArKJSzNat9wKRtIv7EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:25 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A964 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 713C 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPb9j4aWke8CFc3BuwgdTG4PHQ&gqi=z_Q9YL-bIYzFgAflzL3YDQ&layout=/sadbundle/%24csp%253Der3%24/4684834894734426112/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ac
prg.smartadserver.com/ Frame F9EF 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/ac?nwid=3060&siteid=307656&pgid=1115738&fmtid=64846&async=1&visit=m&tmstp=5971863846&tag=sas_64846&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.guatevision.com%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3060/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
deed2ca4058628d13a6df12fa309fef4c28f34c4510fef38a02bd1d5375b1b73

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b16%3b83
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6872 		0
111 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.2760210647831203&wt=1614673105121&sdkv=h.3.444.1&xai=undefined&url=1,https%3A%2F%2Fwww.guatevision.com%2F$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/ Frame 4738 		254 KB
127 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
472e9bb0f57413d011edd48cd920e83a0e18ad61bee4a8e61d39dfd7789a2e4d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16078219597566589636/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Fri, 26 Feb 2021 12:24:38 GMT
expires
Sat, 26 Feb 2022 12:24:38 GMT
last-modified
Sun, 07 Feb 2021 21:55:28 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
129831
age
330827
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame E646 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:17:42 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E646 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E646 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E646 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:24 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 0FBE 		2 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:00:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 0FBE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:17:42 GMT
truncated
/ Frame D430 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46194b1f6fdfb54d42ed148d24ef41d01fdac82873f6190d37ef0605cae1c671

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
6592766407814317453
tpc.googlesyndication.com/simgad/11508451138802040695/ Frame 0FBE 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11508451138802040695/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8550d2be0486356af6dfd482647596c0ba54613aa176c9d7fbc51d0e8053dfd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 13:47:30 GMT
x-content-type-options
nosniff
age
66655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45176
x-xss-protection
0
last-modified
Sun, 08 Dec 2019 16:38:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 13:47:30 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9307939917048078309/ Frame 0FBE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9307939917048078309/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950db286ff15f10c32b21c5663b4ef391b52df1288f5f7f51e768820d7070aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:29:31 GMT
x-content-type-options
nosniff
age
49734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
last-modified
Sun, 15 Nov 2020 09:49:42 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 18:29:31 GMT
truncated
/ Frame 0FBE 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 0FBE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0FBE 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 0FBE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:24 GMT
l
www.google.com/ads/measurement/ Frame 0FBE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOL1fm1lBUiBTlKZenCWjtNvsbzzUMdlp8SlUe6ZEFr_y7Es_7gdYzORGeIElBxLwrAeRsQXUjqZGwioXBxb--RL8LMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
5d4b6918ba53c75bacf90c3e9a55021e.js
www.gstatic.com/mysidia/ Frame 0FBE 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 08:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Feb 2021 01:31:13 GMT
server
sffe
age
86317
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10833
x-xss-protection
0
expires
Sun, 30 May 2021 08:19:48 GMT
bridge3.444.1_en.html
imasdk.googleapis.com/js/core/ Frame AFEF 		577 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.444.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192862
date
Mon, 01 Mar 2021 18:27:39 GMT
expires
Tue, 01 Mar 2022 18:27:39 GMT
last-modified
Fri, 26 Feb 2021 01:03:43 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
49846
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6872 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
integrator.js
adservice.google.com/adsid/ Frame 6872 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
truncated
/ Frame 713C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13c4f47364c6957df756baecfbd508cd795fecd6de706f9a86c34adc2532ae5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
16116594639643821204
tpc.googlesyndication.com/daca_images/simgad/ Frame A7A4 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16116594639643821204
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e9ac2f9cad78e8307216cc34064e1babbafa0f81935e15083faddf710c069e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 22:03:06 GMT
x-content-type-options
nosniff
age
36919
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46680
x-xss-protection
0
last-modified
Mon, 15 Jul 2019 20:10:43 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 22:03:06 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame A7A4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:17:42 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame A7A4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A7A4 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame A7A4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:24 GMT
l
www.google.com/ads/measurement/ Frame A7A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRinUNyEzNmkF7xIs_Hy_hXsD0o4cO2JJI424wbFT_I01EicsuOYenW_ViGhvXlUUBkMjpFbkLGho6Rowt19sfEvP_Wbw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame A7A4 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8d2aaf7646d6a9b92552246e0b4059d1bdd8823f94e232e8c9a48da9be334e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10821
x-xss-protection
0
server
cafe
etag
17492731367415995335
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Mar 2021 17:58:55 GMT
css
fonts.googleapis.com/ Frame 6031 		6 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 06:53:04 GMT
server
ESF
date
Tue, 02 Mar 2021 08:18:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 08:18:25 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6031 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:00:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 6031 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:17:42 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6031 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6031 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6031 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:24 GMT
5d4b6918ba53c75bacf90c3e9a55021e.js
www.gstatic.com/mysidia/ Frame 6031 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 08:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Feb 2021 01:31:13 GMT
server
sffe
age
86317
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10833
x-xss-protection
0
expires
Sun, 30 May 2021 08:19:48 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/14494211456861631754/ Frame 6031 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14494211456861631754/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
411355f65406400c16bd82be652d2ef68ac41fca89aafe902766e06dfac6882e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 12:36:17 GMT
x-content-type-options
nosniff
age
330128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43076
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 10:37:16 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 12:36:17 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/8228070609220178014/ Frame 6031 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8228070609220178014/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe5540b2decb633927eedfbefb6f8a940e54438c3dc8c2fc035c41285ea2aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 14:28:48 GMT
x-content-type-options
nosniff
age
582577
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2791
x-xss-protection
0
last-modified
Tue, 23 Feb 2021 14:03:22 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Feb 2022 14:28:48 GMT
truncated
/ Frame 6031 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
s
googleads.g.doubleclick.net/pagead/drt/ Frame 123C 		143 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUktdFYjCLL_C6FexAz32NhNFK--ACDzX6K_vyM-k0qMwQGc7KKqt_v_0D6pJtA; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 02 Mar 2021 07:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2221
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E646 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd908c6afb87afd8cc30db423ca30f1f93316616345408e3fae641f15d4be6df

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame F147 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29157
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 2A3F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29157
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 6AF8 		7 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular|Lato:700,900,regular|Libre+Franklin:regular|Cabin:700,regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9653dfa1fe6c4626a533216af0c419d80d998e5c32ab8489a524304548b8d984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 08:16:14 GMT
server
ESF
date
Tue, 02 Mar 2021 08:18:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 08:18:25 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6AF8 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 04:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 03 Mar 2021 04:25:41 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6AF8 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 12:41:54 GMT
11529149895678575122
tpc.googlesyndication.com/daca_images/simgad/ Frame E6E7 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11529149895678575122
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
beb74be22a5bc4c2192f567a7d5a8ded575bab80fb76f706f79ca7f109d00981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 10:25:44 GMT
x-content-type-options
nosniff
age
251561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17758
x-xss-protection
0
last-modified
Wed, 17 Feb 2021 05:42:12 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 10:25:44 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame E6E7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:17:42 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E6E7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E6E7 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602225221865"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33469
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E6E7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 08:18:24 GMT
l
www.google.com/ads/measurement/ Frame E6E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzGrQ2iKJYb5cEaEORfmtd5x0lEwTJ-OnxT7C-jLclmWMlOgiiZ_nEbSwN5-iJau5yU7HQEMGdbYbLTZ0Kq3N4-mCYmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E6E7 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8d2aaf7646d6a9b92552246e0b4059d1bdd8823f94e232e8c9a48da9be334e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10821
x-xss-protection
0
server
cafe
etag
17492731367415995335
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Mar 2021 17:58:55 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E6E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cl9xI0PQ9YLv7CKnP7_UPmc220ArNq5e1Ycbs1YWbDdLh0uCyARABIM--pCdglQKgAYSLtO4CyAECqQKkxVIVFSy0PqgDAcgDyQSqBLwBT9CfGV57vsHyFOD6T1IlALCmx-f1UKkIRYWlv3zW05hxGqg6uB61MKA75CDRFltyJHPproJOx_RdMmq0Jqstw0JkmfDL-lgt-7nyeVZSR-jmizt6KoDihFL4ut28F0QgCSYiKgWdbsVuRWwiEqlrg6MxVBEJtwZq5CVvQkI3RhDSnaWcXRcDWMK2FTe3T-I3ZvyEGUxWtHpV64z63knLOs5NB_5ELr1QUUI2RiPY2NEySzisJrLAhlo-goDABJrZ182jA5IFBAgEGAGSBQQIBRgEoAYCgAfk9MuRAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD3uwXSCAkIgOGAEBABGB-ACgHICwHYEw2YFgGyFxoKGAgAEhRwdWItMzA2Mjk5MzYyNzI0ODM5Ng&sigh=urY9TrzntFY&tpd=AGWhJmuDXZ5i-ThiNZ4dCxyJLXPDkCov3VJf4JK2ae_mwERapg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 02 Mar 2021 08:18:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4E58 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29157
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame EE5A 		7 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular|Lato:700,900,regular|Libre+Franklin:regular|Cabin:700,regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9653dfa1fe6c4626a533216af0c419d80d998e5c32ab8489a524304548b8d984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 08:18:25 GMT
server
ESF
date
Tue, 02 Mar 2021 08:18:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Mar 2021 08:18:25 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EE5A 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 04:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 03 Mar 2021 04:25:41 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EE5A 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 12:41:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7120 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 02 Mar 2021 07:34:33 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2632
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 762A 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Mar 2021 15:30:58 GMT
expires
Tue, 02 Mar 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
60447
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A7A4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79b59857d8f3b99629a37c339395f5ea6b8d157af85e6754a32514ba1ac3d408

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
gen_csp
pagead2.googlesyndication.com/pagead/ Frame E646 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPnGuYaWke8CFfzLuwgdrXUO0A&gqi=0PQ9YNPyDc_4gQe0u6KIAQ&layout=/sadbundle/%24csp%253Der3%24/16078219597566589636/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9FED 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Mar 2021 15:30:58 GMT
expires
Tue, 02 Mar 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
60447
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0FBE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebebd73637d8bebdb36daf0818fc2d6a8d0bc4df65856a133a11a7f0f424867d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0FBE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 09:18:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
428413
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 25 Feb 2022 09:18:12 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0FBE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 08:43:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
516905
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Thu, 24 Feb 2022 08:43:20 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0FBE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
359566
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:39 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C8FB 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 07:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2676
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:33:49 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 66E7 		63 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F184419101%2FGuatevision_InsideCorner&description_url=https%3A%2F%2Fwww.guatevision.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3110319014722872&vad_type=linear&sdkv=h.3.444.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3690956696&sdk_apis=2%2C8&sid=A92D2A2F-0E69-431F-BDBD-3D3B86BB2A6D&eid=44729227&url=https%3A%2F%2Fwww.guatevision.com%2F&dt=1614673105986&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&scor=212831695158334&ged=ve4_td5_tt3_pd5_la5000_er995.1250.1145.1550_vi0.0.1200.1600_vp100_eb24299
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7cf6c7974b2d2fb11abb974069ec0947ee7a3a1b6004283cfd0f8a69216bf33f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4738 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 12:33:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4738 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16078219597566589636/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 02 Mar 2021 12:41:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0D2D 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Mar 2021 15:30:58 GMT
expires
Tue, 02 Mar 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
60447
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6031 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75d3b64b969a16acf7360d3443a88c72ac77649089343889b0ab19c29deeb636

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E29 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKFhYYhZVXDPA3eF4RuaPnYU7kGMpDWyyMxlmLf9jmDhBRwTe3dRfYo2Zp-XUiUo53DPD1CJpvlrXqelAsPI6GAzPFObbKZfEocPZud0c&sig=Cg0ArKJSzLCou9P-zBMKEAE&id=osdim&mcvt=1187&p=236,436,326,1164&mtos=1187,1187,1187,1187,1187&tos=1187,0,0,0,0&v=20210301&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2139551937&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1614673102787&dlt=0&rpt=1918&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ADD0 		42 B
92 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttI8xYXQxXg_NUBV8j7-R6HX6V91xiTLt0QNB3YqPlhvRngddzy4ZBqmWGpmKbkP0pkyuq_mERZE9eUmtfUe5P7M_-gYBXEch1KcWTtIw&sig=Cg0ArKJSzMJPRZxMKllBEAE&id=osdim&mcvt=1187&p=236,436,326,1164&mtos=1187,1187,1187,1187,1187&tos=1187,0,0,0,0&v=20210301&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1460864393&rs=4&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 73F5 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7011d3c4c69eaa89b79833141b34be475f9faac14cff8271cbdb78dcb689a942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6412
x-xss-protection
0
u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
fonts.gstatic.com/s/cabin/v18/ Frame 6AF8 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v18/u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular|Lato:700,900,regular|Libre+Franklin:regular|Cabin:700,regular
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e7155833c6617404acf8abb8e48f76bc1bff361860773a9e415df10434225c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Roboto:regular|Lato:700,900,regular|Libre+Franklin:regular|Cabin:700,regular
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:35:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 21:01:47 GMT
server
sffe
age
49394
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22704
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:35:12 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D656 		143 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 02 Mar 2021 07:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2222
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6BA4 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Mar 2021 15:30:58 GMT
expires
Tue, 02 Mar 2021 15:30:58 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
60448
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E6E7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32d2e8fae9c57cb2d0c38cee457240a748ea0b1efc6fd0364cd08cb9a21716b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
fonts.gstatic.com/s/cabin/v18/ Frame EE5A 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v18/u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular|Lato:700,900,regular|Libre+Franklin:regular|Cabin:700,regular
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e7155833c6617404acf8abb8e48f76bc1bff361860773a9e415df10434225c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Roboto:regular|Lato:700,900,regular|Libre+Franklin:regular|Cabin:700,regular
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:35:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 21:01:47 GMT
server
sffe
age
49394
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22704
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:35:12 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2ECF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
156 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=90&slotname=3279441062&adk=1203403863&adf=776186319&pi=t.ma~as.3279441062&w=970&psa=0&format=970x90&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102119&bpp=18&bdt=625&idt=1319&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673103&ga_hid=1098344104&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=5356&biw=1600&bih=1200&isw=970&ish=90&ifk=591562028&scr_x=0&scr_y=0&eid=31060287%2C21068785%2C21065785&oid=3&pvsid=3907127774061165&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bcm15roeqqt9&btvi=1&fsb=1&dtd=1342
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 02-Mar-2021 09:18:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 08:18:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame F9EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjODvLzH0K7QHZXFyn1NKhKQPhuS0mecZtFvfUw2amZ7lD_QL3YUdbr45mpZTj-9Yg1jC7t23itXgT_igaB5fVzCEVCLnbU8o7mUzn2OH4sbeHBRmaZAgVAQhBZQNN-v6cS1QhCfj6OrbFgTyJOmfdl9kJ4NM0FCpG4oJ5vYXK_6D7LStzngQwvQNQJqHh78Ku0hy21if3B2nG42T2bZU-zhrULUk1pyH7s6cBvShgEfiC9cYcUOHCO4Z1DOnC5h2pR6UwbylT_yWdscEgdHrjbztLUYeVJlcooq8uBZRqkQILc5KXevGVO_jQOU_0eJJk5TXBCH8inxGev-dUDrLbgzDv3YUnUU5D8FHiRiB2zKLa2DIu19wkY0XIqAlvNJhkRE39HM6H1WBMHyrkFg&sig=Cg0ArKJSzILBD0QMWn9UEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 73F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkj4JdfdbY7t5V7Cei8Cx9ae3o7S3yblxC3R0k1VQTc1Gz-JiY_0p1V3PVbkg3rSRwIdlX14WZbg9CMTTu0QsASf_bf7Gho4sQ_vzDOS_oqndOHUUgYKWzATc84L7xte5oS_GsOnUl0mn_SDFcfHfdg-mvNPfMV3ZihoffhwUGuRy2lPPl94QNtPkXT0R6udVCLwbiEmn3g94IjTM1peaokjBLoAKhu8pumiNamI9R6vxE9g-C9pMIHs5QKi3LfZKSq4uWISLtPQBwgO7f93-4zzAtmtH0bmtfFDM5ZBDcadpN&sig=Cg0ArKJSzICyLcpkEs2NEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C83C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1993181981&adk=340418343&adf=776186317&pi=t.ma~as.1993181981&w=250&psa=0&format=250x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673102712&bpp=10&bdt=833&idt=813&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=2146910654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=523&ady=5956&biw=1600&bih=1200&isw=250&ish=250&ifk=1444501301&scr_x=0&scr_y=0&eid=21069710&oid=3&pvsid=1919424049829594&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1gudzncidzxr&btvi=1&fsb=1&dtd=822
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 02-Mar-2021 09:18:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 08:18:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 73F5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
truncated
/ Frame 4738 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
166546432362a275af899542d876583bb41224b2c13cdf399bb1871edff5c5ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4738 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74d986f56c5ee88c038417c10d626e8e6ba182100c06a603c7c296cd69da328f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4738 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ed69fe012de9255a0662c46691693c154011e9042e1adf56759921a1f4a38e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4738 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7412205e80b068ac2a5bea19ef9686ece2d7b2ac3a724bd80150268a187b4ebf

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4738 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8608afd205f591ed8e56ade592dae129c7836fdb91d1259868f0645fea9ca6a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4738 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb409f2542af7f68d9484417a5abf64e76fa0f0ac6e09961f35bdfc528e19eb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3de69e6337341b2a3b5dd38bf67b518ae04536f4094700c77f1d0718fd34578

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4738 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cec328dda453d77d1824c45585eaae7347667268a866026acee8d13400958706

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bea73194f11df459501fbb414a944fc876c62dc2a7b22ebd481d457e07f5cee

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a54149354f8872db43e65d8bc5c53087da5717af16e2f217e4fdff30d2f396d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2be708683c7b866e3afe46e6f96c57144b94f060c434cb5f5313a905503931d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c54340af80e1caef7e5fa1f8b7a31d771262abc6dfa67ae79e9ebe0985c6f09b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6af63c5cdfecc2a05ec551afa4c95627062cc404712e91ac85c28c2aeaff2fc2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
987f51b2adf58821c632ff5c96ffaf4c66568002dd5281bebbca05b57cba87ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42894f3ad5731f9b4a4a3351452f09189a1e691009ceab6a19275de45e9304cc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		40 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c622600140a1df451547bbbfb31b4703c0ef3a27562a31e339f0150ffe606aa

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4738 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
868295bb1ecfe7de3f367b2836344af8ca73478c6b5fa70591572fb29c50eda9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame C394 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f2b25b3a94ca0acafec060645a719a45bb88b8e6e84f801d2d5674772933ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6395
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame E6B8 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a10fb59584e54dd3757eb2411cc4bc570d54c7a1dde17c2e883cda73de22a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6481
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 762A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA1u1AM9w57R1Gd1Nl54y8E&google_cver=1&google_push=AQvitUK0V5SiQqLyMgsl4RhTu5OFMKGOBWoyUKqFEacYfLftt8aA7aN7rIKTEOgmHFq5Y1f5d3bhk5Ayt8FTmI92...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUK0V5SiQqLyMgsl4RhTu5OFMKGOBWoyUKqFEacYfLftt8aA7aN7rIKTEOgmHFq5Y1f5d3bhk5Ayt8FTmI92TZC_quTwaLc
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUK0V5SiQqLyMgsl4RhTu5OFMKGOBWoyUKqFEacYfLftt8aA7aN7rIKTEOgmHFq5Y1f5d3bhk5Ayt8FTmI92TZC_quTwaLc
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 02 Mar 2021 08:19:14 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUK0V5SiQqLyMgsl4RhTu5OFMKGOBWoyUKqFEacYfLftt8aA7aN7rIKTEOgmHFq5Y1f5d3bhk5Ayt8FTmI92TZC_quTwaLc
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 02 Mar 2021 08:19:13 GMT
google
match.adsrvr.org/track/cmf/ Frame 762A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI38OKndZ04usyDbnImvAv8&google_cver=1&google_push=AQvitUIfTMhFL1skCu_qqiuzn6qyWFqOBmm-fLXeX63zzH5WmdlvJSZg_0ubQI2XRxxQ0dORGJrRZDI4c414WuWZF_0NZFLVGdQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 762A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEE8xT6_0VrXcsRzwWRGbu0k&google_cver=1&google_push=AQvitULnijE3bd9RKXzNRRyyfuin-JV6F0yLaBB4ZUGXeIcpXm04pNOAZAAen7BJAFuSnK0SgHYMRrx...
  • https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitULnijE3bd9RKXzNRRyyfuin-JV6F0yLaBB4ZUGXeIcpXm04pNOAZAAen7BJAFuSnK0SgHYMRrxGitbqyeMekZBVXL3C6qI&google_sc&google...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitULnijE3bd9RKXzNRRyyfuin-JV6F0yLaBB4ZUGXeIcpXm04pNOAZAAen7BJAFuSnK0SgHYMRrxGitbqyeMekZBVXL3C6qI&google_sc&google_hm=EBAQEA
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitULnijE3bd9RKXzNRRyyfuin-JV6F0yLaBB4ZUGXeIcpXm04pNOAZAAen7BJAFuSnK0SgHYMRrxGitbqyeMekZBVXL3C6qI&google_sc&google_hm=EBAQEA
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 762A
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECwTvWRLU83t6QCU4CFyT78&google_cver=1&google_push=AQvitUIPld2yxja_l2Sx3QfabFtvD0MwNKcIHbU1bPmLsUFEQggmdzaYB9aXT_D_I8s-xyklRzmQnyH82wR...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIPld2yxja_l2Sx3QfabFtvD0MwNKcIHbU1bPmLsUFEQggmdzaYB9aXT_D_I8s-xyklRzmQnyH82wR-0HV0SgPD1hLlyZ4&google_hm=qxTQ9wxyTlSU4DbpXkjm5og
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIPld2yxja_l2Sx3QfabFtvD0MwNKcIHbU1bPmLsUFEQggmdzaYB9aXT_D_I8s-xyklRzmQnyH82wR-0HV0SgPD1hLlyZ4&google_hm=qxTQ9wxyTlSU4DbpXkjm5og
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIPld2yxja_l2Sx3QfabFtvD0MwNKcIHbU1bPmLsUFEQggmdzaYB9aXT_D_I8s-xyklRzmQnyH82wR-0HV0SgPD1hLlyZ4&google_hm=qxTQ9wxyTlSU4DbpXkjm5og
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 762A 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC8QUQXaVIlm7-0K-s2B4pw&google_cver=1&google_push=AQvitULPiob-8vcmFreJGCFQMUq7J6aGLyL7BG1X11_I5R6g91-AJ4Iof76T6FccdLY0Uo84MDcPXonIx3XOD1Df8_cnU2l86Mg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 762A
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitUIQ3QflQpsukx2fxPDEqfDo2z77W1rhF149nvLNeNwQKyGGSGbk9Jgy3...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitUIQ3QflQpsukx2fxPDEqfDo2z77W1rhF149nvLNeNwQKyGGSGbk9Jgy3...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitUIQ3QflQpsukx2fxPDEqfDo2z77W1rhF149nvLNeNwQKyGGSGbk9Jgy3VZ4ESO9CeLBvbOLiMc1h...
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitUIQ3QflQpsukx2fxPDEqfDo2z77W1rhF149nvLNeNwQKyGGSGbk9Jgy3VZ4ESO9CeLBvbOLiMc1hJkzQtdI7yrb8RBimFQ
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitUIQ3QflQpsukx2fxPDEqfDo2z77W1rhF149nvLNeNwQKyGGSGbk9Jgy3VZ4ESO9CeLBvbOLiMc1hJkzQtdI7yrb8RBimFQ
Date
Tue, 02 Mar 2021 08:18:26 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
237
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 762A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG3_rZxAs-pTJOXtZloI7sE&google_cver=1&google_push=AQvitUL2kk7hXFbMVfft9Z3JelRUW9phQeNCYv0yYJNCdeU110nkPwla5ocN9S7qkohVpSCVGPDNTxBqBJe87MiqsZmVXpw...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUL2kk7hXFbMVfft9Z3JelRUW9phQeNCYv0yYJNCdeU110nkPwla5ocN9S7qkohVpSCVGPDNTxBqBJe87MiqsZmVXpwbCkY&google_hm=OTA1ODE2NDMzNzc3MzgzNzk...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUL2kk7hXFbMVfft9Z3JelRUW9phQeNCYv0yYJNCdeU110nkPwla5ocN9S7qkohVpSCVGPDNTxBqBJe87MiqsZmVXpwbCkY&google_hm=OTA1ODE2NDMzNzc3MzgzNzkzNg%3D%3D
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 Mar 2021 08:18:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUL2kk7hXFbMVfft9Z3JelRUW9phQeNCYv0yYJNCdeU110nkPwla5ocN9S7qkohVpSCVGPDNTxBqBJe87MiqsZmVXpwbCkY&google_hm=OTA1ODE2NDMzNzc3MzgzNzkzNg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 762A 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jv4gAb6IkQDnpAdYnr7SJSrRjy_E90r1g1gM6Cs9XaivcZyqXcx5U7TkyClme1wXaM2CK9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5C76 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12217c4b109b709f8449cab89dcd17d97c0e82740e01636eb70d6b41c517c593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6552
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FD0E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d188894701a938d52498bf042753dbbead139cbb49ead5fab0228b457375eb03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6291
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 9FED 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK_IvDHZPT9X67Td0FDHPpo&google_cver=1&google_push=AQvitUI9b5F64Q11xZBnIvG6aFtQv_poxGnepLEP0aqDPuaEBMyOaTvd5_A52QEXPJ9ghVQCRni7KXsKV7--Z7Qv-N5Bp7IqEDLN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FED
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA1u1AM9w57R1Gd1Nl54y8E&google_cver=1&google_push=AQvitUIZcVmV1AUNtwqb0SYjJKUoZ20Au_2UgZArPigfoXxqYdLdMx8H7WCazSPcLlnSbcOC8hEopbByJ_REJ--c...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIZcVmV1AUNtwqb0SYjJKUoZ20Au_2UgZArPigfoXxqYdLdMx8H7WCazSPcLlnSbcOC8hEopbByJ_REJ--cf-HeVofZPQkJ
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIZcVmV1AUNtwqb0SYjJKUoZ20Au_2UgZArPigfoXxqYdLdMx8H7WCazSPcLlnSbcOC8hEopbByJ_REJ--cf-HeVofZPQkJ
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 02 Mar 2021 08:19:14 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIZcVmV1AUNtwqb0SYjJKUoZ20Au_2UgZArPigfoXxqYdLdMx8H7WCazSPcLlnSbcOC8hEopbByJ_REJ--cf-HeVofZPQkJ
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 02 Mar 2021 08:19:13 GMT
pixel
cm.g.doubleclick.net/ Frame 9FED
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEE8xT6_0VrXcsRzwWRGbu0k&google_cver=1&google_push=AQvitUL8XtnByttNca3ZrdUnTRwOem9kJ62Fw4DEUna3TdNSiGYXJaFndsrArcwoccx5L7BtladgeE1...
  • https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUL8XtnByttNca3ZrdUnTRwOem9kJ62Fw4DEUna3TdNSiGYXJaFndsrArcwoccx5L7BtladgeE1cuYppBlm8lwsHEJejvWt1&google_sc&googl...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUL8XtnByttNca3ZrdUnTRwOem9kJ62Fw4DEUna3TdNSiGYXJaFndsrArcwoccx5L7BtladgeE1cuYppBlm8lwsHEJejvWt1&google_sc&google_hm=EBAQEA
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUL8XtnByttNca3ZrdUnTRwOem9kJ62Fw4DEUna3TdNSiGYXJaFndsrArcwoccx5L7BtladgeE1cuYppBlm8lwsHEJejvWt1&google_sc&google_hm=EBAQEA
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 9FED
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECwTvWRLU83t6QCU4CFyT78&google_cver=1&google_push=AQvitULBgzWn6A9sURZDBHsFKF5_DTqIcO9aoFyl_r-zOi7PBIXoF-_B-ovhaCOsvKr4IYSEXQ4SFyBNHRq...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULBgzWn6A9sURZDBHsFKF5_DTqIcO9aoFyl_r-zOi7PBIXoF-_B-ovhaCOsvKr4IYSEXQ4SFyBNHRqHWzSWoFT12TeqEUEf&google_hm=LRUNn84fRp2TpyvL4slnzIg
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULBgzWn6A9sURZDBHsFKF5_DTqIcO9aoFyl_r-zOi7PBIXoF-_B-ovhaCOsvKr4IYSEXQ4SFyBNHRqHWzSWoFT12TeqEUEf&google_hm=LRUNn84fRp2TpyvL4slnzIg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:25 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULBgzWn6A9sURZDBHsFKF5_DTqIcO9aoFyl_r-zOi7PBIXoF-_B-ovhaCOsvKr4IYSEXQ4SFyBNHRqHWzSWoFT12TeqEUEf&google_hm=LRUNn84fRp2TpyvL4slnzIg
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9FED 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC8QUQXaVIlm7-0K-s2B4pw&google_cver=1&google_push=AQvitULYcOlEiB-qvXXPiEOHZJcMuIHYJOGAIOotHd4gPItFenVtgvg1FT_Xt2FOBjP_968RNbkiPu7PE-vwEnbGnzmNdMoA8is
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 9FED
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitULLaNyPhA8p4ZpGuMgwQFWN0JAa5s8MvN4F5MAx1DsVeD32YbtwbEp3Y...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitULLaNyPhA8p4ZpGuMgwQFWN0JAa5s8MvN4F5MAx1DsVeD32YbtwbEp3Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitULLaNyPhA8p4ZpGuMgwQFWN0JAa5s8MvN4F5MAx1DsVeD32YbtwbEp3YoibUUbrd0gVNixlZ3_BO...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitULLaNyPhA8p4ZpGuMgwQFWN0JAa5s8MvN4F5MAx1DsVeD32YbtwbEp3YoibUUbrd0gVNixlZ3_BOr2sgwW2k4bzFD7DREnB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitULLaNyPhA8p4ZpGuMgwQFWN0JAa5s8MvN4F5MAx1DsVeD32YbtwbEp3YoibUUbrd0gVNixlZ3_BOr2sgwW2k4bzFD7DREnB
Date
Tue, 02 Mar 2021 08:18:26 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
238
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9FED
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG3_rZxAs-pTJOXtZloI7sE&google_cver=1&google_push=AQvitUIO03zY5Yo8Hk5aiKHpGooAz2ebDVb3Z2lDGah4bi2JUks-PmN8x_CzHHeWaU-So6DSpWyDcubLkCefQP4HLSwib4J...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIO03zY5Yo8Hk5aiKHpGooAz2ebDVb3Z2lDGah4bi2JUks-PmN8x_CzHHeWaU-So6DSpWyDcubLkCefQP4HLSwib4JXDfo&google_hm=MjcyODY2NDk0MjczODg0MDU0
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIO03zY5Yo8Hk5aiKHpGooAz2ebDVb3Z2lDGah4bi2JUks-PmN8x_CzHHeWaU-So6DSpWyDcubLkCefQP4HLSwib4JXDfo&google_hm=MjcyODY2NDk0MjczODg0MDU0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 Mar 2021 08:18:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIO03zY5Yo8Hk5aiKHpGooAz2ebDVb3Z2lDGah4bi2JUks-PmN8x_CzHHeWaU-So6DSpWyDcubLkCefQP4HLSwib4JXDfo&google_hm=MjcyODY2NDk0MjczODg0MDU0
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9FED 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jk2FANLjNPJLbRM3uL7m-yK1q-c-RiQJHEsyfp6-Rdjq7MkVSXdRd0UKg7fIbg5BloUWgS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 30F7 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29ae5dab602c1e1dd82f89dc9fe57301a2a69ce3127ae12cc50606af4b56a027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6499
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame BC3C 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca1d17cdebac0d3655bb2022dea5c8b611005fb6aa4899d954529538e934a841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6449
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 123C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=467761242&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103475&bpp=16&bdt=515&idt=720&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-2217de1af3a600b0%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MY-6Nz3I9pzryxrLTzcebCM_u4OfQ&correlator=885621000075&frm=23&ife=4&pv=2&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=245948215&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1376&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=31060288%2C182982300&oid=3&pvsid=949154445887779&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.g78st2ju27rz&btvi=1&fsb=1&dtd=740
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkADoazPnxwjaxJEJO_MPMFBEFKqU3x4wDH9EciKCVU-jt-KNfpsMWIm078YQE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 02-Mar-2021 09:18:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 08:18:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame C394 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvpUO1wHhN56GPne1J72R-lqy09kjK8ZntT1YG3SwWEsoSVtUuWIFwcixr14OubbFCBgR2Zr9qoeb0sMzulPZfLqLfN3xMwVyxDS9zxUKrKniIMyJKc9_HJzgGPjZgp6c9573SCuas1wZasBDTWcGQhlSUr7V_Z9ly_uCNUZBS6Z6A2w6SdI5FGqD3WtYW-T846CImMNuCzx5Bryots1biDxTrsmP1706TyN5QFo3foqzjMmtcUsOcvfwknqq5crn6zC3jAIFzLMpoh_gRMfOa29QTmFbLOS5MyyY74gKs-ZQQFiC8BNlC-JGFgIvZfMyqHqRRCk0l2X6Z_VAzp1oF8Vt2Ulz83q7ddhYnqHYbSvlhGQ4uQkXXpSf-cT-TlZsYkZ3a0B-JBRE6BA&sig=Cg0ArKJSzJDUwyYAoAo3EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E6B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-1oW25SoqDlrsQPcjeWmfiGOKxkFSsc_yzxPbbOqtG3eRpR8y8mI-g2jHkX2MJmPRW6Fxq_lCAys6Lo5DcOI0DPVeEH6xsfhf_KT-SpvFTFLxeEvH9PgF6aVjTTvWMuxgUh6dZleTr6PXlzLj2LCOjqFAgAhy7TyyBVZNBEiBNoXxFEU-HfGaMR7c9QUIYNqdMWrVaQLX90n61f2OwHA8XwMZAmCI1rO2xxLWH1mrs65jGsKlLdso1SEPCJZBv6be5hihJrUqELSHAEjFy6FslFF3MsdJyFL93T7GH4RlQQnK48Ek&sai=AMfl-YTTJgkbZ5iDCVqqqtcV2Tl9h7IstEBrD2cvyXFZD7Z9Bexl2HeuxWZ_mSaShoLKzd_YfLp1FdUEncGGl6uXA9-BaKqGQXHMwIY-QwtljBLJdQpw670TSJg0j9ZfS7s&sig=Cg0ArKJSzG-3PssZu0x5EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6031 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
359567
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:39 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6031 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 09:18:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
428414
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 25 Feb 2022 09:18:12 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6031 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 08:43:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
516906
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Thu, 24 Feb 2022 08:43:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C394 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7120
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkADoazPnxwjaxJEJO_MPMFBEFKqU3x4wDH9EciKCVU-jt-KNfpsMWIm078YQE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 02-Mar-2021 09:18:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 08:18:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E6B8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5C76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstq7iMCkgueB0j_iA6wTSfnvNY62PSYHx2LBABdMP0Kv4DfEs2gxUCqsAqylKoUz6d77ua5rteYyY5ZPc_g___l2DtMnLAVW-C7LF8G3MkCImGfqi4ye3oxb_ggyJfADl1Kj4sUgcKC_ztFMbv9o1NcPnYd_FunKiFgVF_d54TDlE3L7lTdYZSktt75YwePp8x0Y73T0FVGzdFxrXFjtZUZO8xPB0WBy-TB_RA8AZ7fJ-ngfhcp1SnasB_-V6NQkrUQL8uK_LGchQMlSDW7XF4zWx0WbvtQDiav6Qx9ShfSPKxcO6IYRoX8jXRK1SOhFx2pS2p8gYEzc8wGM-ZbTxE8A6VvU7ML33uxixYEJRrFukcUOwy_B3302IpHWZXuy6Whfr8Ftx3IX1ssFtgv8g&sig=Cg0ArKJSzKH7gAHfs-rPEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 69E8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761243&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103604&bpp=5&bdt=583&idt=673&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=647242072&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2128&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=182982300&oid=3&pvsid=4458498935981877&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.83jbbi3ezauh&btvi=1&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97562
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FD0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUPD16lXBD0mwrcKjuhXUqKQFozd4V2hg57A4t7jJDPlOm-1KO6_UBoXhvRxZxLLL3Tj_zyn97BargTYRB3y6y5JYLkk7ZVtdU9bJrPmw33haxqD0D2zncnOGj34pZ_ftjGHjF3hn9t0bXCe6ZZa8LQYaRiC16bY8Qs-B6hiiVaGYfzUqTIXnF20EWyQJ9drXmq5eJx0FHtBWpApdp9UVz0pq36VPZadq1_Ht9dUXErNVjkTbERLgt9knVMPP2Y-25zly8k5jFOZ7-eNJU2Yv7L7GJVkGUuLy5vXc9UANC3l-2jw9e_9szpbr1&sai=AMfl-YREC_AbcupzBbeFxG8shJH8GSaIQPf9azyd95pI21Qf_vZZ3RZ2R4rXr1cGY1HwPDaM6f7V_mGjhO_gZr30JiwhXQ3rOyyAz1dtFxl9rU2Vv4A3QQ1A-gxlMjDycDE&sig=Cg0ArKJSzN67WQ_GE2EkEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame AE31 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29158
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5C76 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FD0E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 7B6B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=90&slotname=6501693168%2F3510472249&adk=243065658&adf=467761318&pi=t.ma~as.6501693168%2F35104722_&w=728&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103543&bpp=9&bdt=555&idt=700&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=72142533&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3879&biw=1600&bih=1200&isw=728&ish=90&ifk=1809768226&scr_x=0&scr_y=0&eid=31060287%2C21068084%2C21068946&oid=3&pvsid=2098651799361220&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4chp9vssn9wr&btvi=1&fsb=1&dtd=719
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97562
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 30F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstO57_nz3gyuUQZDg-S2xIEP7cx3dena5N0YOiS4G8QzjD0Gs0mvRpwZWIK1dPjjcUCAEEjdT_TY1LS21CBjZpubIF5ZZP-xAb0ixhezV6GDG2SOxM55dfMUk2p3lq2MZCi_rPymhiA81vhK29FJkI73xuvlYstzh6Qw60x9-xUe714pLndKWJXVE0urcz5_1rZcN26d_IkwfTLT1z1jM4JmOd9pefX7S4ec1vGtsqDQnbeuOZ6R360WkPzGXFNXlHUqX_MduOBRA4yZZuSgW7uTZu_C9ydVRAHNpeJpKEWWZyqjQd7RHPRyN6lZ9W21a5AJyoyfV9MGUtOJry9FFe-cdNqLa_lQxzBSqYz8tR824E-DXfIBwSKbxo_NWZwbFA4cJvYztVNEFroeKU7hg&sig=Cg0ArKJSzGK9ewLr19xoEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BC3C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSW5DAKWJg6kCOT_bBLlcSp0jeuPWXmUSPm1isouKYKK2x49DS5zdtPAlgjPqZcqWLKPqVOiU_fFDnDsgpxrvuYE1urXejCiLbp1954HyoUrxuWq6GnZrZycV9nqIUfDIx-pMf9pztCZ84RHUTlkNFlp5cXRCq53pi7QyqtpHwL6A1ZQHi4QYnopsffjfHoKyIkV9BcvPAJrH-wORNV8fnhLtDFyyTz3JnoriWnO6AowzChGtWkIo794h-SYD1poP7c5vNyVpudJ2nVixVMu--dK2C2vQqHTenxyL6QfatdfjA7mBgbQ&sai=AMfl-YQvibDMs1XcsytBADqnhNPvMGlVcZ1eIKV0VwsDSzDmsQ3T3by3wkjKcvSbaQ4UIi0cvv0k0tFFxD5NooMqG9nyCw54XFYmr9irQmbyxmFcCCnrxI6A89C0Bs-V2Tg&sig=Cg0ArKJSzLBiCffnGbJpEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 84A7 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ad869b5888dcb3a2db4223e9dc8fe89c914d6e1e0578011aaa59a86882f9aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6465
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 30F7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BC3C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 95F6 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c78a2d72386a8c04ee37f10b1cd94074ee2ce4f89bdd71fd78e6d00b0870eca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6514
x-xss-protection
0
seasonax-logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame 6AF8 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/seasonax-logo.svg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78cff144d0df7f7169ec437fb20420ac87abc873d8d9e6e76b14e262d241fb2e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
378571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2275
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Thu, 25 Feb 2021 23:08:55 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 23:08:55 GMT
cta_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame 6AF8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/cta_2.svg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94017345086bb3e9fbc241dd2b34465ea1d037bfb7f8d3fb351503d32c2a76b0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
334903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
762
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Fri, 26 Feb 2021 11:16:43 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 11:16:43 GMT
seasonax_webapp.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame 6AF8 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/seasonax_webapp.png
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c122fe3fee61c7529deb6893e99c7b52081dfac50288db7e5b1a5488782e624a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
49835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117223
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Mon, 01 Mar 2021 18:27:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 18:27:51 GMT
grosserraster_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame 6AF8 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/grosserraster_1.png
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
039a0ae0f2110694e18d4f6346f57da59c923d27dec04ac90edb677785dceac1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
334903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19152
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Fri, 26 Feb 2021 11:16:43 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 11:16:43 GMT
dpixel
cms.quantserve.com/ Frame 0D2D 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK_IvDHZPT9X67Td0FDHPpo&google_cver=1&google_push=AQvitUL3Cg9UBVPp3WxD4SbdbtXyYodEzMCsg_KkipZL-lCI-wjqPxmGo_9jKZqtctIiZ8vpMmMMykpHwYqQBweuVblbnkepBAM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0D2D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA1u1AM9w57R1Gd1Nl54y8E&google_cver=1&google_push=AQvitULqbAeMDT-uP0WI_pjW4kiCaGWIeKu_28rGS5dRYUtwA68_OP6c5MykLSdbk9f8QotYhJO6XBm9wNvydddu...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=-BdgPfTSRAC2hp7gISf8kw&google_push=AQvitULqbAeMDT-uP0WI_pjW4kiCaGWIeKu_28rGS5dRYUtwA68_OP6c5MykLSdbk9f8QotYhJO6XBm9wNvyddduM6ok2WhpQ_g
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=-BdgPfTSRAC2hp7gISf8kw&google_push=AQvitULqbAeMDT-uP0WI_pjW4kiCaGWIeKu_28rGS5dRYUtwA68_OP6c5MykLSdbk9f8QotYhJO6XBm9wNvyddduM6ok2WhpQ_g
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 02 Mar 2021 08:19:14 GMT
Server
MT3 3518 2f03077 master cdg-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=-BdgPfTSRAC2hp7gISf8kw&google_push=AQvitULqbAeMDT-uP0WI_pjW4kiCaGWIeKu_28rGS5dRYUtwA68_OP6c5MykLSdbk9f8QotYhJO6XBm9wNvyddduM6ok2WhpQ_g
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 02 Mar 2021 08:19:13 GMT
google
match.adsrvr.org/track/cmf/ Frame 0D2D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI38OKndZ04usyDbnImvAv8&google_cver=1&google_push=AQvitUJosYk4k5KzkQjF4Rwm6USZUO0yq0sTGFRuDUrYZuxG4YCUsaAi9rXdrmCw02JuNR16cRhLzRSR8wElbWCMG3nIjp8cB22X
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0D2D
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECwTvWRLU83t6QCU4CFyT78&google_cver=1&google_push=AQvitUKQWKFpjd3pAagbnwobRKX0OFzX2D3L0sgW5iIHbYFPBPmQF-gyxkF-NB0I2WRzZ-YIrYucYa1wh7F...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKQWKFpjd3pAagbnwobRKX0OFzX2D3L0sgW5iIHbYFPBPmQF-gyxkF-NB0I2WRzZ-YIrYucYa1wh7F1XTXrhlcezjhXnXGq&google_hm=LRUNn84fRp2TpyvL4slnzIg
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKQWKFpjd3pAagbnwobRKX0OFzX2D3L0sgW5iIHbYFPBPmQF-gyxkF-NB0I2WRzZ-YIrYucYa1wh7F1XTXrhlcezjhXnXGq&google_hm=LRUNn84fRp2TpyvL4slnzIg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUKQWKFpjd3pAagbnwobRKX0OFzX2D3L0sgW5iIHbYFPBPmQF-gyxkF-NB0I2WRzZ-YIrYucYa1wh7F1XTXrhlcezjhXnXGq&google_hm=LRUNn84fRp2TpyvL4slnzIg
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0D2D 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC8QUQXaVIlm7-0K-s2B4pw&google_cver=1&google_push=AQvitUIjYvbdTGeolyfSUnISOvbfbG3rddVHUkAARaeUqeGtV6FWp5TlOMC1tyhUMx1-6L2oEpFWx_75RZAj6OLjaYSsQde7FEaX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 0D2D
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEK9wi3cExhIXe-xdbuaCW0&google_cver=1&google_push=AQvitUJR8Gbci-azZO2tzND7Y6fH43YMIims0Jn-eGryiv9MSQwvLNi8a5yhH...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitUJR8Gbci-azZO2tzND7Y6fH43YMIims0Jn-eGryiv9MSQwvLNi8a5yhHuh8viumDKGd2P8TdpFPx...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitUJR8Gbci-azZO2tzND7Y6fH43YMIims0Jn-eGryiv9MSQwvLNi8a5yhHuh8viumDKGd2P8TdpFPxpjzuP2FIi-3BmozgV-R
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_l1jQ87mRWNtlgMTMwv6cw&google_push=AQvitUJR8Gbci-azZO2tzND7Y6fH43YMIims0Jn-eGryiv9MSQwvLNi8a5yhHuh8viumDKGd2P8TdpFPxpjzuP2FIi-3BmozgV-R
Date
Tue, 02 Mar 2021 08:18:26 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
238
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0D2D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG3_rZxAs-pTJOXtZloI7sE&google_cver=1&google_push=AQvitUIEevtgQZ2TEDzWwuf2FGwnT5ZUJDHVZbbGQOh8LtQizlZ6NhWZ5U5EyvV4NbxwsPBbvY2Qe0Q4zobWhQfkyAmgQS4...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIEevtgQZ2TEDzWwuf2FGwnT5ZUJDHVZbbGQOh8LtQizlZ6NhWZ5U5EyvV4NbxwsPBbvY2Qe0Q4zobWhQfkyAmgQS4UbBY&google_hm=OTA1ODE2NDMzNzc3MzgzNzk...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIEevtgQZ2TEDzWwuf2FGwnT5ZUJDHVZbbGQOh8LtQizlZ6NhWZ5U5EyvV4NbxwsPBbvY2Qe0Q4zobWhQfkyAmgQS4UbBY&google_hm=OTA1ODE2NDMzNzc3MzgzNzkzNg%3D%3D
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 Mar 2021 08:18:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIEevtgQZ2TEDzWwuf2FGwnT5ZUJDHVZbbGQOh8LtQizlZ6NhWZ5U5EyvV4NbxwsPBbvY2Qe0Q4zobWhQfkyAmgQS4UbBY&google_hm=OTA1ODE2NDMzNzc3MzgzNzkzNg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0D2D 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KV_L-dhXldnglYy7k0SS8L2ST3_62TOhGNaHAMMnv087TutkINTIRVbJtQqcfDfGA3mcD0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame E8AB 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aac2070e9adac3977b9c190da8f08a3352b697f82d68cbd0d05e51d4e14a75ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D1DC 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ce5a72e8cc948085e52ec8bb525fe1f11d50a4d54d0835de63c9937269add01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6449
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 6BA4 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK_IvDHZPT9X67Td0FDHPpo&google_cver=1&google_push=AQvitUJwiJQLDzcOjXfQ3Oqgfy0XH6GCPU6OI2Z4RTw-xUHAUQIMM4day2CJ2Su1ehrM4rlx2jABkCJXONx-AUPK1R2k0SpgTdxt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:26 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6BA4 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IC0qXIhFjbIyeTsgnwSFb3LC4CIO-0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:26 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame F034 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
410484888c034648be1576dff700679a4ff7713a240e3175fe92fa0cad3d2c83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6514
x-xss-protection
0
seasonax-logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame EE5A 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/seasonax-logo.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78cff144d0df7f7169ec437fb20420ac87abc873d8d9e6e76b14e262d241fb2e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
378571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2275
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Thu, 25 Feb 2021 23:08:55 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 23:08:55 GMT
cta_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame EE5A 		2 KB
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/cta_2.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94017345086bb3e9fbc241dd2b34465ea1d037bfb7f8d3fb351503d32c2a76b0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
334903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
762
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Fri, 26 Feb 2021 11:16:43 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 11:16:43 GMT
seasonax_webapp.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame EE5A 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/seasonax_webapp.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c122fe3fee61c7529deb6893e99c7b52081dfac50288db7e5b1a5488782e624a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
49835
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117223
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Mon, 01 Mar 2021 18:27:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 18:27:51 GMT
grosserraster_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame EE5A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/grosserraster_1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
039a0ae0f2110694e18d4f6346f57da59c923d27dec04ac90edb677785dceac1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
334903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19152
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Fri, 26 Feb 2021 11:16:43 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 11:16:43 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame F147 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97562
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 2A3F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97562
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 4738 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97563
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 84A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunk8iCH09sXDCX9gnwT8kihDTeQU7CiBQcPKHAC3JQYjtzf6r9OMSIGgyYjPgH3sOXVftnVO3BniF8l1hd4rgp6QT39LE8u4V0FNsUxaSe-NVmTxn1sVyAS714fxo6S67WQHke4HAhBIjw5F_sgI54zYSMq0lf27NKjCw1JHv4FCD6PbbNdARQLJQYh19Ljz2Op74qnPe20Agy7zHO0XOFUg0yOmK8n47dLxwRkwV033YTcG2TFF5liSFGO0tYbVhafyk5Dv8CSDXLLoWlO8kgSkm8PiTxUvgAwSYCI492CZsoy8nnMw&sai=AMfl-YSQnk1xHLz9KWIWcVq69kMbCkSPIffy346P8xS2uJQRT-r44qWOg1B39dvIogvveMQrEEcCCEIx7DXneKCJPrkQ0meEh8DNSLXjJgP0_XR5o764au77qMD_K-a0np5i&sig=Cg0ArKJSzG8vKIp-5tMYEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 84A7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 95F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKQPxzxts-PTmre1ImYl8RizIePmAQjDG1rLRo7uY0xIScOWOu9a1W6HVAMZ-GyXeH7YnbXkumFgyqWxypclPBk6K5C0Z78IQ6M8H4igqyjp6BqEe9pUz3IHfb43OICkWmU_kiy8lmh9su-4952mD0sd4up2nSDFbN_K7ZDAmBvEoAKps2CdEp-I476cuIjuIqGqet1Swamxi85OIR06BGQk7YkRbVV3tNVMVZdI7XKBlj3nGBOFnzMUrauNP8AyD5zx277IZ017OwPYlxBhj7UJUOVyzUAAErlcB6jspiHXFivQYHZQ&sai=AMfl-YR2kjDZAsAQoetLxacWJI0-16-vr3EhOZX1mtfi_BvvF4mvsbvyJKLKPnucTP4TWnJsAkITADBJO5Exa0bXIzXWPbcqsRs8QnR9zsn9LDkx1e4-bpN1VfAVmDGHGOTe&sig=Cg0ArKJSzIYvGHMflLQ1EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
endpoint
messaging.insurads.com/rt-pub/node/messaging/ 		80 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://messaging.insurads.com/rt-pub/node/messaging/endpoint
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/tg-1.3.54.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.241.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-241-242.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
9b9e97516af383e273aab37c5d4a4a941235d5c890865bc9104ea7cdfd828567

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:27 GMT
server
Kestrel
content-length
80
content-type
application/javascript
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 4E58 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97563
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 95F6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 530A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994300388126378&output=html&h=250&slotname=6501693168%2F3510472249&adk=973933505&adf=2563117657&pi=t.ma~as.6501693168%2F35104722_&w=300&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103689&bpp=5&bdt=530&idt=861&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc5b973f202a74a97-22dab852f1a6007c%3AT%3D1614673103%3ART%3D1614673103%3AS%3DALNI_MbbtJEZfbgWI-MiUG8ClX0PP_YNow&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673105&ga_hid=877263214&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=5013&biw=1600&bih=1200&isw=300&ish=250&ifk=2244372012&scr_x=0&scr_y=0&eid=42530672%2C31060287%2C21068944&oid=3&pvsid=1218835287666070&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.isprzsfs6xuz&btvi=1&fsb=1&dtd=889
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97563
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E8AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAgPhp4qSnXhsgsoi-qMKnDWEF3dxbUhHtXhEK0r4CDhqN1ZzkalxPWSAagyjnE_mrpuPzSeijKcWWOcMbM-BznwNFA3EuX2Cq4DGWSGfjmthiuQitom671qrapb0jzbXaUzgSwnaTQs_Py9ejXyAkIj-KmNHXUXAbf1m1HkAhcgeuhRVIqYVmASML-zwIP6OoUE4j5Uy-_6QTn-Ak32R02lHAi8e05lLl2O0n0NiWgeAW4uEI8xLQjNLsaB2W1oYfDEWeaTQxt6b23CXg4V4nNntDbt1qLMBxrXviXHaIukxb0UFlCvhk_y0x2lKo8u4U88iTE5V-o-_vuM8ZviddN6-rmWWyZhQbbMPfjW-FugC50Ek2q1exHwWagccZq9jrwrIeri9bChoQ9A&sig=Cg0ArKJSzBFjDT6ARwEJEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D1DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5ETcqFAPiB0UUDV-TQEmwe2Dy004Wq0d_VthBZWyeRGTSFHlAIPGvGWmrp0_zr80KLgsrx4gH0lD20ggpmvLTlDQ_oJgY1esGgmIKiUVpi1yJ0jKloPwGJtRJjW5jbmvP14rtsGMKWNXe_UK8if1NNfwp4bEuKiQAR5MeRbK4Pl0-gxTtqDXszmDF2Z9MndaTZdlhKkci3_vo70GdusaPhMPDRwV7K-q9GNL2UlDKWm9V4juSvmYwRspFwzrQuw0wqkqsKAp5suCxkKVJhld9MTVF0txyRAQ2TLVAxr-Y74ffg2Yw&sai=AMfl-YRAGM6uVzcNtpOY94CPMGRBPVNoh2BzO6zexOtsu6BrpzA92Kgu0XmWXeLE9N3bDFBQDAjr5T3DeAIXGpILc-o_DG61M3BIOxfhY9U3f9ZLKyKv2lFU-ltjtDCdrpc&sig=Cg0ArKJSzKkOVbJxEIeSEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D656
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
152 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkADoazPnxwjaxJEJO_MPMFBEFKqU3x4wDH9EciKCVU-jt-KNfpsMWIm078YQE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:27 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 02-Mar-2021 09:18:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 02 Mar 2021 08:18:27 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 02 Mar 2021 08:18:27 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 19E2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3062993627248396&output=html&h=250&slotname=1302124263&adk=3910872160&adf=776186307&pi=t.ma~as.1302124263&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.guatevision.com%2F&ea=0&flash=0&wgl=1&dt=1614673103399&bpp=2&bdt=870&idt=713&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc5b973f202a74a97%3AT%3D1614673101%3AS%3DALNI_MajsWLMreAiMVYXz4hH82TVdRtBzg&correlator=885621000075&frm=23&ife=4&pv=1&ga_vid=1851004131.1614673100&ga_sid=1614673104&ga_hid=1331476666&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=6365&biw=1600&bih=1200&isw=300&ish=250&ifk=3936181898&scr_x=0&scr_y=0&eid=42530671%2C21068108%2C21068496&oid=3&pvsid=2385853676457498&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17croy6my1nm&btvi=1&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97563
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F034 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspAyco8mWztRe5A_OY4mAopI6C-7ElFaGbXObTYT1zw3R9U42yqwX3nWhD4dnbkQIK4eUqanuwApnNKQUQ-FtOR04x9s4GQmyaaB9QJDm-KXf_YMT2rBzir9KQnOAI3ee-KcpmYuRRH-cYA0fl1qTNQcd2M9pEcPXK7uKfTtGGPJrRyhBPfNnDhuwH2tCb9MUrtV-9HifSkWkpqEhOtrRW3_1SyiaEDJOhhtxycjWcOuoniXnKd-0sDlbUdPwW3nggWuxCvnZFXPTsBTQgSikMlZOO0TD6zgy3uKaFqFuG3ewwElwk&sig=Cg0ArKJSzJsB13Q9bkc_EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D1DC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E8AB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994300388126378&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F034 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3062993627248396&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 865B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29159
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6AF8 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4E1C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29159
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3DED 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29159
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame D575 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29159
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame EE5A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame D62D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29159
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4AF9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29159
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
seasonax_webapp.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame 6AF8 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/seasonax_webapp.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c122fe3fee61c7529deb6893e99c7b52081dfac50288db7e5b1a5488782e624a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
49836
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117223
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Mon, 01 Mar 2021 18:27:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 18:27:51 GMT
cta_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame 6AF8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/cta_2.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94017345086bb3e9fbc241dd2b34465ea1d037bfb7f8d3fb351503d32c2a76b0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
334904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
762
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Fri, 26 Feb 2021 11:16:43 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 11:16:43 GMT
seasonax-logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame 6AF8 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/seasonax-logo.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78cff144d0df7f7169ec437fb20420ac87abc873d8d9e6e76b14e262d241fb2e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
378572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2275
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Thu, 25 Feb 2021 23:08:55 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 23:08:55 GMT
seasonax_webapp.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame EE5A 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/seasonax_webapp.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c122fe3fee61c7529deb6893e99c7b52081dfac50288db7e5b1a5488782e624a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
49836
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117223
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Mon, 01 Mar 2021 18:27:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Mar 2022 18:27:51 GMT
cta_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame EE5A 		2 KB
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/cta_2.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94017345086bb3e9fbc241dd2b34465ea1d037bfb7f8d3fb351503d32c2a76b0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
334904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
762
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Fri, 26 Feb 2021 11:16:43 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 11:16:43 GMT
seasonax-logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/ Frame EE5A 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/seasonax-logo.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78cff144d0df7f7169ec437fb20420ac87abc873d8d9e6e76b14e262d241fb2e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4684834894734426112/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
378572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2275
x-xss-protection
0
last-modified
Fri, 12 Feb 2021 11:14:55 GMT
server
sffe
date
Thu, 25 Feb 2021 23:08:55 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 23:08:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 5B02 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29160
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame E730 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29160
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
negotiate
msg-0fedcff5b8e00e8c0.insurads.com/rt-pub/node/hub/ 		252 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://msg-0fedcff5b8e00e8c0.insurads.com/rt-pub/node/hub/negotiate?appId=966&sId=56C199291977D2E7&cId=8615&dev=Personal%20computer&br=Chrome&os=Others&cc=BE&rc=BRU&v=0.1
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/tg-1.3.54.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.192.95.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
iat /
Resource Hash
739e1bff8c5f7cc12517ce27cc698f973dff609b15bf7910e604fcc5d4a3dded
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.guatevision.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.guatevision.com
date
Tue, 02 Mar 2021 08:18:28 GMT
access-control-allow-credentials
true
server
iat
content-length
252
strict-transport-security
max-age=15768000
content-type
application/json
negotiate
msg-0fedcff5b8e00e8c0.insurads.com/rt-pub/node/hub/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://msg-0fedcff5b8e00e8c0.insurads.com/rt-pub/node/hub/negotiate?appId=966&sId=56C199291977D2E7&cId=8615&dev=Personal%20computer&br=Chrome&os=Others&cc=BE&rc=BRU&v=0.1
Protocol
H2
Server
44.192.95.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
iat /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
https://www.guatevision.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 02 Mar 2021 08:18:28 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://www.guatevision.com
strict-transport-security
max-age=15768000
server
iat
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame CCB4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29160
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame F990 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29160
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 659E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29160
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
pubads.g.doubleclick.net/gampad/ Frame AFEF 		32 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F245837125%2Fprensalibre.com%2Fprensalibre.com_Video%2Fprensalibre.com_VideoNew1&description_url=https%3A%2F%2Fwww.prensalibre.com%2F&tfcd=0&npa=0&sz=1x1&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=1&vpa=1&type=js&vad_type=linear&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.444.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=1498574255&sdk_apis=2%2C8&sid=34B9183C-A453-4A15-B5CF-F48800AD7FDA&url=https%3A%2F%2Fwww.guatevision.com%2F&dt=1614673108440&cookie_enabled=1&correlator=3589962264476380&scor=2975989945853090&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
21b188ccd44e712072f9d6a4d1e8bc456dc1bbc6e78527a1e2956e2ae565bfc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4122
x-xss-protection
0
google-lineitem-id
5434401740,5361171825
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138318027362,138310439706
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
services.insurads.com/ Frame EA33 		131 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/ad?auid=615173&sz=%5B%5D&dm=1&is=0&sid=56C199291977D2E7&s=1216&appId=966&ct=%7B%7D&h=https%3A%2F%2Fwww.guatevision.com%2F&ts=1614673108588
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/tg-1.3.54.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.241.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-241-242.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
74599d6ac1d000bfc3ba35573d9d37cada000825db1c10ffd9ae06ec65d8cdad

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:28 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
ad
services.insurads.com/ Frame 1C7F 		2 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/ad?auid=596103&sz=%5B%5D&dm=1&is=0&sid=56C199291977D2E7&s=1216&appId=966&ct=%7B%7D&h=https%3A%2F%2Fwww.guatevision.com%2F&ts=1614673108591
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/tg-1.3.54.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.241.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-241-242.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
51aa7f988cc84bdffdbb835a53cf225bc4b39d3e1eae2a389e2680211f856ad1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
csi
csi.gstatic.com/ Frame 66E7 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klrqodx9&c=885621000075&slotId=442810500037.5&qqid=CNaBp4eWke8CFZPjuwgdOKAAwA&gqid=0vQ9YM5H_8jv9Q_Wjp_4DQ&fb=ima-html5&sdkv=h.3.444.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44729227&met.4=ghmsh_s.klrqoel5~ghmsh_s.klrqoel6&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=9DyK_gBZN-WvkJwH
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ch8oz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHDs8inJMrCAF-nZzp16HmeBu-p0VW3OL1UdNjABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHbEJ1Mt6xQMFtO2ACgOYCwHICwHQCw64DAHYEw3iFgIIAQ&sigh=bU-9zmGaPoE&label=show_ad&acvw=&sdkv=h.3.444.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUh0QDyUAAJBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 66E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C41_x0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBBCeoBqoCAHSCAkIgOGAUBABGB2ACgPICwHCEwYYnK_7qALYEw3iFgIIAbIXGgoYCAASFHB1Yi0zNTY1Mzg1NDgzNzYxNjgx&sigh=yum1h2TrcUo&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&vt=10&sdkv=h.3.444.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUh0QDyUAAJBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
hqdefault.jpg
i.ytimg.com/vi/J6SYsbETPjA/ Frame 66E7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/J6SYsbETPjA/hqdefault.jpg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee0d71e0d935450ce6b4f87023d800c7f6d500067845fe5ceda7775c865d8e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:11:55 GMT
x-content-type-options
nosniff
server
sffe
age
393
etag
"1611061419"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11349
x-xss-protection
0
expires
Tue, 02 Mar 2021 10:11:55 GMT
truncated
/ Frame 66E7 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame AE31 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97564
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
csi
csi.gstatic.com/ Frame D14E 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klrqob6v&c=885621000075&slotId=442810500037.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E7 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.444.1&e=44729227&id=ima_html5&c=3393651780550417&domain=www.guatevision.com
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/ Frame AFEF 		796 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_CHANNELID=5d515eaa28a061621155fc41&AV_URL=https://www.guatevision.com/&cb=587780160&AV_WIDTH=1&AV_HEIGHT=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
287eb7f1db1c25a126870ab7020564a4fc0909fe3b1a9a914bfba5b12ac99deb

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:29 GMT
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
796
expires
Tue, 02 Mar 2021 08:18:29 GMT
videoplayback
r3---sn-4g5ednld.googlevideo.com/ Frame D14E
Redirect Chain
  • https://r3---sn-5hne6nlr.googlevideo.com/videoplayback?expire=1614701906&ei=0vQ9YPONDY7t1gKkyYeYDQ&ip=82.102.19.136&id=27a498b1b1133e30&itag=22&source=youtube&requiressl=yes&mh=IO&mm=31&mn=sn-5hne6...
  • https://r3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1614701906&ei=0vQ9YPONDY7t1gKkyYeYDQ&ip=82.102.19.136&id=27a498b1b1133e30&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...
643 KB
644 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1614701906&ei=0vQ9YPONDY7t1gKkyYeYDQ&ip=82.102.19.136&id=27a498b1b1133e30&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=17.066&lmt=1611119891128719&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAPG9jxm5NkXmgYIs6Z2jv1CMiXEgEJB4nG6U89CukRWhAiEA-xtIGkOn_3jUB22GgfZ0w3Q91Wd03Fb_-b2lxWIt7CU=&cpn=9DyK_gBZN-WvkJwH&redirect_counter=1&rm=sn-5hneed7s&req_id=9e47a8e7b60036e2&cms_redirect=yes&ipbypass=yes&mh=IO&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1614672765&mv=m&mvi=3&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAINtjj6eovNtqEBnXej9_e8dd_q-JCNnnuNbqy-IcOaqAiBLgG1ImO2IyyEfrtbiWtVGJW6vev1BQil9YBSpIYr3ZA%3D%3D
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:5d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
922a770ec1dcb83dafce6bf3b1da0c254c0dcced45a3faf78ae8c75e5f6beca3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:29 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Jan 2021 05:18:11 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-658550/658551
Cache-Control
private, max-age=28497
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
658551
Expires
Tue, 02 Mar 2021 08:18:29 GMT

Redirect headers

Date
Tue, 02 Mar 2021 08:18:29 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1614701906&ei=0vQ9YPONDY7t1gKkyYeYDQ&ip=82.102.19.136&id=27a498b1b1133e30&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=17.066&lmt=1611119891128719&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAPG9jxm5NkXmgYIs6Z2jv1CMiXEgEJB4nG6U89CukRWhAiEA-xtIGkOn_3jUB22GgfZ0w3Q91Wd03Fb_-b2lxWIt7CU=&cpn=9DyK_gBZN-WvkJwH&redirect_counter=1&rm=sn-5hneed7s&req_id=9e47a8e7b60036e2&cms_redirect=yes&ipbypass=yes&mh=IO&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1614672765&mv=m&mvi=3&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAINtjj6eovNtqEBnXej9_e8dd_q-JCNnnuNbqy-IcOaqAiBLgG1ImO2IyyEfrtbiWtVGJW6vev1BQil9YBSpIYr3ZA%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Tue, 02 Mar 2021 08:18:29 GMT
lb
services.insurads.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.insurads.com/lb?appid=966&acid=236&s=1216&sid=56C199291977D2E7&auid=615173&ts=1614673109068&iid=p19573ac257df460054f285a88f38755932fd7ba4d8&is=0&m=0
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.241.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-241-242.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nocache
true
pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.10.3 (Ubuntu)
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 865B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 4E1C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 3DED 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame D575 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame D62D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 4AF9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 5B02 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame E730 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame CCB4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame F990 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 659E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97565
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
batch
services.insurads.com/dfp/mapping/ Frame 0A40 		5 KB
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=966&requests=[{%22eaup%22:%22/55904062/gtv_ft%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:728,%22h%22:90,%22eId%22:%22gtv_ft_0%22},{%22eaup%22:%22/55904062/gtv_bx_05%22,%22eolid%22:5077058055,%22advid%22:84515982,%22w%22:300,%22h%22:250,%22eId%22:%22gtv_bx_05_0%22},{%22eaup%22:%22/55904062/gtv_bx_04%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:300,%22h%22:250,%22eId%22:%22gtv_bx_04_0%22},{%22eaup%22:%22/55904062/gtv_bx_clima%22,%22w%22:300,%22h%22:250,%22isda%22:true,%22eId%22:%22gtv_bx_clima_0%22},{%22eaup%22:%22/55904062/gtv_bll_03%22,%22eolid%22:5077058055,%22advid%22:84515982,%22w%22:970,%22h%22:90,%22eId%22:%22gtv_bll_03_0%22},{%22eaup%22:%22/55904062/gtv_bx_03%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:160,%22h%22:600,%22eId%22:%22gtv_bx_03_0%22},{%22eaup%22:%22/55904062/gtv_bll_02%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:728,%22h%22:90,%22eId%22:%22gtv_bll_02_0%22},{%22eaup%22:%22/55904062/gtv_bx_02%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:300,%22h%22:250,%22eId%22:%22gtv_bx_02_0%22},{%22eaup%22:%22/55904062/gtv_bll_01%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:728,%22h%22:90,%22eId%22:%22gtv_bll_01_0%22},{%22eaup%22:%22/55904062/gtv_ntv_01%22,%22eolid%22:5077058055,%22advid%22:84515982,%22w%22:250,%22h%22:250,%22eId%22:%22gtv_ntv_01_0%22},{%22eaup%22:%22/55904062/gtv_bx_01%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:300,%22h%22:250,%22eId%22:%22gtv_bx_01_0%22},{%22eaup%22:%22/55904062/gtv_hd%22,%22eolid%22:4922612131,%22advid%22:4680105830,%22w%22:728,%22h%22:90,%22eId%22:%22gtv_hd_0%22}]&h=https%3A%2F%2Fwww.guatevision.com%2F
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/tg-1.3.54.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.241.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-241-242.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7109a5705eff586f49627df31cfd3aad5726e44c6d905740401fb0cc15e04438

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:29 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
content-type
application/javascript
csi
csi.gstatic.com/ Frame AFEF 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klrqofli&c=885621000075&slotId=442810500037.5&qqid=CM6JvIiWke8CFYCGgwcdzZcEug&gqid=1PQ9YP-IHMSPrAS26I7wBA&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame AFEF 		42 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BUdV51PQ9YM7PHICNjuwPza-S0Av3n5fkRQAAABABIIWn5z84AFjitJajgwRgufjHgNwBsgETd3d3Lmd1YXRldmlzaW9uLmNvbboBBzF4MV94bWzIAQXaARxodHRwczovL3d3dy5ndWF0ZXZpc2lvbi5jb20vmALoB8ACAuACAOoCSi8yNDU4MzcxMjUvcHJlbnNhbGlicmUuY29tL3ByZW5zYWxpYnJlLmNvbV9WaWRlby9wcmVuc2FsaWJyZS5jb21fVmlkZW9OZXcx-AKB0h6QA4wGmAPwAagDAeAEAdIFBhDMx6mfFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAYAMAQ&sigh=53nJ-GrQGt0&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.444.1/vpaid_adapter&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AFEF 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRFyWj3mJx2kSJkON806iMBUE0CbJKqDp-cXXFZvN1QtVEPh9DpUqR5hhDhdOopsJazdlLOZrKB8AV9AFsr1VqJ-HHtUbR8yY404oH42EvYQAsutlUqJ4shdYkWI0zeDnbYDZRqmex2Oj8A-XviN88DfGDXY0FLY9pbXBv6kdP61RAyTnykX7YCAm6GjAtALq8l6FwWlAJ7PAN4M55f4gNPhuVosj6rfBBHN6dR6ewYIqNdS-j5CiQJJnAhyJn1TnnaJ0dBps6K3xTryECmojJCQIpjh9iQpMKAlKN-XmTT0RldSxGjedp_cIkqNVFY8fLgZZnzvNiA43B02GgsrSfbyodGR_aw_aKKLYmg6-yWIuX1Ym-Uj7pwSqt&sig=Cg0ArKJSzPZQaOHKifUkEAE&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU0MzQ0MDE3NDAyDDEzODMxODAyNzM2MkD-AQpGCAESEHZhc3QuYW5pdmlldy5jb20aBVZQQUlEIAIqBVZQQUlEQNoBUh0lAABwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:29 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 9A74 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5055673d29e1896014a8c05728bff90ad50e6ce004df8e7b46dc8d38441714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
age
534
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18173
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:24:35 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ch8oz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHDs8inJMrCAF-nZzp16HmeBu-p0VW3OL1UdNjABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHbEJ1Mt6xQMFtO2ACgOYCwHICwHQCw64DAHYEw3iFgIIAQ&sigh=bU-9zmGaPoE&label=video_ad_loaded&acvw=&sdkv=h.3.444.1&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUh0QDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 66E7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391025
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:41:25 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 66E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C41_x0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBBCeoBqoCAHSCAkIgOGAUBABGB2ACgPICwHCEwYYnK_7qALYEw3iFgIIAbIXGgoYCAASFHB1Yi0zNTY1Mzg1NDgzNzYxNjgx&sigh=yum1h2TrcUo&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&tpd=AGWhJmsHKkjZtb9AQHIshm-I5c8FN7yBI1NNMlGaF2PegGlyXA&sdkv=h.3.444.1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQKbz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHYAKA8gLAdgTDeIWAggB&sigh=Nw3CDhHYaU8&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,8414%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D17020%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1614673110208%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1614673109029&sdkv=h.3.444.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUiAQDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25IiglQABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 66E7 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZMSnNC-Ri3o_1SK8v24sfcPh5mjn1upUOpcjV6GQ063usp5yFV6vzGDJ7mbV_CduyQ5P11_awyR43ZBVtkeiYgL-BBZ1m_sqmVSMvY5FXhyjCeQCq3kW5uclIxA&sai=AMfl-YSlb3cO7knbZO0Re-Ncco1ZwB9bu2ICQtr3dVMTODyxcpHJRL2IdUlStBel76DowOr0i3u0XlCfMpuBEMFWK7ps9RK5q-N8GMyoB7eXbQhxexmWIZLE0MV1UjiScuUu&sig=Cg0ArKJSzGpRwIYKqyfzEAE&cid=CAASPeRoRojY6FlqQ8uXnoHG5KZh6gW7JfcTrNcHpATPri9Q_Yp6bM1oQAjnKy9Hxnzcl5vuxOiunqjPPpno4L4&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,8414%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D17020%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1614673110211%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1614673109029&avm=1
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQKbz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHYAKA8gLAdgTDeIWAggB&sigh=Nw3CDhHYaU8&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,8414%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D17020%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1614673110214%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1614673109029&sdkv=h.3.444.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUiAQDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25IiglQABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E7 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.444.1&e=44729227&id=ima_html5&c=3393651780550417&domain=www.guatevision.com
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQKbz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHYAKA8gLAdgTDeIWAggB&sigh=Nw3CDhHYaU8&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&label=admute&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26tos%3D194,0,0,0,0%26mtos%3D194,194,194,194,194%26amtos%3D0,0,0,0,0%26mcvt%3D194%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D194%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D194%26pst%3D-1%26dur%3D17020%26vmtime%3D-1%26dvs%3D194%26dfvs%3D194%26dvpt%3D194%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1614673110249%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,194&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1614673109029&sdkv=h.3.444.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUiAQDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25IiglQABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E23 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030101&jk=1680154774251010&bg=!aWqlainNAAXB_3NtwTsAKQB2-DxaiUq92CxEZIHcDR893UIQ9J9G0UkGAIyYK2JY5h6-3V0DJ4nbAgAABeVSAAABf2gBBwoBELoDm6tZDomNCum5FWF2N32IJG9Bh4K70XCO3djxvpKql6cCRmetzPRLmB2-ybrxb4dStHZk05uzyYzQL1oGVL1cPyZ-va1tUXf5Gy8pZkLd0jaIvW84Dc6GsY5_wRkT4UCsx9mmtJetKZB44XSa0XQZ_qwZXwBHutROBwAAEed27TWNHi0ah2rfCHovvgglqbSd0pMDSekUdNHK1fVA3MkO45a8zWG9quvhuKyme52pNpmioAAmdLATGujD7-a0cnC9t26nfkbQUwFmICZ5KSkj6SV3KvBSdjjfiRyHcT3cSSp1KDqtS-yCVdwAyiKi9ea6XvHy98cC82qrWnXnxHVl8LvTGnj7IYmBikfc8mV8mQHuy88SYZ9yFfl-YODlmAxdH5jqhMdNVpHpbA7jDpxEQsIqYSAK3GIqEphgHmbNewnI--7B7UIysrbLPrCa8VsfEvVnLrO0dp3gA-7ys0WEVCrPekB9Vk85o4ufedo2u-L0jJIyMcoQ34gHJp6oX7vAKtOLUazlj2B5gS2R89agiS8UOKiQ4Iway59PdygT-aRWmqi_R2vVGaVbip58ZwebaeY8SEMq-InM6AqNeCxUgkAK0W_Ze5LCQNuIt6867kytD2AEAuaGGJWiw3A_PpnU6dQG41xoM4alFFBHIy9Aa9Pljl1wrhOtFFxaSRB-wf2hxXQEzeUo-Fzv4YsipYAw8seSRkLTFogp8Uc7skF47vCthpKhUtPgWTnkJLn7hu9v1SOWND_WDQ8QTI8NfwjrZTXO3zxlfLfTeX-LAa1ORVTsGlr5uRGPacSypIC_jxYWRVvJFLQR-jEtNNOP_EVc9E2y8MmhtMW289Us9cXXZZWX1lt3ZbjSlRuOoIgH_awkEPks2adVWk03VjYdRZZZF9I7TfVkaDqIi1h0d3FWkPZq0uRMG5rPw-jMq6iKzuuyIvrOefpaZMShH0a8GKVKW0R7hdX7l4PKGc235gaETD1l1BJAkejWy5OsBVlPA49Sy48gYg4Y-urEPnc8Loc
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
600ee371e4b0a093740cdb32
ott.streann.com/web/services/public/inside-ad/impression/ Frame D14E 		29 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ott.streann.com/web/services/public/inside-ad/impression/600ee371e4b0a093740cdb32
Requested by
Host: streann-static.s3.amazonaws.com
URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ads-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.86.238.174 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
62e45240dcfd5ea087e4a3441b41cf61dc8dc37696e02d81a9fc43831b9d7d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/
Authorization
nqg9hp22zahpllggfsanm8zsckqbookww4pywx086j56yiwdrrieyl51k1cds41iybaq
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 02 Mar 2021 08:18:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
nginx/1.16.1
X-Frame-Options
DENY
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Headers
Authorization, Content-Type, Pragma, x-app-name, x-app-platform, x-app-version, x-os-version
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A964 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=25017539370792&bg=!_f6l_r3NAAXB_3NtwTsAKQB2-Dxa2ZPGMk23fgEnuxmhalqmpNy9uO1zYYZ2S3rL3J7yIW6nB9Y_AgAABflSAAABQ2gBBwoAoQAH4sx6KcSWqWSkyYDQ9SVS2WQXRbG48lCUkJzlH6tLUbGC277t4XKPz8oyrp1BGLYENGyK-IJQNsjbhcAbYO6xwjeDeC01swW87EEcPZY4cxlRRKpazCT1WZyU6Ppx13gN8tp1LXqpzy-3IC6C7CsQCVxxGPLUQy-DzoXsCTacNNl0bkvnzDNp-EeAKfKHfWZJsgVzr4fiW3_bbmGTdOGHmQHt8GAbxher8vczJnbpOazN_rQ22HgL3s_qDLCBrIvB_ONMRj_UhhZKNlEWhdS4jH2HozyI5oPUZU0XYmC2_ZjFe90E_6Ow1aUDrBALYAShZjMISXUZWKKqSnluETMUrKpuYThZqGjDGv1kVR1DK6W4By4YzpP-QmG-gZnZfrKOZbC33Q6dZAPLuwehZBgCDJvNprX-34qnu-hCN4zD7owB44EjkAMjJuq9pOKV2NdXFoTQ5wunlOCW-zBIH2MyFg8QTQ_XSDYv1tvsn2qTpJkkXZfDE3EEZ9N3DGS7WMbqwkUFjxY7BTfZV__uIjamp1sf0m5cwE-gedvxv7b_myys9MSjx-CdRwXr5qs2Zn5i4mOlD30lnGGszncfWWNwhlpfzZf4_BgA3-IEQ7P4pSvL26CCQdu0LwzkyVuC_5X0-enYb_xXDpVaorlj--lNeN0e2hA3g02rX3JAntlB8NmV-FPXfkjvNfSIuAnYZIzWNbPfh8NfitddQN5HKPWYh1r4kPfPdQKmDEIaqyg2TrSTRbVPN0h5-Gb6uLVvPPBYqFfbj6e1k_SONybABeObXywRKXtfVWAHuhK823IcnyrEabEtx6J79qBV-X_b2txlaECPAZwnQFecgKs9lPM0CPHxIm8t5a4o838FB5f9hQ
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 9A74 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:30 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzUaSPhANsryb_rbI1PkUu-Ius70zssgT8xaYez98wiXn3nIRQKiGmhH6n-KkTskj32WeAn2eKbsG_MRp0NiDs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95778
last-modified
Wed, 24 Feb 2021 08:53:38 GMT
server
UploadServer
etag
"06ac451dcb93e2560f9563c8286b920c"
vary
Accept-Encoding
x-goog-hash
crc32c=8jEwgw==, md5=BqxFHcuT4lYPlWPIKGuSDA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156818658566
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95778
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 02 Mar 2021 08:23:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ADD0 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=2956666198917736&bg=!0tGl0ZLNAAXB_3NtwTsAKQB2-DxaTO-fihgJCgNCeltwOKmZhb1lbGzVH9NIFLtVO4Se4DITsqw0AgAAB2hSAAABS2gBBwoATyjK2wxTqXO-Z-jrcNlTU31aNGGW3nhfquMleljTX9bNdDa6Jgcl0-FDXVv6domVVx0yWcwam6thA4-0XIq-e9_qNynuccxV4TVOrkD3tzqZAe7eZ4_oQALs8azeOvScc5fpq1kpzr4b35pgw1qK34hSQa8XdkNLYj8i0qLEc07YmdV9Y-LujCjFuAIFO2A7jX0IdD8P13WPhcCE-7BnyBF41VMxRlpBBc3dauQGegY_GwXQTecbQn4NIVT-mJJ8uDPyQmEjsVJQ96R9nWZRH9UO1-6LNIMXw3HtlcxVMPn6jJxXuVUjuIYoTBwf4qy1tMHJfqUNHatm7hnW3Lqu-IuHw7UPJrLmCmQ8OqUHwbUkkg1IzUVfwMeScw_0fy4ZrsvqpyydNliOwC5WOzcXCHaxhY9CRyDGrJewtGgbbfU9Z89lqoSCPLK4yX_rU-RtOXFydBOM7NwIpwvMchukfXsWzvIb86EzJB8WVvnxE0XbpZSqvr4FkSpKlUm70VbvjSkvd1nImB4TkkmqDNEj61v8Du-cKy_7rEQby2C2DIuE3FOq5ZSUSRtgAbo-5JRgJAvSTUwO4IKHhUu6PZoVW6f3W35UH1DLwi3uFNUOGXPEqruABav2fyWeOKX-Hypu9f2xYp_8VW4pX6vVvBSk0f2_p5qKGBn5Xj7sZ0bOk11DV24x1bhSrzmt0pzjLw_0a_8TSA1BVLO-3kY3M7-848ceiVQ29BsqQN6syNqMMdLnjuXzNqJgysJSKxmcdZ0KSA
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
s.youtube.com/api/stats/ Frame FB7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44729227&el=adunit&cpn=9DyK_gBZN-WvkJwH&docid=J6SYsbETPjA&ver=2&cmt=0.469&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.guatevision.com%2F&len=17.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=83.0.4103.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=15&rtn=10
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
600ee371e4b0a093740cdb32
ott.streann.com/web/services/public/inside-ad/impression/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ott.streann.com/web/services/public/inside-ad/impression/600ee371e4b0a093740cdb32
Protocol
HTTP/1.1
Server
54.86.238.174 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
https://www.guatevision.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Tue, 02 Mar 2021 08:18:30 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Authorization, Content-Type, Pragma, x-app-name, x-app-platform, x-app-version, x-os-version
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
X-XSS-Protection
1; mode=block
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
Allow
DELETE,POST,GET,PUT,OPTIONS,HEAD
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 2996 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/hhrtBw21.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Fri, 26 Feb 2021 12:30:48 GMT
expires
Sat, 26 Feb 2022 12:30:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
330463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.guatevision.com&sn=&ic=0&tgt=1&app=&wi=480&he=270&test=&apppkg=&fv=1&proto=https&pid=5d31fb2628a06116ff22aef3&cid=5d515eaa28a061621155fc41&e=inventory&vi=0&cb=1614673111393
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73F5 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=3094524569477426&bg=!BwSlBEfNAAXB_3NtwTsAKQB2-Dxa4U3J807YXvqqL07E253pDd1kReDciTmSdjPTMmiHep7m2qWUAgAABgNSAAABcWgBBwoAya8_y8K7Bu9DzNpNgoPzadbOIIRyhdHToHGaBxofQDUfja_O8nI5iPyHwQkah3BU4JfLEXP6qM5BqYGd-LEPaMQxIBUiysbYbmVpo1rDZCFFtFsvL2aIKFkoL5VGywBCUUc5geK-FCJc-O1goQVMz2f4albB7UiOU1-grV9URhV_fmpRMZZabKjrhpofMIja8SS4yyZczW1fpo_gUAliWjipr-Wtv61VPckq-4sjhBA7nNkjrn1gDqOmaaJ_zWKsFkk_EBQnIcIXGJkB_y_slMiVhnT5X3x3t_gXxC7gPzH6admriAKVUl32TMdit6hF47jWhWirLOW4u6vuhcJ8svEpoH48_VD2cskHEWLK_qaSiQlTl2MHvVw0RiLA8mOCNegYbPbNFE0pgr3IXcXUwxuPIIqO3LL1dABF1SI1Onmg4EfvvYF6JnPgodKBipMU8_EUoDmeEwsEr_DQDGe-CCNgrvflpobfBbEvzbCrF2FOQQwxeDolM2TASmpmiDS37DiCkSzlsCKWL6P5tuPoTI7QmLkQybqVBz21ztIRccVFV_vom4quDnEO_i9ZPpDIGEgs0PytWEjlwkPU8AnE2IZipE7KFj0pyP5uPUJtezfQjNXBQyXnV_62aPHo4VpjRV0Txf4uknxE3mVXpbfzCvnTQCwi6-vvMH29u4zwvArDtmFskceMFPBr17RDd9xRi7ti7f7AKBuKw3poE26uA2p2mHJfOT-qLEybnMpcnWF5COe-XMtUe4w8O-cokqVmSfKj-rdWh6uEbX_NFSAyYa1nrXYMPt4J2GBZQp1PgPoKWCAwidOCoqa1AwD8JNPn99QIrHIoYbi6im7k4IqlzNM9hg-yyzELLmIpUM51CodkH0RlVcM2cI4WpWtj30fvMcm51w697gBstpR3Z-vjXBV0G5SI_76UU4GK8lGrrqcSCGxM2zq84AjMAaQ
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
gov.aniview.com/api/adserver/tag/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.guatevision.com%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_CHANNELID=5d515eaa28a061621155fc41&format=json&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.guatevision.com&AV_DADPOS=1&v=6.1.1.243&avtoken=111392&AV_WIDTH=480&AV_HEIGHT=270&cb=1614673111523
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.128.65 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
3af009bb0bef52a27bf3a7032f4c7b460aa3b29a9aa1c14d0fe1c24b4ccb1d76

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 18 Feb 2021 18:31:55 GMT
truncated
/ Frame 6872 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD0E 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=1472611813426457&bg=!o6CloOPNAAXB_3NtwTsAKQB2-DxaidEG8ibp2Bm3wxYc-ScKHDOWyzUm5nm7h4Eq2uPAjQSYMrlfAgAABslSAAABJWgBBwoA8jYNGNIzmfG6xbquYrPQXWQ8EJrhK6LCTqLj-1n-d82Gc0-Jlp17h3dvyK6eY8mHkExfl1rYVbpYDjsq3qyc9K2FU244-L21G6eLKrhcg8KNo9m6SN4VUb2Tz1AauwMYRZGD3yezz04uJsZingUWf0Vygdwv3HoCot_9xTF2bDF9WKq06awp7_RcWnjxmOpz54wZcGZ3DmzC8XjI3u7oFowgApu_Bdk3l_KTBYufCHf9AxNdjrP6pLBCuM78pMmDiJUTToRkeJkbRw--mnZgj5fD8YOswWk3ElSghDPzl5gKwICWPPFf2LW9alIZ5TwK9fr7mQHsSAvA9fy-UQtRv0efDedzptKUr7m3FoabY0jTSJC8vvbpXNymAy_FibGJlWczcFU42mwqnr50prCQbNHT5xTASd-4ss6RPKaGH9qNFEYBCQu5quz4-cNOAcpKlIiENC6QRLIr4QNCJKqMMXOcuetvgCZLmRVgE1DwQvYqi8Y5FIyzPYgN0kRpbmukt-G_9DRyB0hVBuLsmJ_E8mbp18oWPXiYdM0WQIpsV17INEKCnTMzJtqvuOTtOSCgmjoww6H3p5pNLPyhrQS3AJucPtcGpQ2SYD-avq6mbAUSUYtkgmjR1KJZTrQLHRAOf0MVAQHqOMiKW1DVjx-xJ6U-UAwPN0apd5N8Fl7MTu9wgxiVb6Wo_tX2yG7vw9yIhKDCY-ej5J9cYmrbr5JP0b08n1Q7uuEsJtPXQdBy_NG8DjS1N29lqvTG2h_WI3u3YraJStykDW49O97X6cEvoBOYuh6a28kC9jNDKnjKAPGlDhh5wPjBBf0IG1vM66MheNfYZZkMnCBtpT3lUbe_WUMQ17aVeJgWWgsrLo2qKIVjNo7miIexPq1ZdYLGNtU6iJqs0FELiY4Z_44zLkI3sFV8K_ceNgC_N2X0VHR50QMqWx2ejfmcy1BNM6FxUbWX9GfBAkxB0eQ9oMoL53Drewby
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C76 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=4458498935981877&bg=!x8SlxIfNAAXB_3NtwTsAKQB2-DxaC-jto7WdakrDcWaL4UMN9L-2BE2y1FxuZEFGM8ap0nVOa2aqAgAABzBSAAAA42gBBwoBYZlXfA_kIzcApHWBShwlQeTHf-BHTJZzqxDY58baVvqZQORc_a5-JDIRZ4CHCSFslSwZvRBq5s5JcQHsW-YUPJzlQApkyQ9B9CZ9rksPpLtcBjFcPnyMOBT7TeeBbloWgyP9-3ptoGdoai3Cj9cmQgkHkoWE3eQ4Zissc6fWMAyN2abmbwrSbCJZkISzU36vyNhiVuz2blXiY1D9jUdp8J-LOmfVmX2KP784Q6bx_RPjwr2nlNvUu8Ve0-DBkayWjRj9-Vy7hFbWRNx7JDEp-n297IbA04jgFYas5F0HcB-uwB9iy3ZcGWWB2oC62Cpr9jNbw1-XvVZZWRBa_SsN7WJHNvF5nsjCgRgoMwlT2Lc_Smj0kCS4Jo11vBXMSu5L-l7vuQPaX62vC0--nJ1kqPeQLjSHXmLntDsNzRPEnbk2pi5Uya2jk2O_CYJihQ_BER9SmyUm3BGPUrOc-_22r1c5mQINCZX0-veWBnSqYhLeFP6Jm8MVGRIdW7z2mNzWP7b1_QR4VHm7eyItKlzmcPuutUABGfB7yuSscH4lszggLctRxGkZ9LWmkx7qfRR1EH9N5uauYW0356qEyt8oitp2rtB4ztEOpTclCvhHnfXatO5Lfbq5_3DOgdd9pvlqBs8EPLIso-IeUpe1j_N5sNjIr1ayfWmBDXRgmi4BzW_-k7HIZpDxOHB2moWSwvs_8zGDNtSTc0KsZ91ZEbST8MRZ5X58IxEMcgjVFgnWzMFlSZZDn9MnKy5vKGtt2XOUVBI6Thc9DH3WFgYGw8jPV1AMlrUrvZyljxP8cTxHK03Pd1odz60dNr052-iyYObab3B4vQpZE3b74BNib5gzP_g6_OiX5JH-876bNpSPRFd8QCh3tjpNvEs9S-dakzPzppt2-ZwekWWU9kwFpB_3re-uKcoaMzDn7SUZEbUhxDIaAjHKU1R6IcwQWjJJnMLSpUl7qGhM7F_QYMdqyne7VvR4IpdC0b2iEbINCTJjeoQaEdoLSPyRGLK0SJzeW8Ve2lGhP_vdASfHo0t5JLidE8IdkfwspuPNLd2HYL00netEwfQ-YRe2u9HMoI25NGSvRdC8FnXsaZthxrWf9sb-R6sfDtZ95xMwVfBhgZeIdeN5lPI5EcssT1PsVHCz1Nhk4AVpAWqT-2neBCLdFb5ClY_m
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC3C 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=3822500437201877&bg=!PT6lPn3NAAXB_3NtwTsAKQB2-DxaWmc3qbT8Y49mndkPjTy5ke8eNSxKyInwK4KzKK-0tL4JGV-jAgAABshSAAAAwmgBBwoAJRqUglHu62B9469I4fKMijsDA8VFY19jSpdNd0DEdwsXVDTHi-KZAfQISGIHF7F_uoKjRevlcanmATZHTe2QSZJvSITHBlHubxRP1IOgyH3_SduPqlfEY57XK1aDdtptkWkvXxMPehsgTow8DvXgeEA1IEPXlOBxb1TmpfRiXcZ3zlm8kMGUsYNhExYAxNldRaSGKF0rNCTkDfMswf6OwuMZS7Kb4zBeECXtEURVUvSq2tDD2-O_jMwYDAur06Sm9xf8QFMDCNLTO8EERm13PJWb_PCwhwn07seNzq5tAGSVrZST5beEY0ivainELjlex8PO0UL9TQZ6WAehHDLaWQgnlknhn9wXPToaq0T6r2xOzxLtSZc_8aEZBcxZPH-eNtlsfs9LOVYuFfc9X3otWws7vQOZqyinCz0ypjZ5xuCD4oGuQ_4LmeQD72d-r8JZ9xH1eapC3yTQZvq02wPtUYwH9J7POULB4ceuKVsVvoR6GvNBHK66zQrgPbqyAjNLagquUQDbdKV4YJFDK2n6O0xbgl7C-4UfdwvTW7XdcpmymlembHLU9zLaePBZgtk-mPwexzzod7bFYDaPZNcPqYwLNIojJeAHUK4BgIkLIpAEJjY3d3RWFhVpZLGfgAX9qLq5NF_5_mYCNvQwkg-SRJ8ixucY91M2H-Q64xUrV6UiTdye5Vsg3xNSFDRdz2ZvWiNzAgRfMeMFtvhf0Q
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C394 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=949154445887779&bg=!AAOlA0DNAAXB_3NtwTsAKQB2-Dxa0x5OeBG794L3xQ2crR0om0KT3FbaMhWfw-kECvo-pjzlB61GAgAAB_RSAAAAs2gBBwoA64xpxiMXf774pdqrUUsC2hzUWR6abdTiM4ecrs67ttmKZHAY7_Lp3Y3HVpG56IuJTO0xolyDq-ksbGAHwF8otMeOtwbO1IY3qvGouR5IdxolzFMvUF9DSZY9lXn9D9Q8hu1tVdnU4S9Jnr8uopTk9hzwDYYzGPFO82aPlYI_DxEaE8WL5jeNpz80f8jFJs1ovMtTE4XDR7TxsEWL9ksPE-Dc3oqqp3iDtwuqKNg-JfzBOyh3mCLkgZqlJC5JjiWmBSkZLwqRbigCwOR6bvRQSLTbUZXeLfTLx_TbC_j2E9a1AR6bZ_J4q9aB5WWZAhnijltkyDyW0iB6TevVAyMOEnon6M_CJXAbjtzh5bO5UHpBd9FcIJYeBDvWGjwipXlT2TsnGjkzf0NnHhsnCw8WajDy7P0i84j1uBF-QB1jhErSbaesnRJ4F9Y4KmNQAVNDBSr3MdLVzNYPf0GMHCuUd0aYqKgqW-jaUq0_yCYEtRXj53sJNYwph3V-A7fsETEFkIwP1d7xQeN0cROwd99My2u-aX8L3hf-8XyjRaWeeu7tqmQdnPh-i4xcnXfGwzldCM6kL4UxFSR4H9hIaLJnqWJU3u4CvxCfQYP6MPM0VpnlikhS10u1hMZq3uc-rqMTdsQiiJFH6TL-wSbdz2jJM7dO_O0itxL-qajPCJCoJv7MReRqG3F93s01HcKnEdng5yiYyOD-nVBWJBc4m7w64Pa-T_hf9sKQJjEXRjmXfMIvTS1LHRf4FTiqyZ2R_IbtQ85ZwclTu7968ivFle5UqszAIjy1lEMs57-tH8YNGCVvsPaWUKXQyLHF93qEzFb5y_5TXpH8Q0GEzbhSEMXVF2jQUKcR-xofjB-kn0IWjgTMQGcwQiV9ZwXEpUxlpi6o8o1ZGduSnTnMtKd36H-AT1ES8nGCGQQIyp7QI83Ityh5-5M5SLeifEpBUblJawLCKcdw5_3rx6cXNE_SaEploZSUl0PIf9ACUht5_wKXcYX0ibhlAAYIC6fBHiTqxBDcOZmr_2SUq6Q
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6B8 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=1243738724398832&bg=!FBelF1TNAAXB_3NtwTsAKQB2-DxanMx7WsVCR3UVsbGRx4AhMVO5_Y5GC7syTz6Ooh79ddEYfD2cAgAAB_FSAAAAqmgBBwoBNj1PKcsaaO0vVxd62kiDUIgSBVlIrdnR8MmN8mbM7lfDCZXgqQT6McxGLshk2JyVy47QjL4OjZfjYuRlIIidWK7DDWi6KDn0bw0OrtvfbBU9Ref07qpqOkluXhtdT7Fc9wM8w8y1uJF_jou3BjoQLyOPbERnc4fP_BtwuJxCJFRQT9LQzINCDnaPzAC_EGw3DR3GUD3rEa4z0FB_oYucANirfGsQexzWcFseY0bJZHjvLlSpoEimXZZs3zTZB71UqU6M8xibyVe5Pw4DeH4-QrMCEt3i7fuP2PNVPeKmiQUT8q6ufxXnW0DiqEi9fUwNOijtHEUg0qPloQ085dJN8pNHYo3QqZ8pYxXaHnXrFAgq4bHCwY363rw6ztiwTkZXMU-40hMXl9GsARjcivU6bPwohlqhL0WZAe07HqCDuMuWmTpq4CMCq5X-huci9lfuxmGLgQe2SYg6k6EwQvcYGHMDHzlc5A5PHLrPAfQ9uuiB4PkGUsubDxWIO3QT6vqAnFixqDRRQrglfBqJhIqC2nkkc3J0Q1u2VfiH9-Ino4-In-vZBcCJiBs590htUG4_QVaJjiQ_uJOkSPAUhaHt4SursejXFNy4ZVizlyP2liJVPKrJBpD0rTfCvQeATc1zsok-aksqn4wZxvyVVVjHotWYJxnnW0-DVeWYCVbYJAMQ4hexVBJy53vhpxiXOcW2BT6mP0E-wOfkkPZ0aWpzfb4L4FgNvprjnpaZaIvIKElaHvKPmbItcqdojBG90PxklGNwadh4r8zfx_g5HtWdQ3KIKfboUEL3CljTPyLToTuQ3-ZIxV3Q6xshPr5TTH1D9iwwkOiia7XPTmdLSsOTFoIqqNzbI-ElvYzeGZGNtWfe3CjLTY21mckOBSQr51mG0_ln6euJmyK2I5t-9aQAr7uSYnq7B2uYxajwJNtw6ia8008UtJH6MWQfvSAyq73-nvsFzbad68vIz-xHjAgFcp8HEDW21n9WbKgdV1A0B7g1eipA89phXaKODvyxOxohSl2sbXEYyQXsyvcpR_TXDIgwXpnb6HtMpvI6dhWIl9t_VAT6gTGg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E8AB 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=1218835287666070&bg=!ZGelZyTNAAXB_3NtwTsAKQB2-Dxags3NnmSMDIsEGn1ctc9feJlNJvoxPqBOFcyJrkYK4UNeX13WAgAABqtSAAABLmgBBwoAiam3QaKlwqzuakHKEFSltu7yU2IgbEqbdGHBdVAwaYRNBS3AvjiNZX_w89bexgkKRuermvvNDd3zMQ9O4XZ_pc8DYcT4cU0WauEVBMfACfk4mOk5ozq5WJCIrbCM1L_yMdI4JKXt-OS1CBkdbzuND9K-krTShf4sSPfxgByYlxk0c_hFeQRedrz6mQIaW81XScV_sKPNB56fTfYJ7KfMeMjt8DUXnHexwoW36Rrr5qIlWjAKU4MQ38WqJDThGL_nTxG4cBNzv_xu_2W-1Xv_k8-sBfx_BaqmWk6RuKvJZTv87eMK84KhW967kww8LWKk7hTnWgTNI4kR9CptBBm2lhsJKf9_7vhC0BcHnndQVj1ckcKQ3seQTpS1mgBvvLyWpNFdzOMVRBkpJU7jGsS9TXecE6OZPGU5KGSnoDuoNP12E3RMTSqy2u3_fcTyHHXbV0IBva-h6b_N-aOgsGfjvcRyk82kCmpkr4IgkC3SENXoFw6MD2TsD1I0wgcWKKiPjVophczll5ySicmm_aRii6T4OCbfvQW-YPNsEPjYc7ZW7BI-nj3E_lt0fnM-sWKNKfLGQpGDINAZaCNzk4u98-n3xgzeR6CB5iERCzAxVY6tGvkQg0Rn__-nsry3IXPRPsDR63EIey5WcHZsHVqSr5j8zwVjx40AWF1MakhkLGKfD_hCGFhj2Nn3wmSt94QbHDVDInwiazdaIGGFTvomLlhFeIHmJfqty6STip9ddE9l1HtrGtGfGcvP9W7xqBGunH8Rd2ZfMOOY_By5uEXxej5Av4u5RoJZZl467E8uN9_SM70IFHuvLrRnN9hKHaOf12lLbdJ6RQDcLP-xDK92vCUIPUs-62Ex2_mRK0Go6j1LHZl-BZqY2Qp9MW3gE5Ig1J0B4EK0Bg
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84A7 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=3907127774061165&bg=!MzClMHPNAAXB_3NtwTsAKQB2-DxaR_Pp6LSovOFeySG6ruAeJNiHATNBf6TWMEEa9PcMHU4id56FAgAAB01SAAABRmgBBwoBMbKTRSt0lbRHNWOvTDONE8kcpLky2LCWDTkGiZMpT9EPcKVtBAos9ZzYo0nOlDhbFGWWRyMUKaou1K9SPqi4SFtg9TY0QLD44KqkvFxXdeBLtqeLgaFwDZUHEUcDL9jGkx0PhO4JENSP0tHUR2EKE2CxrRIRwG_7DOR2cAJr5iRe1hcbew72omTWks6RNzbnT6eUtnKIuj1DQsmbsuhJddUdrVEVXhbWdSHqiHTGXRa983qcqLwbi2ZvNObQO0NnNGZHUN0ZObjvC-uOsUUOOGvIC_0KiQeBLELRnq-loMS9cKjbmujFloBy64InwWq8GvcA9TUXz1QM4lyhJfot4b88W--RdoxZ6jJDUAJFxW7wAcdhpPL3RKyb6X9paGL3kqZpd34tYQhePMVLvOkf67HrmQH6NBjdgbiazYq7U0gMgHwGB7hjP-bMjj23GO7CpekEH6d7brIO6PCMoh6j82NAVDoQOaTfwmWALzbhqQw9I68OGrCIigZLDjBf2N8VZsz6I_ZcPsEKp244L9RyRDx8gGmGaSEeH7AlTe3yi49jq8eOpnOTaHj-Xaz7ryFjmjmLKk3wIPuh-jeHsB9lWISMXrs1GROpLzSAAepsALdYo1110pQ4YvuVxMwbAZ11qs3wMugd-npSuOh2sJ-iUI4JN1ZPojJtuY1Pio5y4XTOnPMHKOHMiRbGiYSvlnjf8OOTNRXgy8oTgzBHmQmCdILqvRP9NVl_Ew8h8MlXkhnafTgRDcMPX065UQQwgmLcxkcklNsAxAvSzyROoE5S45NZm02rSQmyc16lwPGSPZijcGB890AVCKLX6xmKjnIGffnq29e_kDqwetnXfaXZ4EmgdufeFwbNuCX03slml1awUtaPxa0vyjfwY-PmFOzAxsRZdWiM3JO7dIlkhjgu6Y1Rfg5t3GRCXM1Gu98JHs-FvEzUYHN3QG97TvaoiwhmvTlfSfuWRfuAY8UuiC7F7tdsvfwC6Nk7K5yGidKpyduDKC9JlCPhCtd2IQ-l3E2vb07mrjCj8Ea_DQIv657BtxTXTMVPW6QweCXfPfzhNZ8prlVvcmsZi1ZKtaGefTM
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
pagead2.googlesyndication.com/bg/ Frame 2996 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 23:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
30276
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6224
x-xss-protection
0
expires
Tue, 01 Mar 2022 23:53:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95F6 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=1919424049829594&bg=!jI-lj8zNAAXB_3NtwTsAKQB2-Dxaahn8rDrTroajnz_m7Gt8GuZx771owhn4jQMfdnYeEKyrMvTJAgAAB0BSAAABRWgBBwoATTTQLApNDDy0pMQBv4EjEQdqnJrkgnye-9soRLD4ZlrsprV0je-QPw3hek2Z0TdFyeHM0872hzr0x2V8fx2-uAmea_n7tngsaxEBHvi7mQHsRB8DUScAfrchslR1QtHi5XUMIJGocPBaxNehv3cyxeRJm142gJLc7obWRxLLLvCohTq7xjsrRMiNdyZzwSRkqm5tOcJd9m0fZ6ZD3hxjny5jGACHV6jUeiipbHyROr_v0yqk5BvKVzwoJbmgjFz7eUDjqFdMfTMsicLW1xkTVKYBBdtaU9XhxHgy_h6C4PSGPe1J8gdJQZmWl2uoVcS_lIyx-0m46wZzXWa9jMmUr_zjGtZ0FwhG3qQXU-MTGXTNz9SnGLbCJGxMOKbwACdLuvHjvlQTU6JG5OMLnWTDqYZYTZ_sfJ0cYscSz6N-pX5dIiGnn7jeFgf0Bc7zvoIZKSohqFnCczdVgGy2zZvntRcCh1ssdQFPx1tVWMQ-3KB049kjerqgkT0V3mHyxXQTsnFk2lapBWjHiRsHgggtKNeQVia99YOTBeW_Y1GApGn_3Z2SSG0JCKLEEw6qpx-Weyow0xRaLzth7nGBZV6Bt5F2pz4f7fNZX8zsgIE1oOG0DyDCa1DPZ_Q1U0BydqdCQDRzaqdfphFsECqiXoEqsotOpeiDFtsDU445s2U62uOQAnFkwOjoi8FkO0TCz9OaFHQZYD9WDENxnn8PKr9iyC1u_FVXevl1Ed-VXW7EuB0vf4tz7TVhe4Iw3EMS
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D1DC 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=1587338410190581&bg=!_f6l_r3NAAXB_3NtwTsAKQB2-DxanQnofCtad1tmucOvP4bCXapB0dUzHM-nUKlMvz0fkL-yin3yAgAAByVSAAABRWgBBwoBIMon7KJzE9xReT2P8SS3msqDRHe1qmTLGyNqUPO7RDp5i4cuuXC5diXnIca_7HkfYiYP8LdO1BSxQ6lx_cydqVFl2N2mlrFMfBwscht84fDZrr1Pbz3acqci3qRQE8YW1QCFOEJCeiofefFJHXNlpzCSAjBeWMj5Ee8JRQALB-VZnoir_u4P7a-AQnjVFMvv5IY5xYTXKazJZ9yvnWyMuIoeTJzADz0EG_mvAS9XtKAJgcJnA-xj1evJMJpDCJG7x-Pi0EGu_q1qm1IpXEnitLz5vPV5rBDpYoBxw2OzI5048SVlWKoa0cWe85DSbc3PZiig5k2_loAA4R1hYwgC5Gch5V0Gt693s7iFWlwrxn8yoWJHB9F5f2vSztGNID4BdJkB71H01EEaZPZNSmiAoE5mJIg-trO8RXoXibKhITQjC11SPX1mpIb5PFRrAi3PoQyqfKEaPRge30QTc7kZ8CVZeeXW2VI0_tl_nkg5Rl1T0XWf1pgCNGwL5JUU9ZdBKzxd2hDW6u6RAaeuvfkLSPYQn9kZkI9etaydTGTL0PyZQt8_VJhfOujfIAn0t8gRFqO_cqujgHfzVVzyeOr3sdIHFOEB8F6EKfAJBvj3rfcnviW354sChNNXBspUbzP6fbkJDBqR5QR93hj509D3my8PplID2tvak681CF_nJrkAPIC-t1-Jshhp5hvFkWKEb2jNi-txGWv1Fo2ofiyLfPpAp8gauJHThgoQ6EiaXzsC4yi_wmVXT67l5B-ULRwkpzxO1VqqB2VGXvUhVQxiTPt8a0Foak-HBf_GhcM72jGQOtF4Xk-MNHnboxl6YmXQvvZCecjtE-sVMn6uhEf37M1u-Zii_vALYzJFiV2WtzFb7goiT4TVqNJW0Twp8ggUOJXdK9LORVQy_PFTbUNZAJ0QzaviFrmqdpYXLQn3lHqcfr56QYtMIwhS7Z9ut7vxAxPLz3T06-4W014tr4yqk2_wwUblIHs5gXd8kHOwYtfMHDmIbCixoqg0yyL7lUcthoFQsYC4AUYhFr4vJefFZ_Qp4A
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F034 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=2385853676457498&bg=!fX6lfj3NAAXB_3NtwTsAKQB2-DxaXxUips3EHnujDsDx9oGELjlsFcCGg4gO2t3Ym0xOJZmnsOs4AgAABxRSAAABRWgBBwoBgS_esn9raOGHWLhCsv0w6LStbaV3X7p35YuIZ7rciaDjSkRBFEFgj8FtmgYGYgO4AmVyUeGZmpdlFDVU3fIzaodoqGzRqPl9vVkAzd6yLAeOK_EmbyuQs_IJtQqfCNSH5UqZXhVssALwe6bjKc3mMTZorHQ8T-21n8P0vsk1AJ2KgWsIk83wX_Q2JI_U6sJZkaKYKKIVmmHC7dcGGSaoi_bVRzEztmKlvoYR4zH8UQ3jGyRB3aOET3jSHnfO-7boJJyGNPWtETLvqTx59Jus5lzt_ElJnDOpSeJypr0wdSOkk9fVQJsKAuno7TlZ38koesWK3zX3V1Rk1HpQNipdNt1XgOEgWDd7HiVjY67kEICiBpTWf2EVHy3Oq2ibKu22EytANyl5peB_TJprXgTNQRfOr9IpRTUS22ijJd4YCCEXzxhAYMXSzyfndVXnaP722PkRV-NCkwjWfb9VTAWJmovP184sZiHn3arwqFhjUYQCkaS1LMpIfyVN0ToD45k_lzaZAezjSUYkuwK-nRUKUgsa3Bh6ZwadVy6741h7ahQ0mhcU0Zg82iBwgwieXmwkcFYQE7xJkC-vg9ool7J6Qd358_loCowtAIHDwc5kbDoscxoVyRA_HKUxK2HffawqjehfjaeXaEHWTFTRJkHpFDU18gxHLv5BRlytFP_UOMRam-JzZFdUr6FGdXYi1oinFhuJBOz39EQNbQvwvEdL1VzfiJjulH6CUcsBJOUkcUVjI9KiFFq1eHy8t7qpEb1Ipn5CnSzzIx0YhFiG_xr_k6m1QQ5dlYfoE0-q457H4EuMCAflwWbRMWUv39vY42p6x-ivCl2DmLNP82Cd21bO9L2Bp8ReMhADdLGshf9Uo6M9XhLUarhJzErySlURmGAOgWS3KkvfOGmopwovts1zsN5ia8m8OgwEBvXAhyr4zPbqgsYzq-yM7dhcuDWgtdLI5CAv8j7PPDOjEQXYQO6kNiUt5mIF9aB2_g4Go8HfGdwwbSUOMISqhuQqBObC9QAWAHbHy8Xj1GHCloeSQdn8gXAnBWMlCOpM1rts11_msh73oFKaTFZBcmE_bfH_dwsjv2ulj8sYDKGmt2YsDUryXkKDdiYuNduh4zXXY8HFD3_EJzg5Wh9NHF2XUTl0wA7L_PL7dIaEXGYZ2j1mFg5MVlc
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 30F7 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=2098651799361220&bg=!ODulO3jNAAXB_3NtwTsAKQB2-Dxaji4j8p-FhXTbKwFPZ3qPMAswKlS9eG56i_Lzdx0R4idjX1FsAgAACDlSAAABOGgBBwoBN6wEVwHduB7MBpBQ8qHacnuteuDWIOeAN71OCTbH8DqJino94hXPoz4CKWIVGWhzLHX9wPRkJJbJ4YuEEXOnmV715eBh7qOJBPu5ycsUb_xI9rwzzC-TBOq9S8mWHFXnEKfuJjCBPbc80p9jLaWNPepTzQ4pKL8EprTAarL3OqE9pRWRrmejoB9-3sO9eaV-DlMiXjD3caiuzryDz9ygcK-_H0wcGcn5xs_UZTFfPmsd8wTV6LCGSu90LaxNVCy1bi88RiQz58ABFVNXkBbZcxESGSPw32o0DBX-W9Z1NLzEtLaZVf28rFt2S1ifpnY_6N21YBi_CaCjZ4tqWrYvMzhjeSA-E4Jp29BRM0a4GqVQGcKaW8Uq2NOVm1uFyezeXvlg-7qLMrtXyePFAcwyuou7z4vyaGOWmQIdbArNaApf_wum_vrPwfde_GAzTQsAX8DXBSS0aoaU5EQDnjD9wtwy5McJ7TM_uTqI9syOKQMc9GucLgXOQ6PGAlnZ7yY1JUDh5rFyHnelmozu_zUbrj0p2GyxPwCsOBI6h8BlKI26hwpm9D747nV89Wr_cJWFF_AE9VjI48RwkC1XeFvpyzSa-HD7PudtiYeA-VxDk-l2yXmJbXkpSWkTju2QgJX2-2Evj1OhEwdnSwe1KR0BHECY4kUKAYTzUDyRxE3SbT_iRcDu5PZKlJepMhocJiTU9ZnhFu2z9O6F9iR3ICUP5fqdR2__9PXYzhZGBVLbj2PtBycJDmTZwSac8Eg6bBlbanW17yH-4I3LeQWJ9BdtfMLomQz4CULo8AvWeL7GnIgwuQSFG8yO7yDfo3zUeJX53dqohpi1C6wY4wsV1O59e633oQmPoujiesCKHcDwalrT5JeQ3ztDZ4CJC87rjaM4idXivbs5kuNPy6d8iUUJgHk0Mti5fckb97nQAZOHfnWWPmIegWc9S4Hfxf1eKC3KlMOVW-1Xp06IC_ZAZPHtdFwZuG3iJ41Fg2PWHI8QQB2Nnah5zNhy3J1St85f1zDvsfOcVmWh2eiRmsBZ9FEpcVNR-aKUXl75TH3DSgtyAQ8Y_yy_9deIywgqB_048KJXW5kyTmdEsILEzx0n0ODJt4MvXdVrBdlI-3D-JH-wvX57pztidhPf4A
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 66E7 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZMSnNC-Ri3o_1SK8v24sfcPh5mjn1upUOpcjV6GQ063usp5yFV6vzGDJ7mbV_CduyQ5P11_awyR43ZBVtkeiYgL-BBZ1m_sqmVSMvY5FXhyjCeQCq3kW5uclIxA&sai=AMfl-YSlb3cO7knbZO0Re-Ncco1ZwB9bu2ICQtr3dVMTODyxcpHJRL2IdUlStBel76DowOr0i3u0XlCfMpuBEMFWK7ps9RK5q-N8GMyoB7eXbQhxexmWIZLE0MV1UjiScuUu&sig=Cg0ArKJSzGpRwIYKqyfzEAE&cid=CAASPeRoRojY6FlqQ8uXnoHG5KZh6gW7JfcTrNcHpATPri9Q_Yp6bM1oQAjnKy9Hxnzcl5vuxOiunqjPPpno4L4&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26tos%3D2254,0,0,0,0%26mtos%3D2254,2254,2254,2254,2254%26amtos%3D0,0,0,0,0%26mcvt%3D2254%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2254%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D587%26pst%3D519%26dur%3D17020%26vmtime%3D2087%26dtos%3D2254%26dtoss%3D1%26dvs%3D2060%26dfvs%3D2060%26dvpt%3D2060%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D10%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D1614673112308%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2254&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1614673109029
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2996 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.444.1&bgai=ByACq0vQ9YNbQAZPH7_UPuMCCgAwAAAAAOAG6BRMIzvilh5aR7wIVf-S7CB1Wxwff&bg=!YWKlYiHNAAXB_3NtwTsAKQB2-DxarHR8fhKsE6e67byvccxLh8bZt4xZghFHQ-aIqJUFGux79w89AgAAAWVSAAAAXGgBBwoBSKOwal3kE0xKdZEznmst4YpqV3n0gSIF2-Is-WPM0SGsTN96DxNomfLi-cGOY7QwKRg8fsDsGuDc_IjlhaxTwqNN_Bths4LjYN9BBu0dScZWTESo6vxfoyRLsV7YGJe4f7nyDYC8YPWUHkiF9la-QQlLOM1fNLGHJsC8Qpmn6Qe0T_lJ6LWF2aAwC7jjn5Y1bwvRqRNYmcUItXUt2N0p9tBZto5rEwj8fqAiWZMj6USsGiKZAgjTGpRb_kuwKQRjrGbpV33eDfbIBrZywsVaKO6dRVVi6M-6lKC-LiI58XOQQKV1qFB7LeRwGL4FrhyG6YfbzdwWLUy5lKWp_iqIBnUit8TAYRK4K3DXb5qVdSPiN5cgKlfG0A9bAxSOgOSE1LUilrvJHOKv3MNKHtm2OyC6thVLpwH8icM5mZi3BNzC68FO-Zjnm1aZAiD35fCImWbIHf0lVCDQ5T2bnPrPlBv9zbBJn-3mwPWGT1geaHKuzHOnOWFklRbswrN0woX4D0d_aDOjrXzWuJajncE3l65_7Jr1bj_-T0vus2JFg2GaeoiSBZ8W2fEZ7iW2Rg6XOC1tt4-veZatxqAeDjIX4JmytMuz6giWW2WpL27auz9r0WjJA8Yn10HZor5aMgnodPkCfg4lzocLdjyOEKCciTnP6uxY-GQNU5-Ff6XyKwJ2RHhEe6TxdW86rBLQiK8yLEIML6ieH2NkFR2w3LWdTxw29KZfWfAVBPFdumJPhOSieWU0AopbQU4I1CCQMKdILBPuApiA5D49VWcFx3HdA66MCjcIMh0MYRRYBZHOpA4Rd8ZNPpq-3e2tupevx79ljPujihCnZSpZXCUVkTdiVbTMq-M9LUbH-0XQZWZ_TPOYH94ij6Nx15K45AoT8-NUedQxHsellXGQVUxXtaXPVydELr_oalw8quo5Wm8kRnwtjbM68tkhFWE2IuJ62tW8JNgAriY6zsGXTcqT7v_1nkAwzZ4uF3HkHkBCfWZ5AO4wLDvtXPeG-7y0i67epXCEv1v-5ZYZ1N3Sy1YO6gAGnc0XaEpUAwx9yDZw3DFVN51NgWPEQZCWLdKbQXMqe7MsYtxGrcXtaD6bQ-Exrv7Qu8nl4xLFUT-FF-_XimLZXXbcZxj4NZoJUcVfFQe5vniCY8PQWWJn5fAmquOn
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame B013 		28 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/UjVVh38tC1g?rel=0&controls=0&showinfo=0
X-YouTube-Client-Version
1.20210224.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtxUldNWG5zVk9vcyjN6feBBg%3D%3D
X-YouTube-Ad-Signals
dt=1614673102804&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C215&vis=1&wgl=true&ca_type=image&bid=ANyPxKrdWJjFmp3c4g51jDkMZBV58QFeWOEU9A3-ubW9DjwoV-3IRfyICUFU2GEoCRA77bAwUX7za1UHCb7yTKzzMWWTTAxd5g

Response headers

date
Tue, 02 Mar 2021 08:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:34 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQKbz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHYAKA8gLAdgTDeIWAggB&sigh=Nw3CDhHYaU8&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&label=videoplaytime25&ad_mt=4460&acvw=sv%3D889%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26tos%3D4355,0,0,0,0%26mtos%3D4355,4355,4355,4355,4355%26amtos%3D0,0,0,0,0%26mcvt%3D4355%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4355%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D850%26pst%3D519%26dur%3D17020%26vmtime%3D4460%26dtos%3D2101%26dtoss%3D2%26dvs%3D2101%26dfvs%3D2101%26dvpt%3D2101%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4355,4355,4355,4355,4355%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D20%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D1614673114409%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4355&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1614673109029&sdkv=h.3.444.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUiAQDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25IiglQABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQKbz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHYAKA8gLAdgTDeIWAggB&sigh=Nw3CDhHYaU8&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&label=video_skip_shown&ad_mt=5208&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26p0%3D995,1250,1200,1600%26p1%3D995,1250,1200,1600%26tos%3D5104,0,0,0,0%26mtos%3D5104,5104,5104,5104,5104%26amtos%3D0,0,0,0,0%26mtos1%3D4355,0,0%26mcvt%3D5104%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5104%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1050%26pst%3D519%26dur%3D17020%26vmtime%3D5207%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D749,749,749,749,749%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D24%26emuc%3D0%26emb%3D24,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D1614673115159%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5104%26ss0%3D0.03%26ss1%3D0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1614673109029&sdkv=h.3.444.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUiAQDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25IiglQABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pixel.advertising.com/ups/58246/ Frame 317B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-153-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:35 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
Cookie set us
sync.go.sonobi.com/ Frame 58DA 		0
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D60%26key%3D%5BUID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:35 GMT
Content-Type
text/plain; charset=utf8
Content-Length
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YD303; path=/; domain=.go.sonobi.com
Cookie set uc.html
sync.go.sonobi.com/ Frame 5669 		571 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:35 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YD303; path=/; domain=.go.sonobi.com
cookiesyncendpoint
sync.aniview.com/ Frame 98EE
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USE...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BP...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=3e16684e-7be4-4df3-8475-d209a6de40f1
0
0
/
onetag-sys.com/usync/ Frame 2704 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
user_sync
rtb.gamoshi.io/ Frame 9332 		42 B
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.58.174.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
rtb.gamoshi.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:35 GMT
Content-Type
image/gif
Content-Length
42
Connection
keep-alive
x-gcontroller-pod
gcontroller-stable-7c488df8c9-z426r
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
content-encoding
identity
9481057
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/9481057?_fw_gdpr=1&_fw_gdpr_consent=&cbb=4673115265
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ab7a2a638641487b31362f8c17aacdc746ae082a4cae1bf914430f6f084041bc

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1088
x-sticky-vk
1614673115300035-104
Expires
Tue, 02 Mar 2021 08:18:35 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 9A74 		261 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:35 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxo_USxqPpxAQGelmQbWsoWIAWQ3iErcidk15nSImRqSOBCcAfFRsLSCvfLsiiVeQN6Ejal2E644HKroopGP9TLrnzSlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
84286
last-modified
Wed, 24 Feb 2021 08:53:00 GMT
server
UploadServer
etag
"4b0d193eafdda7f38974bf68ea2e62a6"
vary
Accept-Encoding
x-goog-hash
crc32c=LGMRCg==, md5=Sw0ZPq/dp/OJdL9o6i5ipg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156780497939
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
84286
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 02 Mar 2021 08:23:35 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5d515eaa28a061621155fc41&e=request&cb=1614673115270&asid=5dd536f328a06160b821778b%2C5f9b13dc1c4ac8144551fb77%2C5db72f5728a061494f509df7%2C5f0a552ef7c28446d12c40e5%2C5d92085028a061660926aefa&ofpr=%2C3%2C1%2C1.5%2C2&fpo=%2C%2C%2C%2C
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/211990/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211990/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.guatevision.com
Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:35 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.165.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a98327cee1caf872ea543afd98f791392f49b318a24e6aed04312c279499fdce

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:35 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:35 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid
570384c5-ac34-4f06-9952-ef5d7e8cf25f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12557313&componentId=prebid&componentSubId=mustang&timestamp=1614673115345&pKey=1097749034&loc=https%3A%2F%2Fwww.guatevision.com%2F&playerSize=480x270
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:35 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1614673115300065-104
Expires
Tue, 02 Mar 2021 08:18:35 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5d515eaa28a061621155fc41&e=bid&cb=1614673115443&asid=5dd536f328a06160b821778b&ofpr=&fpo=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame DDD7 		327 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
032b2d45a9f92ee935c0529aba9168c57287f2f704e6c55bed51aec12bc8dd40

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 03:02:41 GMT
ETag
"1612321361"
X-HW
1614673115.dop213.fr8.t,1614673115.cds215.fr8.shn,1614673115.cds215.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
112981
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame DDD7 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1614673115527
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:35 GMT
Last-Modified
Wed, 03 Feb 2021 03:02:41 GMT
ETag
"1612321361"
X-HW
1614673115.dop156.fr8.t,1614673115.cds098.fr8.shn,1614673115.cds098.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b5e6d3f2b39beedc9c6be9a762899865&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g006_6934968222656125315
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YjVlNmQzZjJiMzliZWVkYzljNmJlOWE3NjI4OTk4NjU=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOmn059PbhbdLBqms_pOjfY&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=15fede90-59c5-4e22-b268-668391aaf74d
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YD303...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YD303AAAAL2_2lLS&_test=YD303AAAAL2_2lLS
  • https://c1.adform.net/serving/cookie/match/?party=18
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9141423018933765955
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=58f1603d-f4dc-4800-a5e3-add9e6f1379a&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACwik7Ae-oAABFRpQWLRw
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/b5e6d3f2b39beedc9c6be9a762899865&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-gVt.Kjh1lwTm_r.nfJDyZwJ_K0X.Rsfs1SGW89cD
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame DDD7 		0
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame DDD7 		67 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=9481057&_fw_gdpr=1&cbb=4673115265&_fw_gdpr_consent=&vav=342c7c8e56fb0829d1fe366963df7117&vaviv=db6e13ba6104f8c1f66ad6ec48e8c593&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.7.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.guatevision.com%2F&playerSize=480x270&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:35 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1614673115489079-155
Expires
Tue, 02 Mar 2021 08:18:35 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Mar 2021 08:18:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame AFEF 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BUdV51PQ9YM7PHICNjuwPza-S0Av3n5fkRQAAABABIIWn5z84AFjitJajgwRgufjHgNwBsgETd3d3Lmd1YXRldmlzaW9uLmNvbboBBzF4MV94bWzIAQXaARxodHRwczovL3d3dy5ndWF0ZXZpc2lvbi5jb20vmALoB8ACAuACAOoCSi8yNDU4MzcxMjUvcHJlbnNhbGlicmUuY29tL3ByZW5zYWxpYnJlLmNvbV9WaWRlby9wcmVuc2FsaWJyZS5jb21fVmlkZW9OZXcx-AKB0h6QA4wGmAPwAagDAeAEAdIFBhDMx6mfFJAGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAYAMAQ&sigh=53nJ-GrQGt0&label=videoplayfailed901&acvw=&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU0MzQ0MDE3NDAyDDEzODMxODAyNzM2MkD-AQpLCAESEHZhc3QuYW5pdmlldy5jb20aBVZQQUlEIAIqBVZQQUlEQNoBUiIQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25IrC9QAGABGAE.
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.xml
video-ads.rubiconproject.com/video/12948/221994/1092244/201/ Frame AFEF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/12948/221994/1092244/201/vast.xml?tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
f372dc8cdbdd3080e2f2ab1d66fb9178ff27b6e8dc181917af4836c6e9edcf53

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:35 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
944
Expires
Tue, 02 Mar 2021 08:18:35 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Mar 2021 08:18:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
csi
csi.gstatic.com/ Frame AFEF 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~klrqoh2m&c=885621000075&slotId=442810500037.5&qqid=CM6JvIiWke8CFYCGgwcdzZcEug&gqid=1PQ9YP-IHMSPrAS26I7wBA&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&met.4=err.klrqolr0&aec=901&vmfc=3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame AFEF 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BvWEM1PQ9YNGwI4CNjuwPza-S0Au9md_gRQAAABABIIWn5z84AFiapsefgwRgufjHgNwBsgETd3d3Lmd1YXRldmlzaW9uLmNvbboBBzF4MV94bWzIAQXaARxodHRwczovL3d3dy5ndWF0ZXZpc2lvbi5jb20vmALoB8ACAuACAOoCSi8yNDU4MzcxMjUvcHJlbnNhbGlicmUuY29tL3ByZW5zYWxpYnJlLmNvbV9WaWRlby9wcmVuc2FsaWJyZS5jb21fVmlkZW9OZXcx-AKB0h6QA4wGmAPwAagDAeAEAdIFBhDx-rP8E5AGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAYAMAQ&sigh=574hs_IVL-k&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.444.1/vpaid_adapter&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AFEF 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2HL1zskuw7d1qouB1vR7SbJvwPcI1QIiFOBGFg2Zf3ptY_I3xOpHje_KavYP7gJwtFl8UWJeZ0JhccOBifZKMnJSFh6KlHmlyl1SytnPVQL2CHQHVC7rKSHbhuDBIL2AFrzVDnzLRzvf-HFQdlsjC6uHw0fj9TW947l6aLXlFMeopLmFXC4wrNfGAS-zxUnr8bYZGojoVS9OsL3PIxlgh_A5NncrPICQHk6YOlhTGxN14_71ozJ6jQw9PvFUp-k4ss0SFSUaSj9T96VzBmEIB0SOYMWRLfIKos6I9btdVjrimY_D-RHJPSwIkgk2UopbpdF6WDWqdkPVoGcuHnyjs5by4fpNMiyK9vN2nmg4qZ5OSLJkC9SnAhEZ2&sig=Cg0ArKJSzMBPEgZVslC6EAE&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUzNjExNzE4MjUyDDEzODMxMDQzOTcwNkD-AQpPCAESHHZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20aB1J1Ymljb24gAioBMUBnUh0lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame E43A 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5055673d29e1896014a8c05728bff90ad50e6ce004df8e7b46dc8d38441714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
age
540
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18173
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:24:35 GMT
bridge-31030.js
video-ads.rubiconproject.com/video/ Frame E43A 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31030.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
22d16d512c307731530cc57b14148c34f80e541eaaaf0221ed3e4a372e8e933a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2020 12:36:43 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"ff43-5b57a7ee30cc0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19876
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame E43A 		28 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=221994&zone_id=1092244&size_id=201&tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.guatevision.com%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=480&p_aso.video.ext.ad.h=270&width=480&height=270&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7294727732410131&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31030.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:36 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml
Keep-Alive
timeout=5
Content-Length
28
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=guatevision.com&p=%2F&u=0-0TFD0GnRcCB9jLm&d=guatevision.com&g=65187&g0=Home&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=8434&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1376&t=-e6H4CT-MCWB1m2OMDJ00ANDi9dAr&V=122&tz=-60&sn=2&sv=BGXtiVB_Hhw3_kLzC9kRCZDL9t8E&sd=1&im=06530c4f&_
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.98.49 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame AFEF 		0
0
csi
csi.gstatic.com/ Frame AFEF 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQKbz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHYAKA8gLAdgTDeIWAggB&sigh=Nw3CDhHYaU8&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&label=videoplaytime50&ad_mt=8710&acvw=sv%3D889%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26tos%3D8604,0,0,0,0%26mtos%3D8604,8604,8604,8604,8604%26amtos%3D0,0,0,0,0%26mcvt%3D8604%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8604%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1670%26pst%3D519%26dur%3D17020%26vmtime%3D8710%26dtos%3D4249%26dtoss%3D3%26dvs%3D4249%26dfvs%3D4249%26dvpt%3D4249%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4249,4249,4249,4249,4249%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D41,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147483137%26psv%3D-2147483137%26psfv%3D-2147483137%26psa%3D0%26ptlt%3D1614673118659%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8604&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1614673109029&sdkv=h.3.444.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUiAQDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25IiglQABgB
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1d5ba3a3cea1623b81937a462b518023744393f5a7aecaa1ce284fa8ff6730c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6430
x-xss-protection
0
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/ Frame 8FB9
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
139d02d78b83bdea8eb19a02e3dab8f01fa642a8df8f1e9f02f34f52a1c29a62

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:39 GMT
content-type
text/html;charset=UTF-8
content-length
1242
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.3.87
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 27-Nov-2021 08:11:00 GMT;SameSite=None;Secure _cc_id=fb088e58708801206e3d0dbe6fa03d3;Path=/;Domain=crwdcntrl.net;Expires=Sat, 27-Nov-2021 08:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGOQT0sysLBINbUwB1IGhkYGZqnGKQYpSalmaYkGxinGDECQYPvlPgMCAABGwAro";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 27-Nov-2021 08:11:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGBIsP1ynwEOAB1wAnE%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 27-Nov-2021 08:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Tue, 02 Mar 2021 08:18:39 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.22.186
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
ima3vpaid
tpc.googlesyndication.com/ 		897 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F245837125%2Fprensalibre.com%2Fprensalibre.com_Video%2Fprensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear
Requested by
Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
699a3c1d94a30af13b6161123bab47852dc237e3bcecc3834398f512a422bb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.guatevision.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
534
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:39 GMT
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 56A1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Requested by
Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7add09a196bf556491a0011bad2ba8453c7b558b230948e1b3755a3844b4dce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
age
15
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:33:24 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 56A1 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114726
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame FCFF 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29171
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56A1 		0
46 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.7397999275220721&wt=1614673119474&sdkv=h.3.444.1&xai=undefined&url=1,https%3A%2F%2Fwww.guatevision.com%2F$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame FCFF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97575
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
tpid=4191424814974412831
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 8FB9
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/fb088e58708801206e3d0dbe6fa03d3/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4191424814974412831
49 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4191424814974412831
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:39 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.198
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4191424814974412831
pragma
no-cache
date
Tue, 02 Mar 2021 08:18:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
image.sbxx
global.ib-ibi.com/ Frame 8FB9 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=fb088e58708801206e3d0dbe6fa03d3
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_256_CBC
Server
69.169.85.6 , United States, ASN33597 (ATLANTIC-METRO-COMMUNICATIONS-II-INC, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
tpid=e4ae2731-7b2f-11eb-8b15-9e9b130d4f06
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 8FB9
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=fb088e58708801206e3d0dbe6fa03d3&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=fb088e58708801206e3d0dbe6fa03d3&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=e4ae2731-7b2f-11eb-8b15-9e9b130d4f06
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=e4ae2731-7b2f-11eb-8b15-9e9b130d4f06
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:39 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.240
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Tue, 02 Mar 2021 08:18:39 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=e4ae2731-7b2f-11eb-8b15-9e9b130d4f06
alt-svc
clear
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 8FB9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=YD303wAAAKic1FZV&_test=YD303wAAAKic1FZV
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 8FB9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YD303wAAAKic1FZV
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YD303wAAAKic1FZV&_test=YD303wAAAKic1FZV
49 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YD303wAAAKic1FZV&_test=YD303wAAAKic1FZV
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:39 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.71
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1614673120.670394,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YD303wAAAKic1FZV&_test=YD303wAAAKic1FZV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tpid=no-consent
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 8FB9
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=378017195/pv=y/amskip=Y/rt=ifr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:39 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.192
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge3.444.1_en.html
imasdk.googleapis.com/js/core/ Frame EAF6 		577 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.444.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192862
date
Mon, 01 Mar 2021 18:27:39 GMT
expires
Tue, 01 Mar 2022 18:27:39 GMT
last-modified
Fri, 26 Feb 2021 01:03:43 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
49860
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 56A1 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:39 GMT
integrator.js
adservice.google.com/adsid/ Frame 56A1 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CB1F 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 07:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2690
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:33:49 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EAF6 		32 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F245837125%2Fprensalibre.com%2Fprensalibre.com_Video%2Fprensalibre.com_VideoNew1&description_url=https%3A%2F%2Fwww.prensalibre.com%2F&tfcd=0&npa=0&sz=1x1&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=1&vpa=1&type=js&vad_type=linear&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.444.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3184881043&sdk_apis=2%2C8&sid=EDE3FEA0-C518-458B-99A0-8069489897F9&eid=44736152&url=https%3A%2F%2Fwww.guatevision.com%2F&dt=1614673120075&cookie_enabled=1&correlator=226124161040342&scor=4385952626331343&ged=ve4_td1_tt0_pd1_la1000_er930.3520.1200.4000_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7af95c142ff2fcfc699ff185f97ae638d38bfe0f14cb6021d0beaad62e6d62d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4111
x-xss-protection
0
google-lineitem-id
5434401740,5361171825
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138318027362,138310439706
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
aclk
www.googleadservices.com/pagead/ Frame 66E7
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=Ch8oz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75W...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CYCbv0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkT...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CYCbv0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHDs8inJMrCAF-nZzp16HmeBu-p0VW3OL1UdNjABKKa9rGiA-AEAcAFbqAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHZoJFmh0dHBzOi8vaGVyby13YXJzLmNvbS-xCdTLesUDBbTtgAoDmAsByAsB0AsOuAwB2BMN4hYCCAE&num=1&cid=CAASPeRoRojY6FlqQ8uXnoHG5KZh6gW7JfcTrNcHpATPri9Q_Yp6bM1oQAjnKy9Hxnzcl5vuxOiunqjPPpno4L4&client=ca-pub-2361925867181735&ctype=110&label=video_10s_engaged_view&ad_mt=10109&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26p0%3D995,1250,1200,1600%26p1%3D995,1250,1200,1600%26p2%3D995,1250,1200,1600%26tos%3D10027,0,0,0,0%26mtos%3D10027,10027,10027,10027,10027%26amtos%3D0,0,0,0,0%26mtos1%3D4355,0,0%26mtos2%3D4249,0,0%26mcvt%3D10027%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10027%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2160%26pst%3D519%26dur%3D17020%26vmtime%3D10109%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1423,1423,1423,1423,1423%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D47%26emuc%3D0%26emb%3D47,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1614673120082%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10027%26ss0%3D0.03%26ss1%3D0.03%26ss2%3D0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1614673109029&dblrd=1&uid=Ci0AZWm_Uk6ZJ8E1Nhvqp_SCu2iT9sSfSExb28zHsPEka4TR4FkcHehJSk31QFAQ0un3gQYYDw&sig=AOD64_0Za86jZ0gJSJQGpIvM8Qp9_f3vZA&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_us_-.cc-ww_en.g-m.a-2554.au-all.opt-cpa.com-newac.lp-loot.cr-mightytower11a_h_17.dt-youtube.cid-12206165757.csd-290121.-%26l%3Dloot%26cp%3D-.cid-12206165757.agid-112310717730.tgid-.intgeo-.phgeo-1001150.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-495431601117.pt-www.guatevision.com_pt.ptc-.-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:40 GMT
x-content-type-options
nosniff
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CYCbv0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHDs8inJMrCAF-nZzp16HmeBu-p0VW3OL1UdNjABKKa9rGiA-AEAcAFbqAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHZoJFmh0dHBzOi8vaGVyby13YXJzLmNvbS-xCdTLesUDBbTtgAoDmAsByAsB0AsOuAwB2BMN4hYCCAE&num=1&cid=CAASPeRoRojY6FlqQ8uXnoHG5KZh6gW7JfcTrNcHpATPri9Q_Yp6bM1oQAjnKy9Hxnzcl5vuxOiunqjPPpno4L4&client=ca-pub-2361925867181735&ctype=110&label=video_10s_engaged_view&ad_mt=10109&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26p0%3D995,1250,1200,1600%26p1%3D995,1250,1200,1600%26p2%3D995,1250,1200,1600%26tos%3D10027,0,0,0,0%26mtos%3D10027,10027,10027,10027,10027%26amtos%3D0,0,0,0,0%26mtos1%3D4355,0,0%26mtos2%3D4249,0,0%26mcvt%3D10027%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10027%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2160%26pst%3D519%26dur%3D17020%26vmtime%3D10109%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1423,1423,1423,1423,1423%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D47%26emuc%3D0%26emb%3D47,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D1614673120082%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10027%26ss0%3D0.03%26ss1%3D0.03%26ss2%3D0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1614673109029&dblrd=1&uid=Ci0AZWm_Uk6ZJ8E1Nhvqp_SCu2iT9sSfSExb28zHsPEka4TR4FkcHehJSk31QFAQ0un3gQYYDw&sig=AOD64_0Za86jZ0gJSJQGpIvM8Qp9_f3vZA&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_us_-.cc-ww_en.g-m.a-2554.au-all.opt-cpa.com-newac.lp-loot.cr-mightytower11a_h_17.dt-youtube.cid-12206165757.csd-290121.-%26l%3Dloot%26cp%3D-.cid-12206165757.agid-112310717730.tgid-.intgeo-.phgeo-1001150.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-495431601117.pt-www.guatevision.com_pt.ptc-.-
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=4037078421924708&bg=!wcKlwoHNAAXB_3NtwTsAKQB2-DxatPpwMBdNhQ9ceJIPg7G1aUd_PkdXejf0qXBzQ2gm_KckOw0XAgAAAXBSAAAApGgBBwoBoiZgmqDr17rlS8CrFdUlTyzYkTzzNk6iG3x4lyMiZJbOIJ-jt8CdL5lmbcp0G812-EvTsGHWsIJwbXwrnbiWdULANtnf-DvKX1BIeOC-7eC5-XGAlL-CAQsnK_aJg_6BxwOioX5jIhAiNla7urjN5RKoijTkByLL7Fl-bvUU6BNDQfFdtMXdlZZBPteF4lwI7C15Pg_Uop5v3RpRTS6M2ylqAmo5E1nnCiWNPaerTBs582PnOh4sOj8h5XCPQAoCdK6hwBvImcQrjBrciWwiKVg2lgprQgGpIZ5-jr5Q-S2KSUmcv70dWQ80sCeZAmU2HJZWCxmJvYuoHjtrntmtW8lmHzS3rtcy5fiS_tFW3VPMm6eJlSgblyjQ5gyqyh1idpCNQKxkIM4pFZAzsGbI5gO4wvvM2dQsE2P0zyNC3Nkm1gIVC3w5x9opi3d9vPaxSkdNPwidBBOvANMuTfN3LLqPL0oPSTJm7u8OF7MUTRm_McyzxE5lWV62QitLidOfdiWbyRJbJ2dpL5F88LdtbkJ6EBzjKWnA5kbAQgpaM0OpP-mZAc7lSKGWdlOgDQxYaNX7PccPaMjcBlZxUH2rU-JBQuQwW0oOSraLzFwU5_OIkRPQsZi26DFT3pulY-YNfJlk-AysTZFhnf5EDEB4PKN-hH6N0JRrfOcmwTGmZ4LmAUMBgwQ7jba09Y46pcUFhKwKIP-QggJPIxnFvE3pRNHn3gDkzr27XmqvJ3aOK0Ei8By9_X6BLK23jxAMmG7zAZQ_mVigw-n-D7ASpK8yinzfd6er6-_KEOmiYuTDyyC6-h29hzSHU-kenFYctjBtCj_M6KqhQPjHOn9lI_19NVmYjjZYlfpGgu_-JqrJhsR1N5b5TcsskLr2_j0vyD2FxX2Fln5JSQ-yCW4byHWZWdNKSmU7Gj8ENw8j-D6q9gsWwr8jd8i77zpmny2iWAFuX3--FMzDPYa3W1kIdOUi15eY5Z0WEjdIZqrhJbAWW7hpgbJPG5byF2m_iYVDVk_qHY5CwJmOKTbyNtSafryhGi2xqND8UYBJF_Nu7bCclbC6KAXO-9-VTDX4Nt2aw_qNbTJzjh7hTtH4XsSByw_Ez0cZlj_zNXL6MT1rosUNnao92SEJ9kf6EISGXQDNRpn2P9NuuihUrHRACvgPhNKdYZCgN4M
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
s.youtube.com/api/stats/ Frame 7076 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.109&rtn=17.020&ns=yt&fexp=44729227&el=adunit&cpn=9DyK_gBZN-WvkJwH&docid=J6SYsbETPjA&ver=2&cmt=10.109&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.guatevision.com%2F&len=17.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=83.0.4103.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
vast.aniview.com/api/adserver61/vast/ Frame EAF6 		797 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_CHANNELID=5d515eaa28a061621155fc41&AV_URL=https://www.guatevision.com/&cb=1768064516&AV_WIDTH=1&AV_HEIGHT=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d7b783a583114d10abec7cfe72d3d919a885b1dc37285f4ad68989fdb9f10596

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:40 GMT
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
797
expires
Tue, 02 Mar 2021 08:18:40 GMT
csi
csi.gstatic.com/ Frame EAF6 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klrqop2a&c=885621000075&slotId=442810500037.5&qqid=CLPBgo6Wke8CFYop4AodCCsF6A&gqid=4PQ9YIb8BdncgAeyuqb4Aw&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44736152&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame EAF6 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BovfG4PQ9YLPRBorTgAeI1pTADvefl-RFAAAAEAEghafnPzgAWOK0lqODBGC5-MeA3AGyARN3d3cuZ3VhdGV2aXNpb24uY29tugEHMXgxX3htbMgBBdoBHGh0dHBzOi8vd3d3Lmd1YXRldmlzaW9uLmNvbS-YAugHwAIC4AIA6gJKLzI0NTgzNzEyNS9wcmVuc2FsaWJyZS5jb20vcHJlbnNhbGlicmUuY29tX1ZpZGVvL3ByZW5zYWxpYnJlLmNvbV9WaWRlb05ldzH4AoHSHpADjAaYA_ABqAMB4AQB0gUGEMzHqZ8UkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4Ace0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB&sigh=EyHv0hALQq8&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.444.1/vpaid_adapter&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAF6 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvas9fvZ7JPogcx7Jx6oswUmHUzuPv9AazHh4n8SHZk5DtJBWvX4Y8C78-aQ31zPf1YLWthm94KTwZiqS-A3s6dDzyvHtG9dqdfvKfoV8jy_MqG5u1SVMh---AdzEiLLuRIlF18i42oR5qO_F_x2SDfOCPj8UcfhsKyR6uSZfzYRh724WFmwLPjCOjPbUMAe9BZ33oB29fInMI-wH9a4O3QwNl0j80IHrX4EiqgJZolBpt0_uNHM6PkWNOFD6Czy2knZs9tetxlUR3PHdtrb3WNXutUeeY3jZ76aOoWfEtEamALjHwkct-dYqKMyzCpO5AWyOYWFSoeJHcXEafNWFj5pCjAeQaraFxOJ7OCxFetb-6sT-n6kMkbNi0j&sig=Cg0ArKJSzNVKRwmEbrNTEAE&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU0MzQ0MDE3NDAyDDEzODMxODAyNzM2MkCfAQpGCAESEHZhc3QuYW5pdmlldy5jb20aBVZQQUlEIAIqBVZQQUlEQNIBUh0lAABwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame E127 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5055673d29e1896014a8c05728bff90ad50e6ce004df8e7b46dc8d38441714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
age
545
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18173
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:24:35 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame E127 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:40 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzUaSPhANsryb_rbI1PkUu-Ius70zssgT8xaYez98wiXn3nIRQKiGmhH6n-KkTskj32WeAn2eKbsG_MRp0NiDs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95778
last-modified
Wed, 24 Feb 2021 08:53:38 GMT
server
UploadServer
etag
"06ac451dcb93e2560f9563c8286b920c"
vary
Accept-Encoding
x-goog-hash
crc32c=8jEwgw==, md5=BqxFHcuT4lYPlWPIKGuSDA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156818658566
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95778
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 02 Mar 2021 08:23:40 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.guatevision.com&sn=&ic=0&tgt=1&app=&wi=480&he=270&test=&apppkg=&fv=1&proto=https&pid=5d31fb2628a06116ff22aef3&cid=5d515eaa28a061621155fc41&e=inventory&vi=0&cb=1614673120750
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 56A1 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
sync
pixel.advertising.com/ups/58246/ Frame A4CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-153-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:40 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
Cookie set us
sync.go.sonobi.com/ Frame 38D2 		0
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D60%26key%3D%5BUID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:40 GMT
Content-Type
text/plain; charset=utf8
Content-Length
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YD304; path=/; domain=.go.sonobi.com
Cookie set uc.html
sync.go.sonobi.com/ Frame EC52 		571 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YD304; path=/; domain=.go.sonobi.com
cookiesyncendpoint
sync.aniview.com/ Frame 88A5
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USE...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BP...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=fc85cfb0-88d2-4072-a17d-11482c401ae9
0
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=fc85cfb0-88d2-4072-a17d-11482c401ae9
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.56.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=fc85cfb0-88d2-4072-a17d-11482c401ae9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:40 GMT
content-length
0
set-cookie
aniC=1614673111813-999082264641-020490-004-000600; Path=/; Domain=aniview.com; Expires=Tue, 09 Mar 2021 08:18:40 GMT; Secure; SameSite=None 2_C_22=fc85cfb0-88d2-4072-a17d-11482c401ae9; Path=/; Domain=aniview.com; Expires=Tue, 09 Mar 2021 08:18:40 GMT; Secure; SameSite=None 2_C_22=fc85cfb0-88d2-4072-a17d-11482c401ae9; Path=/; Expires=Tue, 09 Mar 2021 08:18:40 GMT; Secure; SameSite=None

Redirect headers

date
Tue, 02 Mar 2021 08:18:40 GMT
content-type
text/plain
content-length
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=fc85cfb0-88d2-4072-a17d-11482c401ae9
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/usync/ Frame 2853 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
user_sync
rtb.gamoshi.io/ Frame 88EF 		42 B
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.58.174.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
rtb.gamoshi.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:40 GMT
Content-Type
image/gif
Content-Length
42
Connection
keep-alive
x-gcontroller-pod
gcontroller-stable-7c488df8c9-lppcd
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
content-encoding
identity
9481057
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/9481057?_fw_gdpr=1&_fw_gdpr_consent=&cbb=4673120830
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
59f129a30008443b36f8912e9902e972899cc39c4d7c0c2e18e1bef45c5c3bd7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:40 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1088
x-sticky-vk
1614673120754036-104
Expires
Tue, 02 Mar 2021 08:18:40 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame E127 		261 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:40 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxo_USxqPpxAQGelmQbWsoWIAWQ3iErcidk15nSImRqSOBCcAfFRsLSCvfLsiiVeQN6Ejal2E644HKroopGP9TLrnzSlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
84286
last-modified
Wed, 24 Feb 2021 08:53:00 GMT
server
UploadServer
etag
"4b0d193eafdda7f38974bf68ea2e62a6"
vary
Accept-Encoding
x-goog-hash
crc32c=LGMRCg==, md5=Sw0ZPq/dp/OJdL9o6i5ipg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156780497939
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
84286
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 02 Mar 2021 08:23:40 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5d515eaa28a061621155fc41&e=request&cb=1614673120833&asid=5dd536f328a06160b821778b%2C5f9b13dc1c4ac8144551fb77%2C5db72f5728a061494f509df7%2C5f0a552ef7c28446d12c40e5%2C5d92085028a061660926aefa&ofpr=%2C3%2C1%2C1.5%2C2&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:40 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid
f61dac42-beb1-4d39-a794-bb01534ea88c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/211990/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211990/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.guatevision.com
Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:40 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.165.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b55b95afb134533c2a70737a0cc7b83c0e9cca8282b894f78edc0d31a862684d

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:40 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12557313&componentId=prebid&componentSubId=mustang&timestamp=1614673120884&pKey=1098528528&loc=https%3A%2F%2Fwww.guatevision.com%2F&playerSize=480x270
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:40 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1614673120754072-104
Expires
Tue, 02 Mar 2021 08:18:40 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5d515eaa28a061621155fc41&e=bid&cb=1614673120940&asid=5dd536f328a06160b821778b&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 84EA 		327 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
032b2d45a9f92ee935c0529aba9168c57287f2f704e6c55bed51aec12bc8dd40

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 03:02:41 GMT
ETag
"1612321361"
X-HW
1614673115.dop213.fr8.t,1614673120.cds215.fr8.shn,1614673120.cds215.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
112981
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 84EA 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1614673120993
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:41 GMT
Last-Modified
Wed, 03 Feb 2021 03:02:41 GMT
ETag
"1612321361"
X-HW
1614673115.dop156.fr8.t,1614673121.cds098.fr8.shn,1614673121.cds098.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=9857c8b2945a4cf466f6e0fb95dbf8bd&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g053_6934968248425358277
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OTg1N2M4YjI5NDVhNGNmNDY2ZjZlMGZiOTVkYmY4YmQ=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOSqMoLhE1rSjiXUydbjfnE&google_cver=1&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YD303wAAAKic1FZV&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=99425a75-2a0f-4c8e-939e-2960d5501999
  • https://c1.adform.net/serving/cookie/match/?party=18
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=755933590036071591
43 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=755933590036071591
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:41 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1614673121519049-116
Expires
Tue, 02 Mar 2021 08:18:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:41 GMT
server
nginx
location
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=755933590036071591
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
/
ads.stickyadstv.com/additional-scripts/ Frame 84EA 		301 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=9481057&loc=https%3A%2F%2Fwww.guatevision.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:41 GMT
Server
nginx
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1614673121037008-116
Expires
Tue, 02 Mar 2021 08:18:41 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 84EA 		67 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=9481057&_fw_gdpr=1&cbb=4673120830&_fw_gdpr_consent=&vav=670c845b3496fd693f50d5d0450618d3&vaviv=db6e13ba6104f8c1f66ad6ec48e8c593&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.7.2&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.guatevision.com%2F&playerSize=480x270&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1614673121037038-116
Expires
Tue, 02 Mar 2021 08:18:41 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTg1N2M4YjI5NDVhNGNmNDY2ZjZlMGZiOTVkYmY4YmQ=&gdpr=0&gdpr_consent=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTg1N2M4YjI5NDVhNGNmNDY2ZjZlMGZiOTVkYmY4YmQ=&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTg1N2M4YjI5NDVhNGNmNDY2ZjZlMGZiOTVkYmY4YmQ=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1614673121037060-116
Expires
Tue, 02 Mar 2021 08:18:41 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=9857c8b2945a4cf466f6e0fb95dbf8bd&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=9857c8b2945a4cf466f6e0fb95dbf8bd&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:41 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=9857c8b2945a4cf466f6e0fb95dbf8bd&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1614673121115013-329
Expires
Tue, 02 Mar 2021 08:18:41 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Mar 2021 08:18:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame EAF6 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BovfG4PQ9YLPRBorTgAeI1pTADvefl-RFAAAAEAEghafnPzgAWOK0lqODBGC5-MeA3AGyARN3d3cuZ3VhdGV2aXNpb24uY29tugEHMXgxX3htbMgBBdoBHGh0dHBzOi8vd3d3Lmd1YXRldmlzaW9uLmNvbS-YAugHwAIC4AIA6gJKLzI0NTgzNzEyNS9wcmVuc2FsaWJyZS5jb20vcHJlbnNhbGlicmUuY29tX1ZpZGVvL3ByZW5zYWxpYnJlLmNvbV9WaWRlb05ldzH4AoHSHpADjAaYA_ABqAMB4AQB0gUGEMzHqZ8UkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4Ace0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB&sigh=EyHv0hALQq8&label=videoplayfailed901&acvw=&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU0MzQ0MDE3NDAyDDEzODMxODAyNzM2MkCfAQpLCAESEHZhc3QuYW5pdmlldy5jb20aBVZQQUlEIAIqBVZQQUlEQNIBUiIQBCUAAHBBKAE6B3Vua25vd25CB3Vua25vd25I1QRQAGABGAE.
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.xml
video-ads.rubiconproject.com/video/12948/221994/1092244/201/ Frame EAF6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/12948/221994/1092244/201/vast.xml?tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
f372dc8cdbdd3080e2f2ab1d66fb9178ff27b6e8dc181917af4836c6e9edcf53

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:41 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
944
Expires
Tue, 02 Mar 2021 08:18:41 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Mar 2021 08:18:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
csi
csi.gstatic.com/ Frame EAF6 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~klrqopid&c=885621000075&slotId=442810500037.5&qqid=CLPBgo6Wke8CFYop4AodCCsF6A&gqid=4PQ9YIb8BdncgAeyuqb4Aw&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&met.4=err.klrqopz1&aec=901&vmfc=3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame EAF6 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BePBh4PQ9YLizDIrTgAeI1pTADr2Z3-BFAAAAEAEghafnPzgAWJqmx5-DBGC5-MeA3AGyARN3d3cuZ3VhdGV2aXNpb24uY29tugEHMXgxX3htbMgBBdoBHGh0dHBzOi8vd3d3Lmd1YXRldmlzaW9uLmNvbS-YAugHwAIC4AIA6gJKLzI0NTgzNzEyNS9wcmVuc2FsaWJyZS5jb20vcHJlbnNhbGlicmUuY29tX1ZpZGVvL3ByZW5zYWxpYnJlLmNvbV9WaWRlb05ldzH4AoHSHpADjAaYA_ABqAMB4AQB0gUGEPH6s_wTkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4Ace0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB&sigh=2t-YvoJdigs&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.444.1/vpaid_adapter&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAF6 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZP1Va_hiktr7-3PZ86IiB-w0cod9lr-xcyn82BSKEqxRd2MwzDVD36NxYEDhGJe8VbcwdRdXUoJHGEXcxiFMNAuJ3hSjiY9BedaaiSIV343xMp8gZSacyxkcE04Sv2qdJfYVx8lQf9OzqcUant8mOK_lpgwSeXQr4NkO_rW0y8yzMAvB0DtFF8fi9CDdUDg-RYGMq8z9_E0QZOEsmRiwHnJGEhtnJMADess84NKK3WBSS-gVtiB8hpPVe-PGuVHJEQUXFbN9oHiZ5-5Y2LteHOJ-fqkcWoVGn_A-HQuvuEae6dlwZkrlWmNDbMq2p-JSUKf6adCFKFcUSDq-1zFPgNKaqI5UMTWQ-V8y_AOQbVmcvVB7UNmo0Ao2j&sig=Cg0ArKJSzFLwJsmnF4tjEAE&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUzNjExNzE4MjUyDDEzODMxMDQzOTcwNkCfAQpPCAESHHZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20aB1J1Ymljb24gAioBMUAvUh0lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame D573 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5055673d29e1896014a8c05728bff90ad50e6ce004df8e7b46dc8d38441714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
age
546
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18173
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:24:35 GMT
bridge-31030.js
video-ads.rubiconproject.com/video/ Frame D573 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31030.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
22d16d512c307731530cc57b14148c34f80e541eaaaf0221ed3e4a372e8e933a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2020 12:36:43 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"ff43-5b57a7ee30cc0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19876
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame D573 		28 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=221994&zone_id=1092244&size_id=201&tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.guatevision.com%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=480&p_aso.video.ext.ad.h=270&width=480&height=270&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=1174285756629296.2&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31030.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:41 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml
Keep-Alive
timeout=5
Content-Length
28
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame EAF6 		0
0
csi
csi.gstatic.com/ Frame EAF6 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQKbz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHYAKA8gLAdgTDeIWAggB&sigh=Nw3CDhHYaU8&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&label=videoplaytime75&ad_mt=12960&acvw=sv%3D889%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26tos%3D12854,0,0,0,0%26mtos%3D12854,12854,12854,12854,12854%26amtos%3D0,0,0,0,0%26mcvt%3D12854%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12854%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2685%26pst%3D519%26dur%3D17020%26vmtime%3D12960%26dtos%3D4250%26dtoss%3D4%26dvs%3D4250%26dfvs%3D4250%26dvpt%3D4250%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4250,4250,4250,4250,4250%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D61%26emuc%3D0%26emb%3D61,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147475457%26psv%3D-2147475457%26psfv%3D-2147475457%26psa%3D0%26ptlt%3D1614673122909%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,12854&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1614673109029&sdkv=h.3.444.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUiAQDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25IiglQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 11AD 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01c1c3258f954bd0d94c5050c4b9b1ec1dfe1a1dba77d43a3d3f4a2afb4c28ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34374
x-xss-protection
0
server
cafe
etag
18199295410799919595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:44 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 11AD 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:44 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 11AD 		205 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-4346803846097853
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
44bfa8607dbde76ea2a0efd4578a4d23559a6b4bee973b0a49dda2dd2380ab39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 11AD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 11AD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sp.htm
cdn.insurads.com/sp/ Frame AD50
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4346803846097853&output=html&h=90&slotname=guatevision_970x90-upr&adk=1056814020&adf=1174745123&pi=t.ma~as.guatevision_970x90-_&w=970&ur...
  • https://cdn.insurads.com/sp/sp.htm
152 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/sp/sp.htm
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
3a642375e7090d25cb91cf7ddbcbd23b539cfe6a5c104ed72d97a5e028ec3a0f

Request headers

:method
GET
:authority
cdn.insurads.com
:scheme
https
:path
/sp/sp.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
___iat_gid=56C199291977D2E7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-481
cdn-pullzone
55316
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cdn-requestcountrycode
DE
cdn-edgestorageid
481
x-amz-id-2
tGx1GYcmDahPivt87R9HgaB21sA7wvLkeektoaBixGjgR9K35tLjUqpqitmuH3oOcypvguRFU1I=
x-amz-request-id
8AF0E93ACD268899
last-modified
Thu, 03 Jan 2019 12:20:40 GMT
cache-control
public,max-age=2592000
x-amz-meta-s3b-last-modified
20170523T195534Z
cdn-cachedat
2021-02-20 23:38:30
cdn-requestpullsuccess
True
cdn-requestpullcode
200
cdn-requestid
83ed1f7b9be861ef8635341d059536ed
cdn-cache
HIT
content-encoding
br

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.insurads.com/sp/sp.htm
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:44 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUlmhDVymH_sJhGTvkEtob4OrCEiR2VJ-ruVTRbI7CYKymfwxVsszgmJTozkxqA; expires=Sun, 27-Mar-2022 08:18:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 11AD 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame CE06 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01c1c3258f954bd0d94c5050c4b9b1ec1dfe1a1dba77d43a3d3f4a2afb4c28ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34374
x-xss-protection
0
server
cafe
etag
18199295410799919595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 11AD 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5043336e3e03510fb3061457d0c772ce30e3bf1373449dc969158dceccb8a75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6520
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 11AD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:44 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame CE06 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7E75 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29176
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 7E75 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97580
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame CE06 		12 B
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-4346803846097853&cookie=ID%3D6380ad579c6f84be-226057d3eca60009%3AT%3D1614673124%3ART%3D1614673124%3AS%3DALNI_MbruoVGtfVF_P8qCApSQA_j895v7A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame CE06 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CE06 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sp.htm
cdn.insurads.com/sp/ Frame 3A9A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4346803846097853&output=html&h=66&slotname=guatevision_970x66-upr&adk=304258441&adf=1174745122&pi=t.ma~as.guatevision_970x66-_&w=970&url...
  • https://cdn.insurads.com/sp/sp.htm
152 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/sp/sp.htm
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
3a642375e7090d25cb91cf7ddbcbd23b539cfe6a5c104ed72d97a5e028ec3a0f

Request headers

:method
GET
:authority
cdn.insurads.com
:scheme
https
:path
/sp/sp.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
___iat_gid=56C199291977D2E7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:45 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-481
cdn-pullzone
55316
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cdn-requestcountrycode
DE
cdn-edgestorageid
481
x-amz-id-2
tGx1GYcmDahPivt87R9HgaB21sA7wvLkeektoaBixGjgR9K35tLjUqpqitmuH3oOcypvguRFU1I=
x-amz-request-id
8AF0E93ACD268899
last-modified
Thu, 03 Jan 2019 12:20:40 GMT
cache-control
public,max-age=2592000
x-amz-meta-s3b-last-modified
20170523T195534Z
cdn-cachedat
2021-02-20 23:38:30
cdn-requestpullsuccess
True
cdn-requestpullcode
200
cdn-requestid
37bd68d1509243bff7eca3642a1385dc
cdn-cache
HIT
content-encoding
br

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.insurads.com/sp/sp.htm
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:45 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame CE06 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:44 GMT
delayplay
s.youtube.com/api/stats/ Frame 0AB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/delayplay?ns=yt&fexp=44729227&el=adunit&cpn=9DyK_gBZN-WvkJwH&docid=J6SYsbETPjA&ver=2&cmt=15.015&fmt=18&rt=14.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.guatevision.com%2F&len=17.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=83.0.4103.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=15
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3A19 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01c1c3258f954bd0d94c5050c4b9b1ec1dfe1a1dba77d43a3d3f4a2afb4c28ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34374
x-xss-protection
0
server
cafe
etag
18199295410799919595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CE06 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c608b31b9b0826ddc7221755633fa221e6acc1974294dd20db7fbaa0af1582c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6565
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CE06 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:45 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 3A19 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87195
x-xss-protection
0
server
cafe
etag
3111314854812010922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 08:18:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 2588 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 02 Mar 2021 00:12:28 GMT
expires
Wed, 02 Mar 2022 00:12:28 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
29177
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
pagead2.googlesyndication.com/bg/ Frame 2588 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 05:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
97581
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6256
x-xss-protection
0
expires
Tue, 01 Mar 2022 05:12:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 11AD 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=2636599224330355&bg=!REelRwTNAAXB_3NtwTsAKQB2-DxaHmoyZVRgTLXB3MOCCTG9s8EWU2azfppdWWrLW3ro_MFU_v6eAgAAAVpSAAAAE2gBBwoAbH87JhFLNgX76mVp-kAaNKZMxcgzoRUmIGvzFfHIP6kmpTjoie4XOVlyLccY4K-SAYwLCsZ9lVWjCrDdWiIR79uoXXX807jNZUym2BN2DXxI1hkib2h6jNYL5FSCE0vFufuhzzgx7yVIwzIrN5kB8KLrbjU_lP1_qPr0OIoYE7AmN5RSuP_7sg3PIYsTvathDvyq1Q7DXI7OB8IxM3qKKfSKd5_4yF7vJZPZ0H8fsxX1oSVw4F_J6RxIOMrvAgT0WHsMvcRW_u9cKHt2ZyRV5u3XBeFeTdwE-pxkHgBrLvZdy9sDjgMiO3_c1_yNo56o8SPZxEdaHnpW7WVbVGc6khMaik1geRIEOta1Eq2dXHvO9hp0G67lEmzduM1yc0XQd-QTUmTPbmqX5zf6ftTmuFeBIKqcKzlazEwmGblBMq2k7yO7K3USobT77PDlJxbwnnsBMZtz8fOKym8361OgKzUtRjX0vQiTDNZ24l-2F9eDRJSqfQ0MtcnXgDwLyHG5oH-EbXX9aDrxLg9X7IvRZv8cAqzS65G9L6ablHSz1NapiKxhwzkowBvNjO0CSlVRdTfcJXdYy7EWNEFNN0qzz5Q_pcgJh6ksK0IzOrhl52VoELNPtH97a52lRIT4ppfxbV1a-pjrOsDuVFcBeTDHiwkACMtUacbK3KMUnHo8qRYM_FMR_Mcx9Dhwcb5a0hZiJVqEvjFQA2Bxbrgp7xWFmPQ_1qQFXAsoH1DZXUjDzeNmL96mgvUt1rLHbRtMAAtOAAqKvFxlO_BcCNiwvD_vCr2mqkAzi04C9iaxfE8gLM4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 3A19 		12 B
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.guatevision.com&callback=_gfp_s_&client=ca-pub-4346803846097853&cookie=ID%3D6380ad579c6f84be-226057d3eca60009%3AT%3D1614673124%3ART%3D1614673124%3AS%3DALNI_MbruoVGtfVF_P8qCApSQA_j895v7A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 3A19 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3A19 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sp.htm
cdn.insurads.com/sp/ Frame C9C9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4346803846097853&output=html&h=90&slotname=guatevision_728x90-upr&adk=1607279909&adf=1174745121&pi=t.ma~as.guatevision_728x90-_&w=728&ur...
  • https://cdn.insurads.com/sp/sp.htm
152 B
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/sp/sp.htm
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
3a642375e7090d25cb91cf7ddbcbd23b539cfe6a5c104ed72d97a5e028ec3a0f

Request headers

:method
GET
:authority
cdn.insurads.com
:scheme
https
:path
/sp/sp.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
___iat_gid=56C199291977D2E7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:45 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-481
cdn-pullzone
55316
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cdn-requestcountrycode
DE
cdn-edgestorageid
481
x-amz-id-2
tGx1GYcmDahPivt87R9HgaB21sA7wvLkeektoaBixGjgR9K35tLjUqpqitmuH3oOcypvguRFU1I=
x-amz-request-id
8AF0E93ACD268899
last-modified
Thu, 03 Jan 2019 12:20:40 GMT
cache-control
public,max-age=2592000
x-amz-meta-s3b-last-modified
20170523T195534Z
cdn-cachedat
2021-02-20 23:38:30
cdn-requestpullsuccess
True
cdn-requestpullcode
200
cdn-requestid
cc47e8a91664572c848990a27b2d3197
cdn-cache
HIT
content-encoding
br

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.insurads.com/sp/sp.htm
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 02 Mar 2021 08:18:45 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 3A19 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4346803846097853&plah=www.guatevision.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614602243598683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE06 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3A19 		0
0
lb
services.insurads.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.insurads.com/lb?appid=966&acid=236&s=1216&sid=56C199291977D2E7&auid=596103&ts=1614673125560&iid=m0b49007223a86f6d14bc8c9d3a2661624fc9f848b9&is=0&m=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.241.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-241-242.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nocache
true
pragma
no-cache
date
Tue, 02 Mar 2021 08:18:45 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.10.3 (Ubuntu)
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
aclk
googleads.g.doubleclick.net/ Frame 66E7 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 66E7 		0
0
watchtime
s.youtube.com/api/stats/ Frame 0DB4 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E7 		0
0
csi
csi.gstatic.com/ Frame D14E 		0
0
csi
csi.gstatic.com/ Frame 66E7 		0
0
ima3vpaid
tpc.googlesyndication.com/ 		897 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F245837125%2Fprensalibre.com%2Fprensalibre.com_Video%2Fprensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear
Requested by
Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
699a3c1d94a30af13b6161123bab47852dc237e3bcecc3834398f512a422bb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.guatevision.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
534
x-xss-protection
0
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 5452 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Requested by
Host: dkae4asr0dphj.cloudfront.net
URL: https://dkae4asr0dphj.cloudfront.net/js/lo-vslider-v1207.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7add09a196bf556491a0011bad2ba8453c7b558b230948e1b3755a3844b4dce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
age
26
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:33:24 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5452 		326 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114726
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5452 		0
56 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.5229327253122782&wt=1614673130589&sdkv=h.3.444.1&xai=undefined&url=1,https%3A%2F%2Fwww.guatevision.com%2F$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/245837125/prensalibre.com/prensalibre.com_Video/prensalibre.com_VideoNew1%26description_url%3Dhttps%253A%252F%252Fwww.prensalibre.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D1x1%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D1%26vpa%3D1%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.444.1_en.html
imasdk.googleapis.com/js/core/ Frame 8DEE 		577 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.444.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192862
date
Mon, 01 Mar 2021 18:27:39 GMT
expires
Tue, 01 Mar 2022 18:27:39 GMT
last-modified
Fri, 26 Feb 2021 01:03:43 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
49871
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 5452 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:18:50 GMT
integrator.js
adservice.google.com/adsid/ Frame 5452 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.guatevision.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9927 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 07:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2701
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:33:49 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8DEE 		32 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F245837125%2Fprensalibre.com%2Fprensalibre.com_Video%2Fprensalibre.com_VideoNew1&description_url=https%3A%2F%2Fwww.prensalibre.com%2F&tfcd=0&npa=0&sz=1x1&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=1&vpa=1&type=js&vad_type=linear&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.444.1%2Fvpaid_adapter&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2705793077&sdk_apis=2%2C8&sid=3E5867D6-B001-431D-A6FB-70AC3D2AB022&eid=44736980&url=https%3A%2F%2Fwww.guatevision.com%2F&dt=1614673130845&cookie_enabled=1&correlator=1023934872641917&scor=2308759235306348&ged=ve4_td0_tt0_pd0_la0_er930.3520.1200.4000_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8405a460a2114321645c8f40e14b19db414f69d75a9fb8c34b5353ac24bf73d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4297
x-xss-protection
0
google-lineitem-id
5361171825,5434401740
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138310439706,138318027362
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.xml
video-ads.rubiconproject.com/video/12948/221994/1092244/201/ Frame 8DEE 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/12948/221994/1092244/201/vast.xml?tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
f372dc8cdbdd3080e2f2ab1d66fb9178ff27b6e8dc181917af4836c6e9edcf53

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:51 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
944
Expires
Tue, 02 Mar 2021 08:18:51 GMT
csi
csi.gstatic.com/ Frame 8DEE 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klrqoxfj&c=885621000075&slotId=442810500037.5&qqid=CInfk5OWke8CFVVp4Aodi08BmA&gqid=6vQ9YL_oNOCpx_APoPeKwAU&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&ghmsh_eids=44736980&vmfc=3&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 8DEE 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B_SKd6vQ9YInCNdXSgQeLn4XACb2Z3-BFAAAAEAEghafnPzgAWJqmx5-DBGC5-MeA3AGyARN3d3cuZ3VhdGV2aXNpb24uY29tugEHMXgxX3htbMgBBdoBHGh0dHBzOi8vd3d3Lmd1YXRldmlzaW9uLmNvbS-YAugHwAIC4AIA6gJKLzI0NTgzNzEyNS9wcmVuc2FsaWJyZS5jb20vcHJlbnNhbGlicmUuY29tX1ZpZGVvL3ByZW5zYWxpYnJlLmNvbV9WaWRlb05ldzH4AoHSHpADjAaYA_ABqAMB4AQB0gUGEPH6s_wTkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB&sigh=HZlfwQpddnE&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.444.1/vpaid_adapter&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8DEE 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_21lydlhocYCbQy7YNojlSYrQZ7OGcsSEGiP4Z0eaQkuVPvj56Bicn3QkK3Ll6a1pDr22AZMf8G1wWuPSSgorC6IqQYaUQZg7vIF636zHL9J4b-MYLWQliSxnOMvilXUwB7icTz85G2MyaklUIMIHMTKVE51Y6Qda3FCkeAwVp-JLwfiJT5jyedlIMBccm44USHn36Jha1yj9Guw6idqJuPA99vPfdugqA-lPVM5bN5Zu1fqObLIE434d-KCwbwSjroLTLnVYmP8ax4QBRdxFmhNVrazvGa7qHue3rYkoaXQmzxHAFvnQF8OetVLSryCStdBPd1yvIrqxmkJH0jVMvzRVmsgfaVJLXTA2t-8AW9Q5ZGat42YNUukU&sig=Cg0ArKJSzKHRDVpXrgXfEAE&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUzNjExNzE4MjUyDDEzODMxMDQzOTcwNkDNAQpPCAESHHZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20aB1J1Ymljb24gAioBMUAgUh0lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABgARgB&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:51 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame C0F5 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5055673d29e1896014a8c05728bff90ad50e6ce004df8e7b46dc8d38441714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
age
556
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18173
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:24:35 GMT
bridge-31030.js
video-ads.rubiconproject.com/video/ Frame C0F5 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31030.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
22d16d512c307731530cc57b14148c34f80e541eaaaf0221ed3e4a372e8e933a

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2020 12:36:43 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"ff43-5b57a7ee30cc0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
19876
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame C0F5 		28 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=221994&zone_id=1092244&size_id=201&tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.guatevision.com%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=480&p_aso.video.ext.ad.h=270&width=480&height=270&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=1002713435480875.4&rp_secure=1
Requested by
Host: video-ads.rubiconproject.com
URL: https://video-ads.rubiconproject.com/video/bridge-31030.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:51 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml
Keep-Alive
timeout=5
Content-Length
28
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=guatevision.com&p=%2F&u=0-0TFD0GnRcCB9jLm&d=guatevision.com&g=65187&g0=Home&g1=No%20Author&n=1&f=00001&c=0.5&x=0&m=0&y=8454&o=1600&w=1200&j=45&R=0&W=0&I=1&E=5&e=0&r=&b=1376&t=-e6H4CT-MCWB1m2OMDJ00ANDi9dAr&V=122&tz=-60&sn=3&sv=BGXtiVB_Hhw3_kLzC9kRCZDL9t8E&sd=1&im=06530c4f&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.98.49 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 8DEE 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B_SKd6vQ9YInCNdXSgQeLn4XACb2Z3-BFAAAAEAEghafnPzgAWJqmx5-DBGC5-MeA3AGyARN3d3cuZ3VhdGV2aXNpb24uY29tugEHMXgxX3htbMgBBdoBHGh0dHBzOi8vd3d3Lmd1YXRldmlzaW9uLmNvbS-YAugHwAIC4AIA6gJKLzI0NTgzNzEyNS9wcmVuc2FsaWJyZS5jb20vcHJlbnNhbGlicmUuY29tX1ZpZGVvL3ByZW5zYWxpYnJlLmNvbV9WaWRlb05ldzH4AoHSHpADjAaYA_ABqAMB4AQB0gUGEPH6s_wTkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4Acf0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB&sigh=HZlfwQpddnE&label=videoplayfailed901&acvw=&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUzNjExNzE4MjUyDDEzODMxMDQzOTcwNkDNAQpUCAESHHZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20aB1J1Ymljb24gAioBMUAgUiIQBCUAAPBBKAE6B3Vua25vd25CB3Vua25vd25IwQVQAGABGAE.
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/ Frame 8DEE 		795 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_CHANNELID=5d515eaa28a061621155fc41&AV_URL=https://www.guatevision.com/&cb=60069231&AV_WIDTH=1&AV_HEIGHT=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3e9931d6aca6d1658331df1da53f77c9d3830ad87a015151d845a2773f914579

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:51 GMT
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
795
expires
Tue, 02 Mar 2021 08:18:51 GMT
csi
csi.gstatic.com/ Frame 8DEE 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~klrqoxnd&c=885621000075&slotId=442810500037.5&qqid=CInfk5OWke8CFVVp4Aodi08BmA&gqid=6vQ9YL_oNOCpx_APoPeKwAU&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&met.4=err.klrqoy6y&aec=901
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8DEE 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~klrqoya8&c=885621000075&slotId=442810500037.5&qqid=CInfk5OWke8CFVVp4Aodi08BmA&gqid=6vQ9YL_oNOCpx_APoPeKwAU&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&vmfc=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:804::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 8DEE 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BaF7f6_Q9YIxs1dKBB4ufhcAJ95-X5EUAAAAQASCFp-c_OABY4rSWo4MEYLn4x4DcAbIBE3d3dy5ndWF0ZXZpc2lvbi5jb226AQcxeDFfeG1syAEF2gEcaHR0cHM6Ly93d3cuZ3VhdGV2aXNpb24uY29tL5gC6AfAAgLgAgDqAkovMjQ1ODM3MTI1L3ByZW5zYWxpYnJlLmNvbS9wcmVuc2FsaWJyZS5jb21fVmlkZW8vcHJlbnNhbGlicmUuY29tX1ZpZGVvTmV3MfgCgdIekAOMBpgD8AGoAwHgBAHSBQYQzMepnxSQBgGgBiSoB-zVG6gH89EbqAeW2BvYBwDgBx_SCAkIgOGAEBABGB3YCAKACgWYCwGADAE&sigh=Z9aRgEOnsDk&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.444.1/vpaid_adapter&vci=[CREATIVE_PLAYBACK]
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8DEE 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuu44aHBJ85i27VSIn2d-ypawavf5GW6m8KjafyW8KSzNS_28oHu46XkRJDDRp_01tI90uCPLn0z1MsB6lDzrWTm-1uzy8AqTbxWFsbLoFpGdvyqKI8Y3XXcUHhq_DdTfc-6Ep6lyD7eN81ceFWH0CPMJhNcll68oOLUctilEYZmAEcpDrrBszrJAFlIFobc6zbx8f1u9p-HBvoOrNukbwmdfqi-Wq4vI7FVqBhqDzp_jItiBvVVlQTOrMZhNoILct2X0avKFfcN1ZaYFxj7BqK-M18Wt0OZVCw38_8IKp9yNwNu5FNavKqdmPxXAE7Q-k8214VTAG12RdYGpKobNPHSEZosB0dw4zI4-fjyZE6SuCjYtWp0-AJQUTK&sig=Cg0ArKJSzLLueOkbbS2oEAE&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU0MzQ0MDE3NDAyDDEzODMxODAyNzM2MkDNAQpFCAESEHZhc3QuYW5pdmlldy5jb20aBVZQQUlEIAIqBVZQQUlEQHdSHSUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QAGABGAE.&adurl=
Requested by
Host: www.guatevision.com
URL: https://www.guatevision.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 02 Mar 2021 08:18:51 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame B5D3 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5055673d29e1896014a8c05728bff90ad50e6ce004df8e7b46dc8d38441714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 01:07:38 GMT
server
sffe
age
556
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18173
x-xss-protection
0
expires
Tue, 02 Mar 2021 08:24:35 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame B5D3 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:51 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzUaSPhANsryb_rbI1PkUu-Ius70zssgT8xaYez98wiXn3nIRQKiGmhH6n-KkTskj32WeAn2eKbsG_MRp0NiDs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95778
last-modified
Wed, 24 Feb 2021 08:53:38 GMT
server
UploadServer
etag
"06ac451dcb93e2560f9563c8286b920c"
vary
Accept-Encoding
x-goog-hash
crc32c=8jEwgw==, md5=BqxFHcuT4lYPlWPIKGuSDA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156818658566
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95778
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 02 Mar 2021 08:23:51 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.guatevision.com&sn=&ic=0&tgt=1&app=&wi=480&he=270&test=&apppkg=&fv=1&proto=https&pid=5d31fb2628a06116ff22aef3&cid=5d515eaa28a061621155fc41&e=inventory&vi=0&cb=1614673131982
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 5452 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
sync
pixel.advertising.com/ups/58246/ Frame 9B45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-153-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:52 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
Cookie set us
sync.go.sonobi.com/ Frame 22FA 		0
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D60%26key%3D%5BUID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:52 GMT
Content-Type
text/plain; charset=utf8
Content-Length
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YD307; path=/; domain=.go.sonobi.com
Cookie set uc.html
sync.go.sonobi.com/ Frame E4CE 		555 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
1d86ad203d9f732075a57918233257f12d7689499451b75db4bf8318b54b50d3

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YD307; path=/; domain=.go.sonobi.com
cookiesyncendpoint
sync.aniview.com/ Frame 6D96
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BPUB_USE...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D22%26key%3D%7BP...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=563745f0-b27c-4029-99b5-428a8985adaa
0
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=563745f0-b27c-4029-99b5-428a8985adaa
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.56.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=563745f0-b27c-4029-99b5-428a8985adaa
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

date
Tue, 02 Mar 2021 08:18:52 GMT
content-length
0
set-cookie
aniC=1614673111813-999082264641-020490-004-000600; Path=/; Domain=aniview.com; Expires=Tue, 09 Mar 2021 08:18:52 GMT; Secure; SameSite=None 2_C_22=563745f0-b27c-4029-99b5-428a8985adaa; Path=/; Domain=aniview.com; Expires=Tue, 09 Mar 2021 08:18:52 GMT; Secure; SameSite=None 2_C_22=563745f0-b27c-4029-99b5-428a8985adaa; Path=/; Expires=Tue, 09 Mar 2021 08:18:52 GMT; Secure; SameSite=None

Redirect headers

date
Tue, 02 Mar 2021 08:18:52 GMT
content-type
text/plain
content-length
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=563745f0-b27c-4029-99b5-428a8985adaa
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/usync/ Frame 4D97 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.guatevision.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
user_sync
rtb.gamoshi.io/ Frame 63AF 		42 B
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614673111813-999082264641-020490-004-000600%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.58.174.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
rtb.gamoshi.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.guatevision.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.guatevision.com/

Response headers

Date
Tue, 02 Mar 2021 08:18:52 GMT
Content-Type
image/gif
Content-Length
42
Connection
keep-alive
x-gcontroller-pod
gcontroller-stable-7c488df8c9-jxn9j
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
content-encoding
identity
9481057
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/9481057?_fw_gdpr=1&_fw_gdpr_consent=&cbb=4673132013
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3e4ee5b2a45e4c21e272968aecb6432977cfdb537be0407e58317c35b1d63736

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:52 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1088
x-sticky-vk
1614673132012033-155
Expires
Tue, 02 Mar 2021 08:18:52 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame B5D3 		261 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:2a4::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:52 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxo_USxqPpxAQGelmQbWsoWIAWQ3iErcidk15nSImRqSOBCcAfFRsLSCvfLsiiVeQN6Ejal2E644HKroopGP9TLrnzSlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
84286
last-modified
Wed, 24 Feb 2021 08:53:00 GMT
server
UploadServer
etag
"4b0d193eafdda7f38974bf68ea2e62a6"
vary
Accept-Encoding
x-goog-hash
crc32c=LGMRCg==, md5=Sw0ZPq/dp/OJdL9o6i5ipg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156780497939
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
84286
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 02 Mar 2021 08:23:52 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5d515eaa28a061621155fc41&e=request&cb=1614673132015&asid=5dd536f328a06160b821778b%2C5f9b13dc1c4ac8144551fb77%2C5db72f5728a061494f509df7%2C5f0a552ef7c28446d12c40e5%2C5d92085028a061660926aefa&ofpr=%2C3%2C1%2C1.5%2C2&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/211990/0/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211990/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.guatevision.com
Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:52 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.165.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6e503e0425398407927281c1a68b0aaa3524072278d1c5d5a01be5ec867832e8

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Mar 2021 08:18:52 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.guatevision.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12557313&componentId=prebid&componentSubId=mustang&timestamp=1614673132047&pKey=1099503822&loc=https%3A%2F%2Fwww.guatevision.com%2F&playerSize=480x270
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:52 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1614673132062001-95
Expires
Tue, 02 Mar 2021 08:18:52 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Mar 2021 08:18:52 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.178:80
AN-X-Request-Uuid
c3b78649-086b-4c19-9d7a-c1fc5d9e0b78
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.guatevision.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=OSX&r=www.guatevision.com&rs=www.guatevision.com&sid=61581&t=1614673111&cip=82.102.19.136&sn=&tgt=1&osv=10.14.5&bv=83.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1614673111813-999082264641-020490-004-000600&cha=0.05&cb=80406202283&d9=1000&AV_WIDTH=480&AV_HEIGHT=270&nid=5d31fb2628a06116ff22aef3&ncid=5d515eaa28a061621155fc41&e=bid&cb=1614673132180&asid=5dd536f328a06160b821778b&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.92.86.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 08:18:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 6598 		327 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.guatevision.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 08:18:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 03:02:41 GMT
ETag
"1612321361"
X-HW
1614673132.dop041.fr8.shc,1614673132.dop041.fr8.t,1614673132.cds006.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
112981

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.aniview.com
URL
https://sync.aniview.com/cookiesyncendpoint?auid=1614673111813-999082264641-020490-004-000600&biddername=22&key=3e16684e-7be4-4df3-8475-d209a6de40f1
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-gVt.Kjh1lwTm_r.nfJDyZwJ_K0X.Rsfs1SGW89cD
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=9481057&loc=https%3A%2F%2Fwww.guatevision.com%2F
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BvWEM1PQ9YNGwI4CNjuwPza-S0Au9md_gRQAAABABIIWn5z84AFiapsefgwRgufjHgNwBsgETd3d3Lmd1YXRldmlzaW9uLmNvbboBBzF4MV94bWzIAQXaARxodHRwczovL3d3dy5ndWF0ZXZpc2lvbi5jb20vmALoB8ACAuACAOoCSi8yNDU4MzcxMjUvcHJlbnNhbGlicmUuY29tL3ByZW5zYWxpYnJlLmNvbV9WaWRlby9wcmVuc2FsaWJyZS5jb21fVmlkZW9OZXcx-AKB0h6QA4wGmAPwAagDAeAEAdIFBhDx-rP8E5AGAaAGJKgH7NUbqAfz0RuoB5bYG9gHAOAHHtIICQiA4YAQEAEYHdgIAoAKBZgLAYAMAQ&sigh=574hs_IVL-k&label=videoplayfailed901&acvw=&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUzNjExNzE4MjUyDDEzODMxMDQzOTcwNkD-AQpUCAESHHZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20aB1J1Ymljb24gAioBMUBnUiIQBCUAAPBBKAE6B3Vua25vd25CB3Vua25vd25IzAZQAGABGAE.
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~klrqolub&c=885621000075&slotId=442810500037.5&qqid=CM6JvIiWke8CFYCGgwcdzZcEug&gqid=1PQ9YP-IHMSPrAS26I7wBA&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&uet=2&met.4=err.klrqomhs&rec=loaded-1%7Cshow_ad-1%7CskippableStateChanged-1%7Cerror-1
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BePBh4PQ9YLizDIrTgAeI1pTADr2Z3-BFAAAAEAEghafnPzgAWJqmx5-DBGC5-MeA3AGyARN3d3cuZ3VhdGV2aXNpb24uY29tugEHMXgxX3htbMgBBdoBHGh0dHBzOi8vd3d3Lmd1YXRldmlzaW9uLmNvbS-YAugHwAIC4AIA6gJKLzI0NTgzNzEyNS9wcmVuc2FsaWJyZS5jb20vcHJlbnNhbGlicmUuY29tX1ZpZGVvL3ByZW5zYWxpYnJlLmNvbV9WaWRlb05ldzH4AoHSHpADjAaYA_ABqAMB4AQB0gUGEPH6s_wTkAYBoAYkqAfs1RuoB_PRG6gHltgb2AcA4Ace0ggJCIDhgBAQARgd2AgCgAoFmAsBgAwB&sigh=2t-YvoJdigs&label=videoplayfailed901&acvw=&sdkv=h.3.444.1/vpaid_adapter&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjUzNjExNzE4MjUyDDEzODMxMDQzOTcwNkCfAQpUCAESHHZpZGVvLWFkcy5ydWJpY29ucHJvamVjdC5jb20aB1J1Ymljb24gAioBMUAvUiIQBCUAAPBBKAE6B3Vua25vd25CB3Vua25vd25IvgVQAGABGAE.
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~klrqoq16&c=885621000075&slotId=442810500037.5&qqid=CLPBgo6Wke8CFYop4AodCCsF6A&gqid=4PQ9YIb8BdncgAeyuqb4Aw&fb=ima-html5&sdkv=h.3.444.1%2Fvpaid_adapter&mrd=4&aab=1&itv=1&uet=2&met.4=err.klrqoqkp&rec=loaded-1%7Cshow_ad-1%7CskippableStateChanged-1%7Cerror-1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=2586437195371634&bg=!CgmlCUrNAAXB_3NtwTsAKQB2-Dxa4P8NnrjkplD9Nvo6iVmckwpjqyE4vF0knxN9FFFvFCinNENfAgAAAL1SAAAADmgBBwoBWvz2SVkeWjS1EcRgn_aHrL4sH19HsrN5tbGvQEipOaUFecxQ2M9vDWJ23bOKWdjKp8anJSle59_XGZ3ApApc4ps7JiOQWLF5PdIdNbITWuCDGYmjUdFdIJUbR-I4E4T9noVL16qqxX2bopJ5AMimxhtpjlz6BoRnm9MP0Yc2_GUc56iUL6u3sfSzmNeo0V_Vx22OszwvZPZNQNqnaYMEAFm_r1xN1YDWxfNd71J1Tb-OzyeVngMiNg5C0jXmRIYLdyEEAqrUx12pesm_owl2o50_xV-GwZBsjrTJa8ebLB5HQ7VVhBrM-dEFgW4JZXA5rEefJMJiNI_IzzY5AKyvMex44b9qWnOJg76n8ZykLKMkfd670AwagNHMKwn609aLPofLqfXNFJikALcSCulq1ZtroqS7SqFGr0GG2Z0_YgbcvCTzH6aV3uDm1Bl6meWNONImMzKofTi9WWWZAe2CV2JMTron4HGZSErPOLZ4pL4fnXus9FuQxb6-p3YLM4QCbjGICX9kS6DMXTrHkZYOjvFKH2wxU-zg-tGmOmf099TVltDbJmxjkrqVjyL1iFC_RGdApX1yBF1LJGb_kozeY90EEQfk7qaeG6Y-UEIVr3ZMPLeEBqNTRLCPmek5-KRt6j4C4NcYMnfzvLgdQIeFMCUa65lYnmn3pttqHp4ELNIzuvpiL7Xi1QckRzexynZlSlv-62SdSh9tO_nz00odUpGnhntks-yiN7a1_fdCYkEY31drGhznxVLfDnD_m_PdGnXtmjsmS0l96GbYvr-i90G6ZG0Q2DUwVSbzCHFnO-RXmT_N5tR45qTiFkGlMb6g6GZxOJOPc6h6d0Ccbz8R3b5H_dsXF7sUp0b2N3BnCmgukpwrpVBJ9PcWpYBrsprE_53Tl5tmbnfv5Mi-Z3Iprdy8rPDTUJVIRBBFu5V0JVXpbG0E1LzPBFaYmAvQ80pF1B0EY-oJV_PuexdrIOIFtgaqg7OKOrGRBbkshYDI57DFvMoJcvHijXkAIpO7JHRInFM-udkrQws3I63rxGYXrGHyLkGwCzlH3o64NHxEc_NtNAA7LqtOoAgziXrew1jS34g1mdxg8iYQSjlEUwCwOH4KnK9WaTpMuQJ9
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/aclk?sa=l&ai=Ch8oz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5wFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHDs8inJMrCAF-nZzp16HmeBu-p0VW3OL1UdNjABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHbEJ1Mt6xQMFtO2ACgOYCwHICwHQCw64DAHYEw3iFgIIAQ&num=1&cid=CAASPeRoRojY6FlqQ8uXnoHG5KZh6gW7JfcTrNcHpATPri9Q_Yp6bM1oQAjnKy9Hxnzcl5vuxOiunqjPPpno4L4&sig=AOD64_3mgPsrmDTN4sPOTDtbX0TcxrjRwQ&client=ca-pub-2361925867181735&adurl=https://hero-wars.com/%3Fhl%3Den%26l%3Dloot%26m%3Dregistration%26nx_source%3Dadx_adwordsyoutube.hw_wb_us_-.cc-ww_en.g-m.a-2554.au-all.opt-cpa.com-newac.lp-loot.cr-mightytower11a_h_17.dt-youtube.cid-12206165757.csd-290121.-%26l%3Dloot%26cp%3D-.cid-12206165757.agid-112310717730.tgid-.intgeo-.phgeo-1001150.ngr-vp.devt-c.devm-.gcid-%7Bgclid%7D.adId-495431601117.pt-www.guatevision.com_pt.ptc-.-&label=video_engaged_view&ctype=110
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQKbz0vQ9YNbQAZPH7_UPuMCCgAyllNu8Yfu4hr6VDZPZldSqCRABIJyMxCNgufjHgNwBoAGcr_uoAsgBBeACAKgDAZgEAKoE5AFP0HiR3D8sZNRPrvLcMXbKbKRldBmeNLnrr7MELQJUMkTo75WpXtSB--qkRWIrfNr56oZLSqs5I147rCPpffEh8cHC3AbALk9UfQVg9TeJR6vvz_Hly6euQyArgOKy_GeoRD_PGkUX0n6tC2P0V6_jlQNr2sEJ3YZvgXeyoSGcKTq0ihXV7CB3Y-br30XxViG_DNOOrwp6YCTskgSXObXrpdjo42LDvtwnUd8xbUZvirmBXK71WKityATkS0DLE2wWCKATYmjIZI_wrMHD68l1KMKIhlE1rM3stpYHUBhHoqxxFKfABKKa9rGiA-AEAaAGVIAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG6gH89EbqAfs1RuoB5bYG9gHAagIAdIICQiA4YBQEAEYHYAKA8gLAdgTDeIWAggB&sigh=Nw3CDhHYaU8&cmd=Ch1jYS12aWRlby1wdWItMzU2NTM4NTQ4Mzc2MTY4MRAAGAI&label=videoplaytime100&ad_mt=17020&acvw=sv%3D889%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D995,1250,1200,1600%26p0%3D995,1250,1200,1600%26p1%3D995,1250,1200,1600%26p2%3D995,1250,1200,1600%26p3%3D995,1250,1200,1600%26tos%3D16938,0,0,0,0%26mtos%3D16938,16938,16938,16938,16938%26amtos%3D0,0,0,0,0%26mtos1%3D4355,0,0%26mtos2%3D4249,0,0%26mtos3%3D4250,0,0%26mcvt%3D16938%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D16938%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3575%26pst%3D519%26dur%3D17020%26vmtime%3D17020%26dtos%3D4084%26dtoss%3D5%26dvs%3D4084%26dfvs%3D4084%26dvpt%3D4084%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4084,4084,4084,4084,4084%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D3500%26femvt%3D0%26emc%3D81%26emuc%3D0%26emb%3D81,0,0,0,0%26avms%3Dexc%26qi%3D883696192%26psm%3D-2147221505%26psv%3D-2147221505%26psfv%3D-2147221505%26psa%3D0%26ptlt%3D1614673126992%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,16938%26ss0%3D0.03%26ss1%3D0.03%26ss2%3D0.03%26ss3%3D0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1614673109029&sdkv=h.3.444.1&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ1MjQ0Mzg3MjM3OTIMNDk1NDMxNjAxMTE3QIcDUiAQDyUAALhBKAE6B3Vua25vd25CB3Vua25vd25IiglQABgB
Domain
s.youtube.com
URL
https://s.youtube.com/api/stats/watchtime?rti=20&st=10.109&et=17.020&final=1&ns=yt&fexp=44729227&el=adunit&cpn=9DyK_gBZN-WvkJwH&docid=J6SYsbETPjA&ver=2&cmt=17.020&fmt=18&rt=16.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.guatevision.com%2F&len=17.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=83.0.4103.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=complete&format=TRUEVIEW&lid=143&sdkv=h.3.444.1&e=44729227&id=ima_html5&c=3393651780550417&domain=www.guatevision.com
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~klrqogla&c=885621000075&slotId=442810500037.5&ps=0x0&uet=2&met.4=hvd_lc.klrqoglb~hvd_ad.klrqoglb~hvd_mad.klrqoglb~hvd_admu.klrqoglb~hvd_src.klrqoglb
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~klrqoghz&c=885621000075&slotId=442810500037.5&qqid=CNaBp4eWke8CFZPjuwgdOKAAwA&gqid=0vQ9YM5H_8jv9Q_Wjp_4DQ&fb=ima-html5&sdkv=h.3.444.1&mrd=4&aab=1&itv=1&uet=2&met.4=ghmsh_s.klrqogi2~vss_tr.56n~vss_pp.6g6~vss_dp.hnt&rec=show_ad-1%7CloadedMetadata-1%7Cloaded-1%7Cimpression-1%7CcreativeView-1%7Cmeasurable_impression-1%7Cstart-1%7Cmute-1%7Cviewable_impression-1%7CfirstQuartile-1%7Cprogress-2%7CskipShown-1%7Cmidpoint-1%7CthirdQuartile-1%7CengagedView-1%7Ccomplete-1

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _atrk_opts object| Gravitec function| grvClickHandler object| _wpemojiSettings object| adLayersDFP object| adLayersAdServer object| current_site function| clock function| videoPlay object| EasyAutocomplete object| options undefined| $ function| jQuery function| AdLayersDFPAPI function| AdLayersAPI function| moment object| __twttrll object| twttr object| __twttr object| dataLayer object| _sf_async_config object| dfpAdUnits object| googletag object| dfpBuiltMappings object| dfpSizeMapping object| dfpAdLayer object| dfpAdDetails object| cX function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage object| email object| cXPL undefined| cXJsonpCBklrqo9wdn0m04n59 object| FB object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| apd_options object| ggeac object| google_js_reporting_queue object| gravitecWebpackJsonp object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| gaplugins object| gaGlobal object| gaData function| atrk boolean| _atrk_fired function| __tginitcb number| __TG_BOOT boolean| fifabAlready function| fi_fab object| hbepl function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing undefined| cXJsonpCBklrqoa3iwp45kfb8 function| sendRequest function| getCode function| appendIframe function| stopInsideAd function| bindEvent object| spaces object| slotsToRefresh string| data object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| im object| nvg60118 function| nvgGetSegment function| ltgc object| a2a_config object| tribe_l10n_datatables object| tribe_system_info object| pym object| _stq function| st_go function| linktracker_init object| wpcom object| _cb_shared object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2apage_init object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| onYouTubeIframeAPIReady object| _cc15238 object| LOTCC object| a2a_localize function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| icons string| svg_tag_open string| svg_tag_close number| google_global_correlator object| google_reactive_ads_global_state object| __tgconf object| closure_lm_359181 object| google_ad_modifications object| google_prev_clients object| google_jobrunner object| Debugger function| loVSlider string| m object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __tg_sas_slots object| closure_lm_236619 object| __iat_api object| __tgunits object| _mappingResponses string| websocket_server object| storageAni object| freewheelssp_cache object| GoogleGcLKhOms object| closure_lm_614407 object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

10 Console Messages

Source Level URL
Text
console-api log URL: https://www.guatevision.com/_static/??-eJydkWFqwzAMhS80xQ0r7f6MncWxtUSZbHmR3ZDbzyljlDFGazAIWe97esZmTUDRcfGoZq7ns+CyfZcuUOxmfTL/iSDQuNiMt2InMWPMJnEZKaqxHthuuFzpnwb8e3qM+K3OE4YaaSx1/4WUJBrHtE+GQux3dmQZLHdDiZ7/zHiHR5BQ+2YQVsoTsDjL2PIEZXIfjdEVdb9vINHqBrZkcRISY/3gBo9EKp5EQdEubrrDolIX8iiwWuaqfwuv/ak/9ofj+eV5/gLlRgLL(Line 5)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ads-2.js(Line 17)
Message:
host: https://www.guatevision.com
console-api log URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ads-2.js(Line 82)
Message:
resellerId: 5d6800532cdcba6e1f5d535d
console-api log URL: https://streann-static.s3.amazonaws.com/inside-ad-ima-2/ads-2.js(Line 118)
Message:
https://pubads.g.doubleclick.net/gampad/ads?iu=/184419101/Guatevision_InsideCorner&description_url=https%3A%2F%2Fwww.guatevision.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=&vad_type=linear
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.guatevision.com/
console-api warning URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61)
Message:
09:18:35,525 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-31030.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=221994&zone_id=1092244&size_id=201&tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.guatevision.com%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=480&p_aso.video.ext.ad.h=270&width=480&height=270&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=7294727732410131&rp_secure=1
console-api warning URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61)
Message:
09:18:40,993 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-31030.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=221994&zone_id=1092244&size_id=201&tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.guatevision.com%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=480&p_aso.video.ext.ad.h=270&width=480&height=270&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=1174285756629296.2&rp_secure=1
console-api log URL: https://video-ads.rubiconproject.com/video/bridge-31030.js(Line 1)
Message:
com.rubiconproject.vpaid: XHR - https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=221994&zone_id=1092244&size_id=201&tg_c.language=ES&rp_schain=1.0,1!latinon.com,31,1,,,&p_window.depth=0&rf=https%3A%2F%2Fwww.guatevision.com%2F&p_window.url=&p_window.w=1600&p_window.h=1200&p_aso.video.ext.ad.w=480&p_aso.video.ext.ad.h=270&width=480&height=270&p_aso.video.api=2&p_aso.video.mimes=application/javascript,video/mp4&tk_vpaid=1&cb=1002713435480875.4&rp_secure=1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

024851ddcc4d53e3df145ce2b2bee238.safeframe.googlesyndication.com
0bd28a3fb7462fd80e8907ee49860446.safeframe.googlesyndication.com
0fb87077e30a6b9fa4446eae7d81619f.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
2a34dcbb2fc79f908d3fb6a953154092.safeframe.googlesyndication.com
63730eeb8116fe6633fcc0426f941673.safeframe.googlesyndication.com
6d45976d15ae950b386981bbf04d250f.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.be
adservice.google.com
adservice.google.de
ap.lijit.com
api.cxense.com
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
c1.adform.net
cd00bbc51b90209ba3e508328f3b6574.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.cxense.com
cdn.gravitec.net
cdn.insurads.com
cdn.jsdelivr.net
cdn.stickyadstv.com
cdnjs.cloudflare.com
ced.sascdn.com
ced04a3d4345ad4588667ebe0a67d0e0.safeframe.googlesyndication.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d.turn.com
dkae4asr0dphj.cloudfront.net
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
ecdn.analysis.fi
fd1446388e48171d2ca8dabd8dc6d58f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
global.ib-ibi.com
googleads.g.doubleclick.net
gov.aniview.com
graphics.afpforum.com
guatevision.s3.amazonaws.com
i.ytimg.com
ib.adnxs.com
idsync.frontend.weborama.fr
image6.pubmatic.com
imasdk.googleapis.com
loadeu.exelator.com
match.adsrvr.org
messaging.insurads.com
msg-0fedcff5b8e00e8c0.insurads.com
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
optimized-by.rubiconproject.com
ott.streann.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.tapad.com
pixel.wp.com
platform.twitter.com
player.aniview.com
plconnect.prensalibre.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prg.smartadserver.com
pubads.g.doubleclick.net
r3---sn-4g5ednld.googlevideo.com
r3---sn-5hne6nlr.googlevideo.com
rtb.gamoshi.io
s.amazon-adsystem.com
s.e-planning.net
s.youtube.com
s0.2mdn.net
sakimg.e-planning.net
scomcluster.cxense.com
securepubads.g.doubleclick.net
services.insurads.com
spl.zeotap.com
static.addtoany.com
static.chartbeat.com
static.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
streann-static.s3.amazonaws.com
sync-tm.everesttech.net
sync.aniview.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.tidaltv.com
syndication.twitter.com
tag.1rx.io
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.blismedia.com
track1.aniview.com
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
usermatch.krxd.net
vast.aniview.com
video-ads.rubiconproject.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.guatevision.com
www.youtube.com
yt3.ggpht.com
ads.stickyadstv.com
csi.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pubads.g.doubleclick.net
s.youtube.com
sync.aniview.com
104.111.230.142
104.244.42.200
116.202.80.167
13.32.24.97
13.58.174.102
142.250.185.226
142.250.185.70
142.250.185.98
142.250.186.34
143.204.97.94
147.75.85.120
151.1.205.165
151.101.114.49
151.101.13.44
154.57.158.51
159.69.64.14
178.162.133.149
18.197.249.149
18.198.126.47
185.29.135.233
185.33.221.87
185.64.190.78
185.86.139.59
192.0.66.184
192.0.76.3
2.16.186.105
2.18.233.201
2.18.234.190
2.18.234.233
2001:4de0:ac19::1:b:3b
205.234.175.175
212.82.100.182
213.174.135.2
213.19.147.210
216.58.212.162
23.37.42.216
2600:9000:20d7:9200:18:1fcd:34e:d2a1
2600:9000:211e:f800:18:e253:91c0:21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::ac43:2794
2606:4700:10::ac43:db6
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6810:df3
2607:f8b0:4008:804::2003
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:5d::8
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2006
2a00:1450:4001:828::2016
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:400c:c04::71
2a00:1450:400c:c0c::9c
2a00:1450:400e:23::9
2a00:f48:2000:1023::3
2a02:26f0:6c00:2bf::268b
2a02:26f0:7100:2a4::2c79
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:1b::621
2a05:d018:24:b002:ebbe:4057:3491:6f67
3.122.165.24
3.92.86.34
34.232.56.253
34.243.1.111
34.246.39.225
34.253.109.165
34.96.105.8
34.98.67.61
35.156.153.71
35.186.193.173
35.201.81.244
35.227.248.159
37.157.2.235
44.192.95.220
45.60.33.16
46.228.164.13
46.249.52.248
46.249.52.249
5.178.65.252
51.89.9.254
52.20.98.49
52.217.74.132
52.218.209.26
52.48.137.92
52.56.207.211
52.6.128.65
52.95.118.60
54.154.164.132
54.165.137.101
54.239.17.112
54.243.241.242
54.86.238.174
65.9.187.115
65.9.58.29
66.155.71.149
69.169.85.6
69.173.144.143
72.251.249.13
85.114.159.118
89.163.159.106
92.123.150.214
95.101.178.151
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
00accf2eaf7854186b4a7aed4140a27159b1efbb56d54c9d5ae30c827d3d3ced
01c0935b9b9e56b3727ae6030b904248499a435f20484a5bff3593cb9eceaee7
01c1c3258f954bd0d94c5050c4b9b1ec1dfe1a1dba77d43a3d3f4a2afb4c28ac
01f42758bd76559da899dfd92275f13e8764763730436e9023a49d2187640801
032b2d45a9f92ee935c0529aba9168c57287f2f704e6c55bed51aec12bc8dd40
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
039a0ae0f2110694e18d4f6346f57da59c923d27dec04ac90edb677785dceac1
0688cce42b1a9902871f772fb11eacdfbe9444ee3c0a62403369525606544dd8
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0a90842a365a0772d60dee509fc3584d6aeb958c3f79fe1d1bfe06b8743ea4a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0dfd8bf221c1f6cdf38a4b07de1f37ebaa990280ea53df6052d143323c343ad9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1041c9e1f32332d32459b147a3f21a419d4bd9d1ac8d32b2900c6cce704888eb
10690b2c2ab8205640e4732b1dfe9a7d33438c904212e5e52ec850fdeebcb8b5
106fe76b55997d47da03403e8c71b972111d726f319394d84073842e27a1f789
10dcb7c265aeb336a4de77d360cd047c2954adddf9c453ef9ffe7a0ec9eb70cf
12217c4b109b709f8449cab89dcd17d97c0e82740e01636eb70d6b41c517c593
129a45f37856d08a88b80083362d129f17287c5d269155e9e9a6724f37729390
139d02d78b83bdea8eb19a02e3dab8f01fa642a8df8f1e9f02f34f52a1c29a62
13c4f47364c6957df756baecfbd508cd795fecd6de706f9a86c34adc2532ae5f
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
165b7280c585c6e89d4d88c8490a1df5588abec7c494cafa1c4b8d9c79fce2eb
166546432362a275af899542d876583bb41224b2c13cdf399bb1871edff5c5ab
16e4200d87e3033f07e3c06d260a04a565fa94729cfc2f84b403fdc1b30b9dba
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180d22295af2e97896455b88c35e0926dc3605ae0358344263b945d44c3768e5
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1959fa686e8281aaa829a8608d27a104e39346d023f1b8799f89e0d6a3cbf693
1b2fa706d33b212b5924d7ea4db659fe1f9a64682f507535fdf1bb8e4161e665
1bea73194f11df459501fbb414a944fc876c62dc2a7b22ebd481d457e07f5cee
1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0
1d86ad203d9f732075a57918233257f12d7689499451b75db4bf8318b54b50d3
1df5c85c071bbb7bef39d7f06d9e8e209949fa9bded4f61ef335c9e0bdd9944b
1e0f4f6476736c9d9a5045335be5b98667a6e626b7ebe6d6b3d9e56d78034e4f
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1f4e9fee2f1487b355e7136342398bc7dc98cd407a3d457012e9f65eebbda8e2
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
21b188ccd44e712072f9d6a4d1e8bc456dc1bbc6e78527a1e2956e2ae565bfc1
21d3616168aa7c124601171eb571169758206687934e0768f91f53558bf31a90
2278cada41d2bcc06dfa905b1e859133291c58dc7fb209a57f9f5d02c11a92e5
22d16d512c307731530cc57b14148c34f80e541eaaaf0221ed3e4a372e8e933a
231424636341481c61436adac3b5cbf65309c564c28951204fdac45d866087dc
2345760bb81971826211abbbd04a0c5d63fbdd9235ae756aa2c8852918f7384a
26086fb965567a38eee311a29f303443828677225c513bac25313073e86adb38
2684d2cc0b209a807f3199b86c2402fc7212ada40f68241b848e2bfbd5468ad0
2853068375a809f9e2d9d7e8d54dc7cbdbe07906654acb8728bd0c68add84575
287eb7f1db1c25a126870ab7020564a4fc0909fe3b1a9a914bfba5b12ac99deb
28f4a57b8084b3c45e16c5981b4452f49b621aea1f067db22d7fadf8f1978d1b
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
29ae5dab602c1e1dd82f89dc9fe57301a2a69ce3127ae12cc50606af4b56a027
29b11ec3f30c51a622030c019ea5239bd5ae4086a79733ebbce4da23a5280e16
29c09c6a4a8c69a981ad315ac5bf6d92b3f68aad57f2f527b26f3a5bca517202
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2b139d2871e745eeca0ed22ce994df828a96faefe86aa5e47d06c58184845445
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
2e7155833c6617404acf8abb8e48f76bc1bff361860773a9e415df10434225c9
2e720c4d4729373ac244d3c2a6142f0714fac0a9c1f7375689ddef289f5ad8c1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30467f3fd80fe26eae9c0300eaf496c7aa216e11ea7d1425c4c8b18ec286de6a
32979410f763fe5e852c26a8b4401c0501a7c77026516a087e5c50335d0f7ec3
32d2e8fae9c57cb2d0c38cee457240a748ea0b1efc6fd0364cd08cb9a21716b2
342b5e6b727cc4aa24989dba01acd73e38dabd64e2503b2f0b77a77a8131fb7b
34f2c61b1863f511f66d9e774e3261e0b5e346661c7a9f6a2769ee55cee22f98
35fff52a984acf4facb76f8a50e2b5139d60ffd8569b43fbd58bc2291c1c20c6
36095719a11704a1eafffc35d913b19e1ae0a30630878c08eaa21d617c37abed
3645989f58dcd5e50754648368ad3757b1992aba4be45fb6f6224b3221f4b20c
36808a4262b0abf919450baa68521987513c590ae0c233fd15edf8ea8b128b7d
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
393d77537f46e572df99ac45da630f1129f17a4b08f45f5471f8b3a105f4de8c
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
3a642375e7090d25cb91cf7ddbcbd23b539cfe6a5c104ed72d97a5e028ec3a0f
3af009bb0bef52a27bf3a7032f4c7b460aa3b29a9aa1c14d0fe1c24b4ccb1d76
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3cbb0fc2022e7a5c1291c20674c3547cb5cc7acb9b1f1f897ecae026f3a02fce
3e4ee5b2a45e4c21e272968aecb6432977cfdb537be0407e58317c35b1d63736
3e9931d6aca6d1658331df1da53f77c9d3830ad87a015151d845a2773f914579
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40431ab27bab69f00e22cc1762b5cda7983289df95dad74d98db73b2b98081f7
40e9eb7d775717209d3d3990ddf2cd707ce68e468cd0b7806915430b4b0b7f68
41001b96a634dd96fdd8ed43cdfa7e24870a80e16e61553c579e5eba7afc303b
410484888c034648be1576dff700679a4ff7713a240e3175fe92fa0cad3d2c83
411355f65406400c16bd82be652d2ef68ac41fca89aafe902766e06dfac6882e
41212564ee31be6663cea1829e8d2c907664860b73f8b82537e9bf2b6355846c
42894f3ad5731f9b4a4a3351452f09189a1e691009ceab6a19275de45e9304cc
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
44bfa8607dbde76ea2a0efd4578a4d23559a6b4bee973b0a49dda2dd2380ab39
45ea8657d8d4a2e53745c2729005d78a5de70c7486ed5506b908fc374c7a677b
46194b1f6fdfb54d42ed148d24ef41d01fdac82873f6190d37ef0605cae1c671
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46859450500f90ce1370a79d43f2554dc2f98af99e3989406f69e3cd5c6186b5
472e9bb0f57413d011edd48cd920e83a0e18ad61bee4a8e61d39dfd7789a2e4d
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a10fb59584e54dd3757eb2411cc4bc570d54c7a1dde17c2e883cda73de22a85
4ad869b5888dcb3a2db4223e9dc8fe89c914d6e1e0578011aaa59a86882f9aa9
4b2da2b658d250bc584930481d15a8cde9be567bbfdd967e5ba0250421b5e6b1
4c11bc020fff9083a681de0df3f11d23f9b45a6c811a5bb97fc45c100a5fb26f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc0975f7d9dba7d39853917d125469a99f6641d286f4355ee8617915d862289
4fdd9174b64dcecd22924157f166a3d12727545991081076db38badaad375183
4fe5540b2decb633927eedfbefb6f8a940e54438c3dc8c2fc035c41285ea2aaf
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
5043336e3e03510fb3061457d0c772ce30e3bf1373449dc969158dceccb8a75c
510ad45e57537e844d5a2be03374a679df840aaf24918cbe9f7d73b5a5ad6afe
51788c7de91f95db85505f5abd9086dafc96f5ada3612eb1a40d4a000f0f299a
51aa7f988cc84bdffdbb835a53cf225bc4b39d3e1eae2a389e2680211f856ad1
51fb7368162c445fc539ca377de08bbf57d794ff7ff76e630f9ef1e335ead41a
52ab3cbaa159e4d0afd406452ba9d7591d977ef035e1c7e63904dd1a5f013450
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
551521640876c0ac10f1f7db6208d896c8982531a1eff36c62a4b6d5630b74e3
562e753a84d4da8093afe466440eadfb2fef13ac714f963341d34caa20db73e5
58a62ef8102455884128429bffeee859d6bae1d6ed8d8114ace23acb81f5e44b
59f129a30008443b36f8912e9902e972899cc39c4d7c0c2e18e1bef45c5c3bd7
5b2491d2a114da9e340486b6d313ac6bf1d7fb69db70690f41122e1a7667f3a3
5c6d65bdbe11363540218c98197e55c47a70a8102c8107e01f246a35fe392227
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
5e41e00c561ba29873d02cde5f5f542b86b676f88f81621ec217a16d86a2a1f7
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fdbd469304d07c9dbcfab3fc127c6f437f5377262d5fa9e74dade9c4092e94c
608aa5910966d4e4e16b83e18283a8b7941004e3592c8af3ca9783eca01e0614
60cd5d43e64347ff1017ffa9da2dc209a9675a4be6ceba25a96fab32e5e72220
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c79e965e63cc726a9e46d476c78f892b6e6c325650ee919bc855ba610cc80b
61e077d8b2c060abfd0e39928d84a3167e3842604738de2ba3424f9f5c0879cf
62e45240dcfd5ea087e4a3441b41cf61dc8dc37696e02d81a9fc43831b9d7d18
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64c8d8ae0fe92e186775c160f60a9ce6e35541de61534a5a3fb8e71d709f36ea
64d312237e2fdf8ec84e25dc0cb357d306e2031c01dd804731c93d1a57c9d493
64fde7c3a690b22043b2f73e6608607f8bb91f0594caa4876a4763a4d4715141
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
654b3561e265c0cee0d06e8da12e926ef892a7736db6f83ce47252705b02eac1
6726eeab15eb2464e322804aef1c2cdfb66cd390b14194c59f7136d41cb84a16
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
698650c9ff9d881029f3ff593df5d76024853c0b0f731924cebc4bc695e70daf
699a3c1d94a30af13b6161123bab47852dc237e3bcecc3834398f512a422bb36
6af63c5cdfecc2a05ec551afa4c95627062cc404712e91ac85c28c2aeaff2fc2
6b984ef74c306a4e95af79910422f1a0845cb5a55ede842c4c4a93f69a5307be
6b9ab951a31627c969b0b96b04172da0c70979bc7bcc85b42f6a54b9ab073711
6d17863455b303058488e5c98474fde144bdf62c15493684dee65782a9036989
6e503e0425398407927281c1a68b0aaa3524072278d1c5d5a01be5ec867832e8
6e9ac2f9cad78e8307216cc34064e1babbafa0f81935e15083faddf710c069e1
7011d3c4c69eaa89b79833141b34be475f9faac14cff8271cbdb78dcb689a942
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7109a5705eff586f49627df31cfd3aad5726e44c6d905740401fb0cc15e04438
71b8419d620449a49d2c701bc42acd597cf24b43ad07026491bad69518bf76f1
71babc861d54fd27adf8fa0c372675968580d55938f69aba71945eb2df7477f9
7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291
739e1bff8c5f7cc12517ce27cc698f973dff609b15bf7910e604fcc5d4a3dded
7403c94c0498c189ad7bdae4b2c7980174d5d11a373b9286d4623073d6721a3f
7412205e80b068ac2a5bea19ef9686ece2d7b2ac3a724bd80150268a187b4ebf
74599d6ac1d000bfc3ba35573d9d37cada000825db1c10ffd9ae06ec65d8cdad
74d986f56c5ee88c038417c10d626e8e6ba182100c06a603c7c296cd69da328f
75d3b64b969a16acf7360d3443a88c72ac77649089343889b0ab19c29deeb636
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f
78cff144d0df7f7169ec437fb20420ac87abc873d8d9e6e76b14e262d241fb2e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79b59857d8f3b99629a37c339395f5ea6b8d157af85e6754a32514ba1ac3d408
7a54149354f8872db43e65d8bc5c53087da5717af16e2f217e4fdff30d2f396d
7add09a196bf556491a0011bad2ba8453c7b558b230948e1b3755a3844b4dce4
7af95c142ff2fcfc699ff185f97ae638d38bfe0f14cb6021d0beaad62e6d62d3
7c622600140a1df451547bbbfb31b4703c0ef3a27562a31e339f0150ffe606aa
7c8dfb8372b6d0f558b4ff2ce2b0eb98e8c31a0b6a86af32bbd56699b5c13921
7cf6c7974b2d2fb11abb974069ec0947ee7a3a1b6004283cfd0f8a69216bf33f
7dde07483446142b97ae4a296d267ee5b7521e4463761c63efe3337901bc2f4a
7f2b25b3a94ca0acafec060645a719a45bb88b8e6e84f801d2d5674772933ce4
7f31fd62d0c9fbab1e248f69e65b161ce9f2c862a00c72c0f0367a8150169796
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82102ebc7b9db490acc2066baa0534eadbe3b36718af9eedf9bb96d15846720f
838d08eb743cc1b3763c210e23e71bbd38f7c9339db842d0a0c31fc66fde0a83
83de8828e19a0585e14cb176467a4683d6e83d2714f2561bb8be2edf09699502
8405a460a2114321645c8f40e14b19db414f69d75a9fb8c34b5353ac24bf73d3
84458152f011ef3d6d6bdfedf62eee5142314cb70834c112a1de59ccb89a27f6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854e739f066402b6ea1231d7fab1a449665ab59a853fb8be57df16a67595f9f4
8550d2be0486356af6dfd482647596c0ba54613aa176c9d7fbc51d0e8053dfd9
8601ea61d9e42da55c7df210b049f4817228998f799df5f6b6ef537d6b909e07
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
868295bb1ecfe7de3f367b2836344af8ca73478c6b5fa70591572fb29c50eda9
8704f634f415e3a652d15ac5d61178fd8ec92413d21eaaf33a35ada33341e24a
87306a2724c3372833c09c0aca44bd1794c75f39f94ab94a053d0d87736bf04e
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c602424ede1bea2037389c8635b1f87f14f6d5f942bed4dfb124983acf3afb0
8cbb756d3fc8ff831352f57e2f612b248daaa6539a01a635d565431bf9b63cee
8ce5a72e8cc948085e52ec8bb525fe1f11d50a4d54d0835de63c9937269add01
8d31c7186b962ba4eb8bbf5138319edeaaaf05f84bd8ea7a7bf340a7e4bc5348
8d7056a38ae50273b2508ef09ba76e2cc058361abb337ee2f339f580b1c6ec63
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed69fe012de9255a0662c46691693c154011e9042e1adf56759921a1f4a38e9
8f5ac21aee51b704bcd69da5737d53f97d0fbbcf715ed17e0a5d7ebd9c4c0afe
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
90e532ee416afe145be06a5c2d2cde8bba5aef8446a920319ea7062953f6f399
91edc21e203faa108c83863ea26d4966908f49caa0424f4b065833f2be580986
92001db752eba691556966ac429ececc8d7802b8a12322b698345145e608ce6c
922a770ec1dcb83dafce6bf3b1da0c254c0dcced45a3faf78ae8c75e5f6beca3
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
927ee0dfe51ef11076e57510990fd5c5fcee1cffd5204a4e3d3caee529c3bd01
92ef3fcb174a2190ef74a7dbc6321dbded5c0430f11c4a7b5e5ff50ff1d6cf4f
94017345086bb3e9fbc241dd2b34465ea1d037bfb7f8d3fb351503d32c2a76b0
94a8a54597671a92b6a5c081f02c4117852e878ec895e9efcf704011655ac1e3
950db286ff15f10c32b21c5663b4ef391b52df1288f5f7f51e768820d7070aed
9653dfa1fe6c4626a533216af0c419d80d998e5c32ab8489a524304548b8d984
967e9eb9a463d40b6643b6715770d86a776197c4568df7f9d5bdac18c03143f2
968dcbfedc9d25d535164e75d5add0c47371689b0b8800aeed03d0d8b7f46193
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
987f51b2adf58821c632ff5c96ffaf4c66568002dd5281bebbca05b57cba87ca
98e8020f132fe3f4d3d162ddc32d4629fd749ab651a877a9a8f2ab57b68d6f78
997040a22f2acdff00363060213cbf3d82b59e95cec160a9742639923a99105c
99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d
9a2c64a5cc20e6f3aaa2526d6f29d0c48acca50449e49a79bff8b4023ac492db
9a8ae07b1238e30a2526583ff4a77e43ffdacb77ce7ae6cdd8baeee757f80253
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8dba1300ac9d3835249d745fbd95fa78ec11c86c4db96c0a8d910a2eb9b5d5
9b9e97516af383e273aab37c5d4a4a941235d5c890865bc9104ea7cdfd828567
9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc
9d5bbdd7becdea0232c8e8c46847593ffcdbc0eae13f8b462cb37ad922d6dee5
9dc5554275733c22afe4c624df4b108b3725ab0f3665d0801a231e8c7f9de87e
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1d5ba3a3cea1623b81937a462b518023744393f5a7aecaa1ce284fa8ff6730c
a2d20ed383e7f2d73b05f32c034276266e41cf757f3f6d1107228319131d5e57
a31fc18fd15376214a05f1769a630effcd156501abd6836372a374e04800a2a4
a3de69e6337341b2a3b5dd38bf67b518ae04536f4094700c77f1d0718fd34578
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c0c81e8cb51976ca12dfb95c8f3283a13bad52aad06304cb350f744eacffad
a6f3243241dccd923a986b35fe5675e16b5930e6ef4432baf73a213dc513c9b3
a718525434de17b3623614c344f9e41e391c45a2f9752694a87caa11471c097e
a7633d4836cea66858479d69119c3ee45d47a664a441b067762a9ed75d7839af
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef
a93b2eb3c4b805fb76cc9ef390cb1fe94532be19d40fa06b6f45dfd3fd9c4f03
a98327cee1caf872ea543afd98f791392f49b318a24e6aed04312c279499fdce
aaabcd3244efb93caa2cb582a42a777881eeacc8f307ac6fb4e6a29919ac00b6
aac2070e9adac3977b9c190da8f08a3352b697f82d68cbd0d05e51d4e14a75ec
ab4346ba3c176e9392f3ebdc4c4bb89bf84a4f65257712e5a167f38edeb31d2b
ab7a2a638641487b31362f8c17aacdc746ae082a4cae1bf914430f6f084041bc
ab8e498238d78aa9ba8358ee7a99b154934c5a4c289a9f731cced2801c6794b8
abef7e470690fdc0f41e09acab3c1306279b9425f379da6012ff4f25c36124e8
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
acc186288d247f3c2008a4b29d094ec56faa386249f2e9d5c0f6fbd403a583b5
ad807434f1faf72a716a33ca32416f0501adabefc7aff13558f6229cd742a541
aeb34a5fb47419c733c342495588cdb2b9ba2a0554b6e8fb814161574bfd3e60
aedcc69bcf904f8d92d4966ebb346a687fcda9bfc42e7aa7caba1d8ace1aadad
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
af5055673d29e1896014a8c05728bff90ad50e6ce004df8e7b46dc8d38441714
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
b30638860c1e72bc5c77245e7837ecdd7f1ca7f3bad275f02b5a8bbd72c666de
b3d0f5e02b5178b0be7682cb8615ec2c500e7b6943e057f5c5da2925635a90bc
b48b787e8261d755398f818d2915f1b36cc36058524e563449b4f0aa4d598629
b55b95afb134533c2a70737a0cc7b83c0e9cca8282b894f78edc0d31a862684d
b7c063d0edb440ff1da66e1b8b13cf1f74ff1022e7d7be295b2a978c7f527ab7
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b942c3fd7ca45673fdfa105cea6b1c952b6496d2758f1cdbe8bb9bbfd8d26de4
b9a8dba234d28039daae9bd2b823586d2d23be450d10d17658053e78bb4360f0
bafb66c5faabb4937a8055340069c0f78224f6fb4ef89a93f2a641bad8bc15db
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
bb8726dd4e35c7b165d46f5f3e13ca8b671cc6fff90aeffdeaeee81c1b3507e5
bcc06d21080605d90dc15ada7638b226a505b2ebc519aaba432f786cec351750
be336a11570a2f4e307f8e4d7874709d2b5da0f99945192fd8d441c5dd7e778c
beb74be22a5bc4c2192f567a7d5a8ded575bab80fb76f706f79ca7f109d00981
c04677cdd5494f3532c72b763c7711bc1407560d20c715c9550e4d6658c7a62f
c122fe3fee61c7529deb6893e99c7b52081dfac50288db7e5b1a5488782e624a
c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23ec5e8ff3125a3ba4565f318b196b7cd234633ddf602817ea57b38a134b38a
c2cc5579450440fae459c1376ecfe52c62dc18576d84942fbf68ed13f50ef669
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c4fd213ede62b996f4413e5816946dbda1d5c6dc33307e472686ca0010fb2a1e
c54340af80e1caef7e5fa1f8b7a31d771262abc6dfa67ae79e9ebe0985c6f09b
c5756808f357ecfa61e18176f9135dd806de13636cf754324291bd60a28305f0
c608b31b9b0826ddc7221755633fa221e6acc1974294dd20db7fbaa0af1582c5
c6af01426d89e8844b1fd327f104cb9486ffe5e95885940a800a07e5fa519eb2
c6c1fd15bfad1cc1cdd05951acef991311169cf8090c9dc29028d1e247f617f6
c78a2d72386a8c04ee37f10b1cd94074ee2ce4f89bdd71fd78e6d00b0870eca2
c7c3d898b283f3747d4ffb189899f58f78acfdc86125dc92ca17adfc9b879df6
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c8608afd205f591ed8e56ade592dae129c7836fdb91d1259868f0645fea9ca6a
c95fc2265cec6deed3b44dca710fced2c9def5202c1e8f69445eeb579abada25
ca1d17cdebac0d3655bb2022dea5c8b611005fb6aa4899d954529538e934a841
ca68e15d383685ec72c57efbcb66e764075fa9471421ce79398448caf09563c7
cad19bcfa3dca7b3aa9aafb8abb9b350cf7b86beea3d6bf28264d3140ba36fe9
cbde72f55033308679ac76e626ede4ed0e1a1a157e5b8e00344ca769215116e0
cd908c6afb87afd8cc30db423ca30f1f93316616345408e3fae641f15d4be6df
cec328dda453d77d1824c45585eaae7347667268a866026acee8d13400958706
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf47cfafab4d53956b47dcb450dbfe629fb7ca15f2f6bbfd53ee83a438f36cd8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d188894701a938d52498bf042753dbbead139cbb49ead5fab0228b457375eb03
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
d388a8b7c8a09cfcabcf6a0593829ad751b0c96a60c17c400ccc52cc6db9ae9c
d55fa4ebea3823fbfaffe7e5e1cfee5e978c5e8b5b9f1a4d151910e093ca9be1
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d739ad8f058fd45476e5ebe96c41b1c6197e0af5f939e7f5871f55157c75b96b
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7b783a583114d10abec7cfe72d3d919a885b1dc37285f4ad68989fdb9f10596
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d95f00101202cc94b7d7d5f2ce8321d5f795302a478c8c47fc64e5adbf94a36b
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d99c24f3c226d84ef7d3314740509acdd0ae1227e4e447a95654d71bc1f05e1d
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da97faa925633343530efd95674fae46002607f41f4ca9ec0dbeff1d7a15a973
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc7f56719c7696c18d4069a99545c73e1bd800ae38f62263f4aa121f97bc7bf9
dd14a724100b7bf3c6f98b43e18b624d8c1e7436abcc1dd5c2b32e6f6930f50f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
deed2ca4058628d13a6df12fa309fef4c28f34c4510fef38a02bd1d5375b1b73
df51ebb58e29c9d5555c3e3603d109338db42a5ce6f5732bb5b8fbb3bc6d8afc
e2be708683c7b866e3afe46e6f96c57144b94f060c434cb5f5313a905503931d
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e5af1eb6993dc2df14e003d0fe5f3e3d48c188332f3ffa5ede99559fcf0eef3a
e7468d3f989dabcf9033b5311b805b4a538cde01d6c12bb07fa709636b97ac14
e7a6e998827783e22bbd99ed5df09207c7920e296755bb5671f3ce23d15f9b32
e957e83f7c084aa3c8c59e863bbdb17436f901bc2caedf5324409693eb2558bc
e9da066900cbd6ed7d17ac52d517edceb8e29ddfe614652313068b8d798d9a00
ea2a107048e0129825feed8f29fec3c8181a6c1794f879d4584fdf8c76ab535d
ebac3fd6dd8b3278c263ae4ee1e1035e4fbd94a84f54d5c21b313492af25ed16
ebebd73637d8bebdb36daf0818fc2d6a8d0bc4df65856a133a11a7f0f424867d
ecc7a54cc508ecd7f9bc9e5f1d648535f60e24adf4b667f8c92d66d2ca367e99
eced437d4bb8a726d823bb80013c37e1e0eb81069618e7cc57ff1eadf0d0cff4
ee0d71e0d935450ce6b4f87023d800c7f6d500067845fe5ceda7775c865d8e77
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f7a991dba1c286bc587ea7c7f7fb996a9bf32f0cdcf0f0083cf1d04558a23f
f191e4bcef8e8544a41ff1cdd7d7c1e1cbe85cf94e9bde7d337415d35ebdbfc2
f372dc8cdbdd3080e2f2ab1d66fb9178ff27b6e8dc181917af4836c6e9edcf53
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f625a1076825135ef10d738157919a229ac046644691610cad13326470452eb3
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
f8d2aaf7646d6a9b92552246e0b4059d1bdd8823f94e232e8c9a48da9be334e7
fab8009bfca1d997aefa40b183e71b9b7664be86c83a67c7ae6de020a257d18c
fb409f2542af7f68d9484417a5abf64e76fa0f0ac6e09961f35bdfc528e19eb4
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fc0ff710379ab0adb9d2ec1a433fd7bf8a26bb71cda64fc45297dd7740a9eaa1
fc7b3a8e3a51cf8ac1ddc69cdc59449291f80eb325f7f3b72222ac4c3b9773b9
ff7ae2ea3af4dbd690c1680fb5a2d12eb3f8649fff32539dabbdea6e977153f9
fff0499ca94b9ffd80bd230e8f7dea19d40c7e2e00e765566bb792797c026d42