ketoafter50.com Open in urlscan Pro
54.39.195.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url.farsjoo.com/u/64802
Effective URL:
https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
Submission: On May 09 via manual (May 9th 2022, 7:38:35 pm UTC) from GB — Scanned from GB

Summary HTTP 55 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 14 domains to perform 55 HTTP transactions. The main IP is 54.39.195.176, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is ketoafter50.com.
TLS certificate: Issued by R3 on May 4th 2022. Valid for: 3 months.

This is the only time ketoafter50.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.55.224.44 185.55.224.44	201999 (SERVERPARS) (SERVERPARS)
1 1	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.202.12.61 18.202.12.61	16509 (AMAZON-02) (AMAZON-02)
1 17	54.39.195.176 54.39.195.176	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	35.244.212.226 35.244.212.226	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
55	15

1 185.55.224.44 (Iran, Islamic Republic Of)

ASN201999 (SERVERPARS, IR)
PTR: irwrs2.dnswebhost.com

url.farsjoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwebpink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.12.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com

secure.ketoafter50.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.39.195.176 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip176.ip-54-39-195.net

ketoafter50.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.212.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.212.244.35.bc.googleusercontent.com

www.digistore24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ketoafter50.com 2 redirects secure.ketoafter50.com ketoafter50.com	469 KB
9	gstatic.com fonts.gstatic.com	254 KB
5	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 100	583 B
4	digistore24.com www.digistore24.com — Cisco Umbrella Rank: 211197	13 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 605	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	201 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	145 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 ajax.googleapis.com — Cisco Umbrella Rank: 432	36 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3632	608 B
2	google.com www.google.com — Cisco Umbrella Rank: 20	608 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	511 B
1	mwebpink.com 1 redirects mwebpink.com	493 B
1	farsjoo.com url.farsjoo.com	694 B
55	14

	Domain	Requested by
17	ketoafter50.com	1 redirects url.farsjoo.com ketoafter50.com
9	fonts.gstatic.com	fonts.googleapis.com
5	www.facebook.com	1 redirects ketoafter50.com
4	www.digistore24.com	ketoafter50.com www.digistore24.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com ketoafter50.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	ketoafter50.com connect.facebook.net
3	www.googletagmanager.com	ketoafter50.com www.googletagmanager.com
2	www.google.de	ketoafter50.com
2	www.google.com	ketoafter50.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.googleapis.com	ketoafter50.com
1	ajax.googleapis.com	ketoafter50.com
1	secure.ketoafter50.com	1 redirects
1	mwebpink.com	1 redirects
1	url.farsjoo.com
55	16

This site contains links to these domains. Also see Links.

Domain
www.digistore24.com

Subject Issuer	Validity	Valid
ketoafter50.com R3	`2022-05-04` - `2022-08-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
digistore24.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-30` - `2023-03-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-16` - `2022-05-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
Frame ID: 41151641D7439DB8CFB3D719E87D331F
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Keto After 50

Page URL History Show full URLs

http://url.farsjoo.com/u/64802 Page URL
https://mwebpink.com/6525/710/2/ HTTP 302
http://secure.ketoafter50.com/aff_c?offer_id=247&aff_id=1221&aff_click_id=6525_sessid20220509193828074&aff... HTTP 302
https://ketoafter50.com/v2/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&... HTTP 302
https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

96 %
HTTPS

75 %
IPv6

14
Domains

16
Subdomains

15
IPs

6
Countries

1150 kB
Transfer

2141 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.digistore24.com/product/308106/98304?ds24tr=16.95-4F0DE960-102fbac35a74b32f8d8d1ac54a021a-247-

Search URL Search Domain Scan URL

URL: https://www.digistore24.com/info/terms/1?lang=en
Title: here

Search URL Search Domain Scan URL

URL: https://www.digistore24.com/info/privacy/1?lang=en
Title: here

Search URL Search Domain Scan URL

URL: https://www.digistore24.com/info/contact/1?lang=en
Title: here

Search URL Search Domain Scan URL

URL: https://www.digistore24.com/
Title: Secure Order

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url.farsjoo.com/u/64802 Page URL
https://mwebpink.com/6525/710/2/ HTTP 302
http://secure.ketoafter50.com/aff_c?offer_id=247&aff_id=1221&aff_click_id=6525_sessid20220509193828074&aff_sub=710 HTTP 302
https://ketoafter50.com/v2/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221 HTTP 302
https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.facebook.com/tr/?id=171774603645845&ev=PageView&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&rl=http%3A%2F%2Furl.farsjoo.com%2F&if=false&ts=1652125110614&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1652125110209.1218543314&it=1652125110004&coo=false&exp=p0&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&ec=0&ev=PageView&exp=p0&fbp=fb.1.1652125110209.1218543314&id=171774603645845&if=false&it=1652125110004&o=30&r=stable&redirect=0&rl=http%3A%2F%2Furl.farsjoo.com%2F&rqm=GET&sh=1200&sw=1600&ts=1652125110614&v=2.9.58

55 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 64802
url.farsjoo.com/u/ 347 B
694 B 417ms
167ms Document
text/html 185.55.224.44
SERVERPARS

General

Check archive.org

Show headers Download Go to

Full URL: http://url.farsjoo.com/u/64802
Protocol: HTTP/1.1
Server: 185.55.224.44 , Iran, Islamic Republic Of, ASN201999 (SERVERPARS, IR),
Reverse DNS: irwrs2.dnswebhost.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 370
Content-Type: text/html; charset=utf-8
Date: Mon, 09 May 2022 19:38:27 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin

GET
H/1.1

200
OK

Primary Request / Show response
ketoafter50.com/free-digi/
Redirect Chain

https://mwebpink.com/6525/710/2/?
http://secure.ketoafter50.com/aff_c?offer_id=247&aff_id=1221&aff_click_id=6525_sessid20220509193828074&aff_sub=710
https://ketoafter50.com/v2/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

43 KB
14 KB

133ms
133ms

Document
text/html

54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
Requested by: Host: url.farsjoo.com
URL: http://url.farsjoo.com/u/64802
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b78678e27a84f5aa950ce48972924e81c6b638dd9f7cf9d635f760cf545a0b8d

Request headers

Referer: http://url.farsjoo.com/u/64802
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 14008
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 May 2022 19:38:29 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 May 2022 19:38:29 GMT
Keep-Alive: timeout=5, max=100
Location: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
Server: Apache/2.4.29 (Ubuntu)

GET
H2 200 css
fonts.googleapis.com/ 4 KB
998 B 183ms
65ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f02edf6f5150252c5baa8ad27ebe74fca46589a112bf38f74573fdd5811764f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:38:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 19:38:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 19:38:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 192ms
75ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:400,400i,700,700i|Open+Sans:400,400i,700,700i

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d65e646adb32497b59aef49c69de37f727e575f39bd93ef232a465c217617237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:38:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 19:38:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 19:38:29 GMT

GET
H/1.1 200
OK app-lfsl.css
ketoafter50.com/free-digi/css/ 68 KB
14 KB 243ms
135ms Stylesheet
text/css 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a806c60841ecd2779821fa72d788294809a643ade617a4deebac756079904bab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Sep 2020 18:27:07 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "110fa-5aed17b88fe20-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13853

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 184ms
67ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89952909-8

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c06d98c4e715de2593f20b1b5aa89c567e9fd69748093d8bf0818f6ea35723c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40747
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 May 2022 19:38:29 GMT

GET
H/1.1 200
OK blank.png
ketoafter50.com/free-digi/img/lfsl/ 110 B
394 B 132ms
127ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/blank.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 3f75b1fd5c91bf9a5a86a241ddc76603e8f96a2efe4f9420686d4b67bbf03fd3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:29 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "6e-5aed17b939cda"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 110

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 184ms
54ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 12:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 12:58:27 GMT

GET
H/1.1 200
OK lazyload.min.js Show response
ketoafter50.com/free-digi/js/ 5 KB
2 KB 128ms
128ms Script
application/javascript 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ketoafter50.com/free-digi/js/lazyload.min.js
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 55dd9fc39774af68d4ed30d6b668427f3b1ab86db5dff36cdf179573140f4b5a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Sep 2020 18:27:10 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "140f-5aed17bbc1421-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1816

GET
H2 200 footer Show response
www.digistore24.com/trusted-badge/1567/lGUGi2danAHnvf9/ 1 KB
733 B 236ms
107ms Script
text/javascript 35.244.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/trusted-badge/1567/lGUGi2danAHnvf9/footer

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.212.226 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.212.244.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

4af469ff5c08a0f32a08c67fa5e212d92f7d150e9bc110b0017f2935ca7cb4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=8640000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=8640000
content-encoding: gzip
x-envoy-decorator-operation: null
server: envoy
date: Mon, 09 May 2022 19:38:29 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 google
x-envoy-upstream-service-time: 46
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 576
expires: Mon, 09 May 2022 20:36:49

GET
H2 200 salespage Show response
www.digistore24.com/trusted-badge/1575/dD3tmxdzkF2Jand/ 716 B
812 B 231ms
102ms Script
text/javascript 35.244.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/trusted-badge/1575/dD3tmxdzkF2Jand/salespage

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.212.226 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.212.244.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

dfa7614deaec8e3ce98e45a01eeb9cc0be36f5ff3ceb559bbca3c4c9cd81b46d

Security Headers

Name	Value
Strict-Transport-Security	max-age=8640000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=8640000
content-encoding: gzip
x-envoy-decorator-operation: null
server: envoy
date: Mon, 09 May 2022 19:38:29 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 google
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 481
expires: Mon, 09 May 2022 20:36:49

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 183ms
58ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: X4nbfQcXTtwHD4ZNx6xgHipt3lxda8eCdtUdcINXsvw8dgRuBCu+a5IKKNw/hVHVSrgw5tqMLc9wzNwVwOXKLA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 09 May 2022 19:38:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
65 KB 251ms
135ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJX76GN

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

585a6f068c13caecd6a18d04fe74641d6316f384ea87f5d534445f745bd2c364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66333
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 May 2022 19:38:29 GMT

GET
H/1.1 200
OK hi-y-sm_1.png
ketoafter50.com/free-digi/img/lfsl/fx/ 12 KB
12 KB 256ms
127ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/fx/hi-y-sm_1.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c43e242fa8b47210de7543e012bd9548ff81865424145377fc4a9404006d52d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:29 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2f55-5aed17b9a72d5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12117

GET
H/1.1 200
OK btick.png
ketoafter50.com/free-digi/img/lfsl/ico/ 2 KB
2 KB 379ms
126ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/ico/btick.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 806a3d2e1522537d654c53c3cf522012ea9f19b814ca73683eb9092a79375faa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "836-5aed17b9bca95"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2102

GET
H/1.1 200
OK from-white.png
ketoafter50.com/free-digi/img/lfsl/trans/ 2 KB
2 KB 287ms
127ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/trans/from-white.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 40fe2ed21a6d83d1c37c1e5ce2eb480ae4b7c5b298500586ee745eac4f88cbd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "721-5aed17b9ed7d3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1825

GET
H/1.1 200
OK xout.png
ketoafter50.com/free-digi/img/lfsl/ico/ 1 KB
1 KB 128ms
127ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/ico/xout.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2bd2f64435f17ee359a916deb00840f2a0c7dadd7c01ce2af61d25c715bcbc40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "48d-5aed17b9d0314"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1165

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
23 KB 174ms
55ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:10:10 GMT
x-content-type-options: nosniff
age: 527299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:10:10 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 23 KB
23 KB 225ms
106ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMR0cg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

458af683b8dbd6454c2ab93f5d228801d4c9edb8a8a8930c28563c6406a849f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 20:55:34 GMT
x-content-type-options: nosniff
age: 340975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23784
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 20:55:34 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 329ms
210ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 527475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:07:14 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 315ms
196ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 527475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:07:14 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 338ms
220ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:10:27 GMT
x-content-type-options: nosniff
age: 527282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:10:27 GMT

GET
H2 200 wEOuEADFm8hSaQTFG18FErVhsC9x-tarUfPVFMZEcD5f.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 24 KB
24 KB 282ms
164ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOuEADFm8hSaQTFG18FErVhsC9x-tarUfPVFMZEcD5f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6e6ed37da1a51d801f8addc75bba75473de0f5f585d4240bf5d5b17bb9b08d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 23:58:37 GMT
x-content-type-options: nosniff
age: 329992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24904
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 23:58:37 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 298ms
180ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:58:25 GMT
x-content-type-options: nosniff
age: 524404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23736
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 17:58:25 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 352ms
233ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 507202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:45:07 GMT

GET
H/1.1 200
OK to-white.png
ketoafter50.com/free-digi/img/lfsl/trans/ 2 KB
2 KB 348ms
128ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/trans/to-white.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d50262e1705a66c65d34a41df56b6e7d31c8aef109a422ff742ee5cf78ddee6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:09 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "84c-5aed17b9f83b2"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2124

GET
H/1.1 200
OK blackslash.png
ketoafter50.com/free-digi/img/lfsl/trans/ 7 KB
8 KB 349ms
127ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/trans/blackslash.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c7616a42e046c0a6cc295dfbd79626eec537024f2c1b69e31d7c87706cff007c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1dd3-5aed17b9f3592"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7635

GET
H/1.1 200
OK from-black.png
ketoafter50.com/free-digi/img/lfsl/trans/ 5 KB
5 KB 126ms
126ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/trans/from-black.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e8627210a27105e66c146e162bd4c0f512b534d7514273d0c6e6be95bb543795

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "125d-5aed17b9eb893"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4701

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/ 47 KB
47 KB 214ms
131ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:53:33 GMT
x-content-type-options: nosniff
age: 506696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:01:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:53:33 GMT

GET
H/1.1 200
OK icomoon.ttf
ketoafter50.com/free-digi/img/lfsl/ico/ 1 KB
2 KB 210ms
127ms Font
application/font-sfnt 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ketoafter50.com/free-digi/img/lfsl/ico/icomoon.ttf?tw7ycf
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f7206ab71dcc8f90087cd82be515177816873c0d150de765490c3d5f167d8cf0

Request headers

Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
Origin: https://ketoafter50.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:29 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "59c-5aed17b9c95b4"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1436

GET
H/1.1 200
OK s01.jpg
ketoafter50.com/free-digi/img/lfsl/bg/ 227 KB
227 KB 132ms
126ms Image
image/jpeg 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/bg/s01.jpg
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 817de41df918a51c463d80b36603c299f2d383746e970566d057fd6868a13edf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "38a8f-5aed17b94d559"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 232079

GET
H/1.1 200
OK s02.jpg
ketoafter50.com/free-digi/img/lfsl/bg/ 74 KB
74 KB 134ms
128ms Image
image/jpeg 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/bg/s02.jpg
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c4ff22e292d25da612b718a1d6251add60580fb2d55151a9534e81a727955e3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "126e8-5aed17b94e4f9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 75496

GET
H/1.1 200
OK s03.jpg
ketoafter50.com/free-digi/img/lfsl/bg/ 77 KB
78 KB 129ms
127ms Image
image/jpeg 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/bg/s03.jpg
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/css/app-lfsl.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0205936389e0f4233f58bac70c7d84ae0db1a447e41b792b962258ae47f0f467

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/css/app-lfsl.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "135f3-5aed17b952379"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 79347

GET
H/1.1 200
OK arrowdown.png
ketoafter50.com/free-digi/img/lfsl/el/ 23 KB
23 KB 127ms
127ms Image
image/png 54.39.195.176
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketoafter50.com/free-digi/img/lfsl/el/arrowdown.png
Requested by: Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.39.195.176 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip176.ip-54-39-195.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9889c8864a1379a873fde86701ce0b64fb9558ec97c976c3891ebea2dae17d4c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 19:38:30 GMT
Last-Modified: Tue, 08 Sep 2020 18:27:08 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5b6b-5aed17b96b9b8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 23403

GET
H2 200 2358016177573175 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 109ms
108ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2358016177573175?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1492f9871152d8dda37382787f6082a3124330be75975672e41fb1f9c07528dc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: BQNsOKO/aPAD5qi1XdHpf9wD27995Wsfid6SP6xS1Jo5uyep1+jULgrsnLtuf6leAvZmfGh/mh/6LxuKvxDemA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 09 May 2022 19:38:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1652125110089
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
www.digistore24.com/webinc/badge/build/v1.0.1/ 2 KB
1 KB 65ms
62ms Script
application/javascript 35.244.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digistore24.com/webinc/badge/build/v1.0.1/loader.js
Requested by: Host: www.digistore24.com
URL: https://www.digistore24.com/trusted-badge/1567/lGUGi2danAHnvf9/footer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.212.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.212.244.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: c46dd15648191d950b9041e3c8c6a8671c8ef6ecb04c70a688760769567b27a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:30 GMT
content-encoding: gzip
x-envoy-decorator-operation: null
last-modified: Thu, 05 May 2022 12:25:40 GMT
server: envoy
etag: "7b6-5de42d7021900-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
x-envoy-upstream-service-time: 2
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 891

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 179ms
69ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89952909-10&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89952909-8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99567f4f2a764e7a259f7cf9cd09509944f9ba60052aeccad8158bef2322d30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40730
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 May 2022 19:38:30 GMT

GET
H3 200 digistore-banner-light.js Show response
www.digistore24.com/webinc/badge/build/v1.0.1/ 29 KB
11 KB 66ms
64ms Script
application/javascript 35.244.212.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.digistore24.com/webinc/badge/build/v1.0.1/digistore-banner-light.js
Requested by: Host: www.digistore24.com
URL: https://www.digistore24.com/webinc/badge/build/v1.0.1/loader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.212.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.212.244.35.bc.googleusercontent.com
Software: envoy /
Resource Hash: 55d60b86fdddb2c5e8118e67e18b5d3fc4350747428763c0738b48546a4750ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:30 GMT
content-encoding: gzip
x-envoy-decorator-operation: null
last-modified: Thu, 05 May 2022 12:25:40 GMT
server: envoy
etag: "74a5-5de42d7021900-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
x-envoy-upstream-service-time: 2
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10805

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 185ms
53ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJX76GN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4761
date: Mon, 09 May 2022 18:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 09 May 2022 20:19:09 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 209ms
80ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJX76GN

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 95F31AC27FA943D9AFF286A2CED6E82B Ref B: FRA31EDGE0621 Ref C: 2022-05-09T19:38:30Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Mon, 09 May 2022 19:38:30 GMT
accept-ranges: bytes
content-length: 11333

GET
H3 200 171774603645845 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 282ms
282ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/171774603645845?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fb5c6ee8763d70b2de537b63c0d3a5acc202b3eb94bede52ea73c1dc8c581a4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: gLPguNGtNfWCBARkv324/JKrLFgQu3A7WJ/vRwSgFJ7vzA5IB/iXHp9wpCx1gKQ3YJedFYJH1+BXL3N6Ijn07g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 09 May 2022 19:38:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1652125110469
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 172ms
54ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2358016177573175&ev=PageView&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&rl=http%3A%2F%2Furl.farsjoo.com%2F&if=false&ts=1652125110213&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1652125110209.1218543314&it=1652125110004&coo=false&exp=p0&rqm=GET

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 09 May 2022 19:38:30 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d93a7a42bf85c86fdd2fe89dab7ccf7ff822d010bce1bad7c93291cd57cbe58e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 844 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 297e447f8716d32fff647ad6b3358b337373b21d6bd69dd27197c40eed05306a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 171ms
60ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1754254425&t=pageview&_s=1&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&dr=http%3A%2F%2Furl.farsjoo.com%2F&ul=en-us&de=UTF-8&dt=Keto%20After%2050&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=316942357&gjid=576382896&cid=1023070387.1652125110&tid=UA-89952909-6&_gid=2023147049.1652125110&_r=1&gtm=2wg540MJX76GN&z=395559829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ketoafter50.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 May 2022 19:38:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ketoafter50.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 169ms
61ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1754254425&t=pageview&_s=1&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&dr=http%3A%2F%2Furl.farsjoo.com%2F&ul=en-us&de=UTF-8&dt=Keto%20After%2050&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=303807903&gjid=1060709036&cid=1023070387.1652125110&tid=UA-89952909-10&_gid=2023147049.1652125110&_r=1&gtm=2ou540&z=1287717473

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ketoafter50.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 May 2022 19:38:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ketoafter50.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25063280.js Show response
bat.bing.com/p/action/ 0
119 B 242ms
242ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25063280.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65838428AB9E4C99A465D064B8036340 Ref B: FRA31EDGE0621 Ref C: 2022-05-09T19:38:30Z
date: Mon, 09 May 2022 19:38:30 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 79ms
79ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25063280&tm=gtm002&Ver=2&mid=9d5269e3-7774-4ca3-b6df-49e6659d4ec3&sid=9ad02e30cfcf11ec83d025a8202b855e&vid=9ad02d80cfcf11ecb285df7a3721955e&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Keto%20After%2050&p=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&r=http%3A%2F%2Furl.farsjoo.com%2F&lt=1933&evt=pageLoad&msclkid=N&sv=1&rn=554709

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9A117D0B68F7456DB9CDAC50034A42D2 Ref B: FRA31EDGE0621 Ref C: 2022-05-09T19:38:30Z
date: Mon, 09 May 2022 19:38:30 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 169ms
56ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-89952909-6&cid=1023070387.1652125110&jid=316942357&gjid=576382896&_gid=2023147049.1652125110&_u=YEBAAEAAAAAAAC~&z=650392877

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ketoafter50.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 May 2022 19:38:30 GMT
content-type: text/plain
access-control-allow-origin: https://ketoafter50.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 169ms
56ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-89952909-10&cid=1023070387.1652125110&jid=303807903&gjid=1060709036&_gid=2023147049.1652125110&_u=YEDAAUABAAAAAC~&z=95497041

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ketoafter50.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 May 2022 19:38:30 GMT
content-type: text/plain
access-control-allow-origin: https://ketoafter50.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=171774603645845&ev=PageView&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%2...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&ec=0&ev=Pa...

44 B
88 B

54ms
54ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&ec=0&ev=PageView&exp=p0&fbp=fb.1.1652125110209.1218543314&id=171774603645845&if=false&it=1652125110004&o=30&r=stable&redirect=0&rl=http%3A%2F%2Furl.farsjoo.com%2F&rqm=GET&sh=1200&sw=1600&ts=1652125110614&v=2.9.58

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 09 May 2022 19:38:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 May 2022 19:38:30 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&ec=0&ev=PageView&exp=p0&fbp=fb.1.1652125110209.1218543314&id=171774603645845&if=false&it=1652125110004&o=30&r=stable&redirect=0&rl=http%3A%2F%2Furl.farsjoo.com%2F&rqm=GET&sh=1200&sw=1600&ts=1652125110614&v=2.9.58
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 208ms
91ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-89952909-10&cid=1023070387.1652125110&jid=303807903&_u=YEDAAUABAAAAAC~&z=267512427

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 19:38:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 207ms
90ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-89952909-10&cid=1023070387.1652125110&jid=303807903&_u=YEDAAUABAAAAAC~&z=267512427

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 19:38:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 205ms
89ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-89952909-6&cid=1023070387.1652125110&jid=316942357&_u=YEBAAEAAAAAAAC~&z=2069929215

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 19:38:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 207ms
91ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-89952909-6&cid=1023070387.1652125110&jid=316942357&_u=YEBAAEAAAAAAAC~&z=2069929215

Requested by

Host: ketoafter50.com
URL: https://ketoafter50.com/free-digi/?affId=4F0DE960&click_id=102fbac35a74b32f8d8d1ac54a021a&aff_sub2=&s1=247&s2=1221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 19:38:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 55ms
54ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2358016177573175&ev=Microdata&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&rl=http%3A%2F%2Furl.farsjoo.com%2F&if=false&ts=1652125111716&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Keto%20After%2050%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.58&r=stable&ec=1&o=30&fbp=fb.1.1652125110209.1218543314&it=1652125110004&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 09 May 2022 19:38:31 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 54ms
54ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=171774603645845&ev=Microdata&dl=https%3A%2F%2Fketoafter50.com%2Ffree-digi%2F%3FaffId%3D4F0DE960%26click_id%3D102fbac35a74b32f8d8d1ac54a021a%26aff_sub2%3D%26s1%3D247%26s2%3D1221&rl=http%3A%2F%2Furl.farsjoo.com%2F&if=false&ts=1652125112116&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Keto%20After%2050%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.58&r=stable&ec=1&o=30&fbp=fb.1.1652125110209.1218543314&it=1652125110004&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ketoafter50.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 19:38:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 09 May 2022 19:38:32 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ketoafter50.com/	1970-01-20 05:05:01	Name: _gcl_au Value: 1.1.1684760678.1652125110
.ketoafter50.com/	1970-01-20 05:05:01	Name: _fbp Value: fb.1.1652125110209.1218543314
.ketoafter50.com/	1970-01-20 20:26:37	Name: _ga Value: GA1.2.1023070387.1652125110
.ketoafter50.com/	1970-01-20 02:56:51	Name: _gid Value: GA1.2.2023147049.1652125110
.ketoafter50.com/	1970-01-20 02:55:25	Name: _gat_UA-89952909-6 Value: 1
.bing.com/	1970-01-20 12:17:01	Name: MUID Value: 3A28E7643AB9662B051CF6FB3B3267CA
.ketoafter50.com/	1970-01-20 02:55:25	Name: _gat_gtag_UA_89952909_10 Value: 1
.ketoafter50.com/	1970-01-20 02:56:51	Name: _uetsid Value: 9ad02e30cfcf11ec83d025a8202b855e
.ketoafter50.com/	1970-01-20 12:17:01	Name: _uetvid Value: 9ad02d80cfcf11ecb285df7a3721955e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ketoafter50.com
mwebpink.com
secure.ketoafter50.com
stats.g.doubleclick.net
url.farsjoo.com
www.digistore24.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
18.202.12.61
185.55.224.44
2620:1ec:c11::200
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3121::a
35.244.212.226
54.39.195.176
0205936389e0f4233f58bac70c7d84ae0db1a447e41b792b962258ae47f0f467
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1492f9871152d8dda37382787f6082a3124330be75975672e41fb1f9c07528dc
297e447f8716d32fff647ad6b3358b337373b21d6bd69dd27197c40eed05306a
2bd2f64435f17ee359a916deb00840f2a0c7dadd7c01ce2af61d25c715bcbc40
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3f75b1fd5c91bf9a5a86a241ddc76603e8f96a2efe4f9420686d4b67bbf03fd3
40fe2ed21a6d83d1c37c1e5ce2eb480ae4b7c5b298500586ee745eac4f88cbd1
458af683b8dbd6454c2ab93f5d228801d4c9edb8a8a8930c28563c6406a849f3
4af469ff5c08a0f32a08c67fa5e212d92f7d150e9bc110b0017f2935ca7cb4a0
55d60b86fdddb2c5e8118e67e18b5d3fc4350747428763c0738b48546a4750ff
55dd9fc39774af68d4ed30d6b668427f3b1ab86db5dff36cdf179573140f4b5a
585a6f068c13caecd6a18d04fe74641d6316f384ea87f5d534445f745bd2c364
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
7fb5c6ee8763d70b2de537b63c0d3a5acc202b3eb94bede52ea73c1dc8c581a4
806a3d2e1522537d654c53c3cf522012ea9f19b814ca73683eb9092a79375faa
817de41df918a51c463d80b36603c299f2d383746e970566d057fd6868a13edf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9889c8864a1379a873fde86701ce0b64fb9558ec97c976c3891ebea2dae17d4c
99567f4f2a764e7a259f7cf9cd09509944f9ba60052aeccad8158bef2322d30e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a806c60841ecd2779821fa72d788294809a643ade617a4deebac756079904bab
b78678e27a84f5aa950ce48972924e81c6b638dd9f7cf9d635f760cf545a0b8d
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
bf6e6ed37da1a51d801f8addc75bba75473de0f5f585d4240bf5d5b17bb9b08d
c06d98c4e715de2593f20b1b5aa89c567e9fd69748093d8bf0818f6ea35723c2
c43e242fa8b47210de7543e012bd9548ff81865424145377fc4a9404006d52d8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c46dd15648191d950b9041e3c8c6a8671c8ef6ecb04c70a688760769567b27a3
c4ff22e292d25da612b718a1d6251add60580fb2d55151a9534e81a727955e3a
c7616a42e046c0a6cc295dfbd79626eec537024f2c1b69e31d7c87706cff007c
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
d50262e1705a66c65d34a41df56b6e7d31c8aef109a422ff742ee5cf78ddee6e
d65e646adb32497b59aef49c69de37f727e575f39bd93ef232a465c217617237
d93a7a42bf85c86fdd2fe89dab7ccf7ff822d010bce1bad7c93291cd57cbe58e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa7614deaec8e3ce98e45a01eeb9cc0be36f5ff3ceb559bbca3c4c9cd81b46d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8627210a27105e66c146e162bd4c0f512b534d7514273d0c6e6be95bb543795
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02edf6f5150252c5baa8ad27ebe74fca46589a112bf38f74573fdd5811764f5
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f7206ab71dcc8f90087cd82be515177816873c0d150de765490c3d5f167d8cf0

ketoafter50.com Open in urlscan Pro 54.39.195.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

75 %IPv6

14 Domains

16 Subdomains

15 IPs

6 Countries

1150 kBTransfer

2141 kBSize

9 Cookies

5 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ketoafter50.com Open in urlscan Pro
54.39.195.176 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

75 %
IPv6

14
Domains

16
Subdomains

15
IPs

6
Countries

1150 kB
Transfer

2141 kB
Size

9
Cookies

55 HTTP transactions
2 data transactions