okefood.agughostkey.com Open in urlscan Pro
172.67.163.232 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://okefood.agughostkey.com/z.php?m2ussh9fyq+
Effective URL:
https://okefood.agughostkey.com/
Submission: On September 19 via api (September 19th 2021, 12:05:39 pm UTC) from BE — Scanned from DE

Summary HTTP 92 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 92 HTTP transactions. The main IP is 172.67.163.232, located in United States and belongs to CLOUDFLARENET, US. The main domain is okefood.agughostkey.com.
TLS certificate: Issued by R3 on August 18th 2021. Valid for: 3 months.

This is the only time okefood.agughostkey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	172.67.163.232 172.67.163.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
3	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
2	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
3	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
20	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
92	16

23 172.67.163.232 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

okefood.agughostkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.35 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.100 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	428 KB
23	agughostkey.com 1 redirects okefood.agughostkey.com	4 MB
10	doubleclick.net googleads.g.doubleclick.net	107 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	69 KB
5	google.com 2 redirects adservice.google.com www.google.com	2 KB
4	googletagservices.com www.googletagservices.com	144 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	googletagmanager.com www.googletagmanager.com	140 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	facebook.com 1 redirects www.facebook.com	2 KB
2	facebook.net connect.facebook.net	69 KB
1	2mdn.net s0.2mdn.net	63 KB
1	googleadservices.com partner.googleadservices.com	660 B
92	13

	Domain	Requested by
23	okefood.agughostkey.com	1 redirects okefood.agughostkey.com
20	tpc.googlesyndication.com	okefood.agughostkey.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	pagead2.googlesyndication.com	okefood.agughostkey.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com okefood.agughostkey.com googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	okefood.agughostkey.com www.googletagmanager.com
3	fonts.googleapis.com	okefood.agughostkey.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	www.facebook.com	1 redirects connect.facebook.net
2	connect.facebook.net	okefood.agughostkey.com connect.facebook.net
1	s0.2mdn.net	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
92	16

This site contains links to these domains. Also see Links.

Domain
justindianporn2.com
justindianporn.net
www.sobazo.com
www.redwap.me
www.borwap.pro
www.pakistaniporn2.com
www.hentai.name
pakistanporn.info
rajwap.tv
desi-sexy.info
rajwap.me
www.redwap.xyz
hindiporn.pro
6indianxxx.mobi
freeindianporn2.com

Subject Issuer	Validity	Valid
*.agughostkey.com R3	`2021-08-18` - `2021-11-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-06-29` - `2021-09-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://okefood.agughostkey.com/
Frame ID: A1B129085450FA83C12669FFE3F2C512
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: 75AD501B3041EAFE335E274C65FE399A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37fff7ae1bb3cc%2526domain%253Dokefood.agughostkey.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fokefood.agughostkey.com%25252Ff260c3b9890f588%2526relation%253Dparent.parent%26container_width%3D320%26height%3D145%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252FCektime%26locale%3Did_ID%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width
Frame ID: C9B25FA90C1514F54B43C77371E3B1CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578074244178174&output=html&h=90&slotname=7996051076&adk=1889483541&adf=1801062927&pi=t.ma~as.7996051076&w=920&lmt=1632053134&psa=0&format=920x90&url=https%3A%2F%2Fokefood.agughostkey.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134526&bpp=3&bdt=1238&idt=159&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=8073029716052&frm=20&pv=2&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=15&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CDmdbe16HD&p=https%3A//okefood.agughostkey.com&dtd=175
Frame ID: 4B49EBB2E3383A88DCA48B06023FCC6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578074244178174&output=html&adk=1812271804&adf=3025194257&lmt=1632053134&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fokefood.agughostkey.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134566&bpp=1&bdt=1278&idt=164&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=920x90&nras=1&correlator=8073029716052&frm=20&pv=1&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=168
Frame ID: E11387EF90770D77EE01A77AB64223E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html
Frame ID: A6917CCD02ADB6FCFBE30907330FF8B6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CQ-JjjidHYZSWLpDZtweVk6GAAb7Gvbhhmt-qroMOz7e-z4gKEAEg6a_JVmDJBqAB34O39QLIAQmoAwHIA0iqBNoBT9CIxITj7qCBezpQ0KbMidLGTZPxmi15ZtlCRnU6goRBWDT11Z5nx11Q0OQcc3VOCoJmS65wvC5yAZx3vzwAimdYokm1CW8VcYfZNvGoQtzjaWrYPteyiQAzpGRrX1r0Fu4G_R8TcuxQIpjViltNyLiDTADVMZjnOAXIGMR4qegKREjmc6IERya0DawSqe8nUtAm2a8Wx1xiTPwEVZ1UAdOErRMtEfbLLM3GY_LOYcVYajPada-TriQJdReALogivXFFOW5Nrb1CPeIa80YpoRlzJow5ulQ9L-vABOfM2OumA5IFBAgEGAGSBQQIBRgEoAYugAeJ_MiKAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ2Y0G0ggHCIBhEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NTc4MDc0MjQ0MTc4MTc0GAA&sigh=_XxYAX857rU&template_id=419
Frame ID: 9B31C6FE5F2DD932E59145495DFEE902
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4363BE7E61B6B0DEDD9EF03EF4658908
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Frame ID: EE9D4BB458EB02B3EDFB698F9216E93D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
Frame ID: CF5084947EC585648F87B3C02A79D6B7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BEF5BC98CAD9F55542E6F889520F75C2
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 37E144F02F007AFD4136CE6C90A4BAF0
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Frame ID: 6199F02EF3F90CD3EDEF0D71E0ED637D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js
Frame ID: BE4F4022D57CDB3A75FED9BFB98AF4A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7749D7F33007F51B37872F2D2EE76903
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2F1CAA5A2AFD6275AAEDEFEFC8F30889
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oke Food - Best Recipes Collection

Page URL History Show full URLs

https://okefood.agughostkey.com/z.php?m2ussh9fyq+ HTTP 301
https://okefood.agughostkey.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

92
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

4781 kB
Transfer

6885 kB
Size

7
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://justindianporn2.com/
Title: justindianporn2.com

Search URL Search Domain Scan URL

URL: https://justindianporn.net/
Title: justindianporn.net

Search URL Search Domain Scan URL

URL: https://www.sobazo.com/
Title: sobazo.com

Search URL Search Domain Scan URL

URL: https://www.redwap.me/
Title: redwap.me

Search URL Search Domain Scan URL

URL: https://www.borwap.pro/
Title: borwap.pro

Search URL Search Domain Scan URL

URL: https://www.pakistaniporn2.com/
Title: pakistaniporn2.com

Search URL Search Domain Scan URL

URL: https://www.hentai.name/
Title: hentai.name

Search URL Search Domain Scan URL

URL: https://pakistanporn.info/
Title: pakistanporn.info

Search URL Search Domain Scan URL

URL: https://rajwap.tv/
Title: rajwap.tv

Search URL Search Domain Scan URL

URL: https://desi-sexy.info/
Title: desi-sexy.info

Search URL Search Domain Scan URL

URL: https://rajwap.me/
Title: rajwap.me

Search URL Search Domain Scan URL

URL: https://www.redwap.xyz/
Title: redwap.xyz

Search URL Search Domain Scan URL

URL: https://hindiporn.pro/
Title: hindiporn.pro

Search URL Search Domain Scan URL

URL: https://6indianxxx.mobi/
Title: 6indianxxx.mobi

Search URL Search Domain Scan URL

URL: https://freeindianporn2.com/
Title: freeindianporn2.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://okefood.agughostkey.com/z.php?m2ussh9fyq+ HTTP 301
https://okefood.agughostkey.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.facebook.com/v9.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37fff7ae1bb3cc%26domain%3Dokefood.agughostkey.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fokefood.agughostkey.com%252Ff260c3b9890f588%26relation%3Dparent.parent&container_width=320&height=145&hide_cover=false&href=https%3A%2F%2Fweb.facebook.com%2FCektime&locale=id_ID&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37fff7ae1bb3cc%2526domain%253Dokefood.agughostkey.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fokefood.agughostkey.com%25252Ff260c3b9890f588%2526relation%253Dparent.parent%26container_width%3D320%26height%3D145%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252FCektime%26locale%3Did_ID%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

92 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
okefood.agughostkey.com/
Redirect Chain

https://okefood.agughostkey.com/z.php?m2ussh9fyq+
https://okefood.agughostkey.com/

114 KB
23 KB

812ms
811ms

Document
text/html

172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 401d3c2d7e2a591aaedfb6edc3269152427d01b1967ccc93694e2a612ec13839

Request headers

:method: GET
:authority: okefood.agughostkey.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 19 Sep 2021 12:05:33 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2Bcq%2F7ps%2Bp5vt0l6KuBONAkJ4348QwYpmQ9dQyycryT8bKYqBHch1L83bQxbyeGpPHziwSdv5q9KvCkzQQWD%2FTy1km6sojNENORhAPkFtEtvcDKZR5DxCqOjqULym5zl%2FEN9zeVTvT2iyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6912aece0d5f2790-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sun, 19 Sep 2021 12:05:32 GMT
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://okefood.agughostkey.com/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnwAL325BgFv%2F4m6DjOkwRpYuMgCUW892XsnkhFcWn5zBmezbwDsVxrky6Oxl3MGg%2F0Bdi4RuZ5wQIssJHKGdRRr0iPq5M1KSn9lQDfsfEkx6zPXoWku32TaJZFoacTbrzC6%2BfqUuq8f6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6912aec33b982790-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 39ms
17ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Cookie:regular

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

dcfc405caef9678e3c71117288378ac4cccb70568908e3dddccaaa99e7402950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 19 Sep 2021 12:05:33 GMT
server: ESF
date: Sun, 19 Sep 2021 12:05:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 12:05:33 GMT

GET
H3 200 4d5a.css
okefood.agughostkey.com/wp-content/cache/wpfc-minified/6v5bosnc/ 97 KB
15 KB 1068ms
1068ms Stylesheet
text/css 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/wp-content/cache/wpfc-minified/6v5bosnc/4d5a.css
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53fc45656f8cf0429178472e62060272f7ad353f840947eb0df71ecb82356ba3

Request headers

:path: /wp-content/cache/wpfc-minified/6v5bosnc/4d5a.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 11:58:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnbjP06D0KV7Br%2FBomyn%2F0XWRu9oYuXCGtOHGhnpOxLQvZ5%2BzQ1hUgPXWFQrtsn7YL891K5iyNBOQ4V%2BnLsaxhB7trP%2FhRQtWA6thch49xCwOO1e2%2FyAe%2FBiO1bPSdyC%2BYPDiIa%2Fds53Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aed33f3ef9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 wp-emoji-release.min.js Show response
okefood.agughostkey.com/wp-includes/js/ 18 KB
5 KB 27ms
27ms Script
application/javascript 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Sep 2021 03:07:00 GMT
server: cloudflare
age: 6980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTO%2FGdCEu1Rq%2FVJ44Cgmv6dqE3uLX2uCqZF2%2BtQJVZCwoVkkt2Bw8dAY9J7U%2Fneti8%2FF5pw0joxDuL6WByeOhOQLbXSs9upU9JYWer5zE3E1fmCFh6bfVb4Jb%2FiF%2Bhyz%2B8zIJ0HysTgdTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aed37f81f9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 4d5a.css
okefood.agughostkey.com/wp-content/cache/wpfc-minified/9kpeb3ay/ 6 KB
2 KB 853ms
853ms Stylesheet
text/css 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/wp-content/cache/wpfc-minified/9kpeb3ay/4d5a.css
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cc70f94edb2c24b991d294eee512130a13bba90dcfd054eaffaebf50818e83

Request headers

:path: /wp-content/cache/wpfc-minified/9kpeb3ay/4d5a.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 11:58:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcQ00MFCs%2BCchxZ8gPLnxItP7836t4O%2F3lzkPjIhPQmGYjKWAXa2bCecGpVYYbhH%2FTc7auXHrSEQuFU7qE1AZ%2BoIX5CBNU0YxVM6GYsWsQyEi%2BDUswokRwKfg%2B727lDgwGHt6mEIz%2BD9Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aed468c7f9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
40 KB 59ms
34ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136862565-6

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

dd2f5d213f26bf951d75c5270c053dd19c21bf53f03b5e561b7634078b45b99d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40399
x-xss-protection: 0
expires: Sun, 19 Sep 2021 12:05:34 GMT

GET
H3 200 icon-okefood-small.png
okefood.agughostkey.com/wp-content/uploads/2020/11/ 7 KB
8 KB 27ms
26ms Image
image/png 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/icon-okefood-small.png
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46f3ae13d30c47932e1f9444214e615e5873d410f9f5902622df80367149abdb

Request headers

:path: /wp-content/uploads/2020/11/icon-okefood-small.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7551
last-modified: Wed, 25 Nov 2020 00:48:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79SYEV2fyN6X9qV4pznYhdM96uwEn0fvmhglfFP2LKOrFqbTOOUh7x%2BAzdPJFumYb29VldlMluWABtc4D2LVs4%2BmqMrBtZhhQPmRwT45DyguN7hN%2FPI4O3Gx2NVwVKre6M05TX4JP4Gyhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda0ff4f9ce-PRG
expires: max-age=A10368000, public

GET
H2 200 sdk.js Show response
connect.facebook.net/id_ID/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

d946b30c11217382f52a78c86ab082e08f30118d7f4dc325f2d264ec70d32ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://okefood.agughostkey.com/
Origin: https://okefood.agughostkey.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nKSvnR+mSA9K6CU3/HWWDA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 19XsRAKSa4YPqjgXlSEWZ/VmJWWz7ruTvwrBi4UOSvC4SY4LemAH8lU0G6mkB9K+aA1wkbH7m13FJfpoSCfWgA==
x-fb-trip-id: 917726464
x-fb-content-md5: 557306337c028922975869de61f272fc
x-frame-options: DENY
date: Sun, 19 Sep 2021 12:05:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5cc62b680d202cbf986441ed73062ea7"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Sep 2021 12:08:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 76ms
51ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

94dcbfd217ebcabb12fcd3012f9e2f098bd9f2a2bbd89fb6a1c3596258372f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48994
x-xss-protection: 0
server: cafe
etag: 12729595234619869058
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 12:05:34 GMT

GET
H3 200 main.min.js Show response
okefood.agughostkey.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 40ms
40ms Script
application/javascript 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.3
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

:path: /wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 07:52:54 GMT
server: cloudflare
age: 6980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5hkOcTEOe%2BhD9v06avcyAyj0JLdZ16jdqXY2mjV93K2om0SziTiUaLmwHH%2FhQb0pY7Vy4mO3wXBqi%2FVFTRzIdNo6919tavxfoukW9mO8dTCATnBc0CGwYW5GA3Iumv64lkHbw3SnGd97w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aed9cf90f9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 navigation-search.min.js Show response
okefood.agughostkey.com/wp-content/themes/generatepress/assets/js/ 2 KB
1 KB 28ms
28ms Script
application/javascript 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.0.3
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199898d01ee6a242c64dc62559177261862ebfd52ee6903eddb87017cfa6d295

Request headers

:path: /wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.0.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 07:52:54 GMT
server: cloudflare
age: 6980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0l5DBEGID02rVUJuLDZEBRtVj1RFadBEDTD5grCVpEClHz8yktXDwh4JOhQmrg7qqtC6JpYTZCu%2BZgcbz%2FXu%2BEBa%2Ftf8JOSQBGFLxYdz%2FRHYjErzJvRmL9HvurQPO9DGFfU9mdEYyr%2Finw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aeda0fe6f9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 pwa-register-sw.js Show response
okefood.agughostkey.com/ 16 B
601 B 27ms
26ms Script
text/js 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/pwa-register-sw.js?ver=1.7.37
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fea6ebedd553109acb7de5a4639b7c1cf8abc66377abe252aae9605c10295d2

Request headers

:path: /pwa-register-sw.js?ver=1.7.37
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Sep 2021 10:09:15 GMT
server: cloudflare
age: 6979
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZoKYk8ve7YhvXOjp0rxiD6N01IPnAIuCuSbPFx84QnCbas%2B47CF85obGyzvA6kOrlmf9TGxW31kMDCsfiWYt2LBHnmzg0MSYXaVaWyaU11TesE2WW5fLw0f8Z6xrvFmsw0MbcbWveFgRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/js;charset=UTF-8
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aeda0febf9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 wp-embed.min.js Show response
okefood.agughostkey.com/wp-includes/js/ 1 KB
1 KB 28ms
28ms Script
application/javascript 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Sep 2021 02:58:32 GMT
server: cloudflare
age: 6980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovsdd3jzumG%2FgnwlRDt%2BHAomqqp7tk4yM2oEo9tPUdvRMmsoYnb2MRPzNYcKtY%2FmSpjVz%2FXojrIyMrfU2PQyhIWwtrfWEUf3wJK%2FL%2F0V90YFb%2B23j0hyY9P0k5Zo8Nb5k20RIMU29gMDbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aeda0ff0f9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 61ms
36ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-47XFFFKRXJ

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

e0768fcb6c119d43d877209aa38d0927f9d1424d818d5782aec811b585e62a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51166
x-xss-protection: 0
expires: Sun, 19 Sep 2021 12:05:34 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 29ms
7ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Cookie:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://okefood.agughostkey.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 14:18:31 GMT
x-content-type-options: nosniff
age: 596823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 14:18:31 GMT

GET
H2 200 syky-y18lb0tSbf9kgqS.woff2
fonts.gstatic.com/s/cookie/v12/ 14 KB
14 KB 34ms
14ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cookie/v12/syky-y18lb0tSbf9kgqS.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Cookie:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

51e90fcae805aef6e8dc3072a548ac23ea2eed5aaabf8c3c37ffb847c89b1011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://okefood.agughostkey.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:22:41 GMT
x-content-type-options: nosniff
age: 182573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14456
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:15:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Sep 2022 09:22:41 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 31ms
12ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Cookie:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://okefood.agughostkey.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:00:30 GMT
x-content-type-options: nosniff
age: 187504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 08:00:30 GMT

GET
H3 200 chai2Btea2Blatte2Bmix2Brecipe.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 342 KB
343 KB 110ms
110ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/chai2Btea2Blatte2Bmix2Brecipe.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230b53ffa362e48f3bcba8c6b504c367d8166db6cc1cff97e860197893507669

Request headers

:path: /wp-content/uploads/2020/11/chai2Btea2Blatte2Bmix2Brecipe.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 350316
last-modified: Tue, 24 Nov 2020 05:26:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhaOH%2BmWARhD%2BncQhjfdfVa6eATiL8HeW1N5VoqT3bCCTI%2B8fIeGqrahg6gxOkq%2BK1ZQ5G9KsrHR5JguMUu4QIi%2FCGfAMbcHdwzWd0sSx%2BBjXuQ%2F3lmA4Ket8c2GdfnMsmCQawoSeUbOcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda484ef9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 SUGAR2BFREE2BCOCONUT2BCREAM2BPIE2B25E2258025932BGLUTEN2BFRE.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 420 KB
421 KB 29ms
28ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/SUGAR2BFREE2BCOCONUT2BCREAM2BPIE2B25E2258025932BGLUTEN2BFRE.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe1cc56632f566338a35f7fc04a31751a810e3d8c7fdcded365cbcea065ac44

Request headers

:path: /wp-content/uploads/2020/11/SUGAR2BFREE2BCOCONUT2BCREAM2BPIE2B25E2258025932BGLUTEN2BFRE.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 430072
last-modified: Tue, 24 Nov 2020 05:26:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KuAHCWVEf2RUv3dFfJI4q4zXGvbgXcvKKaU%2B7ZCy%2F%2FHi13GbWFgVHlrbSTwDJRRtf1n9cNPfLaYCUkJ336DxX8Ia%2BARAKDDaknrEb7aciN3esnm2acXB7c9T645y78fcQKHuQKOPne4IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda484ff9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 apple2Bpear2Bpomegranate2Bsangria.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 287 KB
287 KB 134ms
133ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/apple2Bpear2Bpomegranate2Bsangria.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66515691694390db25716bbdd8713a63b0cd1f8e0e115fe733d00edd7d90c002

Request headers

:path: /wp-content/uploads/2020/11/apple2Bpear2Bpomegranate2Bsangria.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 293544
last-modified: Tue, 24 Nov 2020 05:26:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tc%2FmsoquIGDjdbf%2F2BM%2BaBcNSqvalfTSut1UnL1qL9N3uhytJrZ%2FZ3n9S3b%2BUkv8V1rq0ttUZvyZA5KizyzinGZLMgLbGEJhrrMmkJrnZudzVs21YyfERN8vhrbPF%2FFUEt7GJMa8cSwHCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda4850f9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 melt2Bin2Byour2Bmouth2Bchicken2Bwith2Bbread2Bcrumbs.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 598 KB
599 KB 145ms
143ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/melt2Bin2Byour2Bmouth2Bchicken2Bwith2Bbread2Bcrumbs.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77c8bb1e05706281670ac30c10a9b255ddad882c134627a1373a330090f928bb

Request headers

:path: /wp-content/uploads/2020/11/melt2Bin2Byour2Bmouth2Bchicken2Bwith2Bbread2Bcrumbs.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 612351
last-modified: Tue, 24 Nov 2020 05:26:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mV87BJiwnMfpdbCglAr6kXjgqrfxARRqByPo1EUXSXV0z%2FhZKe2gX%2F7mvav7q0DSgJUkX%2Fz8JQ0pDjz2%2Fbpfq1c9Rug9AmVLh4iCZPwAM4o4RZlxOA0kQjFxPleQKfXJjtHQwd%2BsMt6CRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda4852f9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 carrot2Bcake2Bwaffles2Brecip.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 592 KB
593 KB 46ms
45ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/carrot2Bcake2Bwaffles2Brecip.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b770c54aab3f8ea232874da40b3762b334ba0b0152f4f4d44cd4e8c1c697dea4

Request headers

:path: /wp-content/uploads/2020/11/carrot2Bcake2Bwaffles2Brecip.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 606496
last-modified: Tue, 24 Nov 2020 05:26:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ggec8RJePJOCKQFn44NfbVDD74YdWR52ZxNEkxIvb%2B7EnHto28a6C6MwP1LoA%2FK8DK3iZyi%2BNTwzSaWaRQkvp2F6gFNwsABuvzOiKJEg2YcLSJ6L%2BRAks5ZvZwTlufjFfFoBgztBYCLlxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda4854f9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 chocolate2Bturtle2Bapple2Bslices2Brecipe.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 259 KB
260 KB 171ms
170ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/chocolate2Bturtle2Bapple2Bslices2Brecipe.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec3fa364b495495ca2a9750ddcf4ef9acd1cd1d441f9530e3f3afb54155a891

Request headers

:path: /wp-content/uploads/2020/11/chocolate2Bturtle2Bapple2Bslices2Brecipe.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 265668
last-modified: Tue, 24 Nov 2020 05:26:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd77ACgNizOxUjVBNeGzyiITrAcLGG0u%2BaGxbWTq4xA2UnggYfl7HeFRw3%2FoNBE84Cvhm9FGsqC2ncB7PXDp6%2FUFx%2BKHJE%2FERH1LmQ8qzSPWhQ4Rc3rSA3EXiyMckPT50LJkx7dwfSQR0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda4855f9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 32BIngredient2BChocolate2BCrunch2BDoughnut.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 315 KB
316 KB 179ms
178ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/32BIngredient2BChocolate2BCrunch2BDoughnut.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5421fd6a30c3e9fcb2ba784ca67fd9807aa0a5787bd546b043881dfff8f584ac

Request headers

:path: /wp-content/uploads/2020/11/32BIngredient2BChocolate2BCrunch2BDoughnut.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6980
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 322619
last-modified: Tue, 24 Nov 2020 05:26:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFB2FxQkYal1jhd8wWi1w10IB2%2BnoGCGLVJ1Lr7EugJQergB5LM%2FD3jZJk508b3OKJVdYeFuWXmo1veVt9XxxWyFQxnQm%2FuBxu4cAVmx4qoTCtbj085KiqVMgyG%2F7kD%2Bvk5qTNuz%2Fg4FKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda4858f9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 Easy2BCheesecake2BBrownies2BRecip.jpeg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 186 KB
187 KB 182ms
181ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/Easy2BCheesecake2BBrownies2BRecip.jpeg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26a0e64202de33da20d689b1b45e0ca4deb330f434713d15631c292b42654109

Request headers

:path: /wp-content/uploads/2020/11/Easy2BCheesecake2BBrownies2BRecip.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6978
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 190425
last-modified: Tue, 24 Nov 2020 05:26:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZArWKYJFLJAS935Xrw1HYgIzwo8teHPXscmwMDtX4yMWb%2FSyrn9bNpMOuw8nTHCxAE1qFuatB3SHIugc4Do1B9Y%2BAi56ZdvgkWJkvT2jegfPAgqnAu3RomBduT%2BuveOMfeGleGrkmSAXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda485af9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 Turkey2BCranberry2BBrie2BEgg2BRoll.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 254 KB
254 KB 185ms
184ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/Turkey2BCranberry2BBrie2BEgg2BRoll.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c01cea00eb9d9b9006f96d30ee4b6e480773ec81d89d6d6980d09ad03147c5

Request headers

:path: /wp-content/uploads/2020/11/Turkey2BCranberry2BBrie2BEgg2BRoll.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6968
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 259613
last-modified: Tue, 24 Nov 2020 05:26:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4RomiPaTpPALuFMwH68khoILUOBKVrzkySxNU5fyF4CS2ptcdGTK%2F0BSfEvHjkvWQU601%2B%2BEFkFw3G%2BaIC43FrKpq55c%2B9daTGIhVAeCJRDBw%2BRWb97E6KUhhfUYQJYEcQ%2Beoy0SrExuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda485cf9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 Easiest2BCinnamon2BCrunch2BKnot.jpg
okefood.agughostkey.com/wp-content/uploads/2020/11/ 379 KB
380 KB 189ms
188ms Image
image/jpeg 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/uploads/2020/11/Easiest2BCinnamon2BCrunch2BKnot.jpg
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 956614e0221d0cdcf2d85ee22078e29dcf6292d284b9a5b62a87ac5238ef82d4

Request headers

:path: /wp-content/uploads/2020/11/Easiest2BCinnamon2BCrunch2BKnot.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6968
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 388098
last-modified: Tue, 24 Nov 2020 05:26:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxLoQMTAbZfD6yjA9pdukRZezLUryK0YHLhLsvSiDLibmMZvobUk72uupikdeSM%2BATwuO7JA6vxXED6xWpueRxLNQ%2FeaE6K0Cil%2BjuevKJxyHsD86hgxVPqTzrth0RsxoXn7u2F9QC%2B4yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6912aeda485df9ce-PRG
expires: max-age=A10368000, public

GET
H3 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v23/ 13 KB
13 KB 36ms
15ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Cookie:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://okefood.agughostkey.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 14:27:55 GMT
x-content-type-options: nosniff
age: 596259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 14:27:55 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/id_ID/ 228 KB
67 KB 16ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js?hash=56928f8d5355d1c1a514e41ec7b7f216

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

c71bb0927c95d7af3e56d0554d0449e2d208b4c610e30cb801f862ef68be1d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://okefood.agughostkey.com/
Origin: https://okefood.agughostkey.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xGxrH/9hvyobXpQ0Fd4skA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68443
x-fb-rlafr: 0
x-fb-debug: MTcYG6jtUYQSyaCoau1gQ0WBh+wMKK51NquJpHBmUDNYwJcdiB8YOE7Q1mqzQf3Vjw7k4TunkuvvyViYt2edMw==
x-fb-content-md5: cf83406b903f36c48eefbbf5fff9a94f
x-frame-options: DENY
date: Sun, 19 Sep 2021 12:05:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a21d34fb2747662052b2daca596583bd"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 19 Sep 2022 11:03:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
7ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136862565-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4414
date: Sun, 19 Sep 2021 10:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 19 Sep 2021 12:52:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 62ms
41ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-47XFFFKRXJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136862565-6

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

cbc9e6af93772355e53cc85b3671f6a38ecfd82b4c674d2a14739f1960564c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51146
x-xss-protection: 0
expires: Sun, 19 Sep 2021 12:05:34 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 253 KB
94 KB 63ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fece609132179152484c9592c0cad0b32ea746fd41546306a38b8556b82d2fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95702
x-xss-protection: 0
server: cafe
etag: 17553272322223311488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 12:05:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame 75AD 10 KB
5 KB 27ms
6ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://okefood.agughostkey.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 18 Sep 2021 12:36:30 GMT
expires: Sat, 02 Oct 2021 12:36:30 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 84544
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 29ms
14ms Ping
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-47XFFFKRXJ&gtm=2oe9f0&_p=785543876&sr=1600x1200&ul=en-us&cid=1200069369.1632053135&_s=1&dl=https%3A%2F%2Fokefood.agughostkey.com%2F&dt=Oke%20Food%20-%20Best%20Recipes%20Collection&sid=1632053134&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-47XFFFKRXJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://okefood.agughostkey.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 12:05:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://okefood.agughostkey.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 52ms
52ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=785543876&t=pageview&_s=1&dl=https%3A%2F%2Fokefood.agughostkey.com%2F&ul=en-us&de=UTF-8&dt=Oke%20Food%20-%20Best%20Recipes%20Collection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=322594426&gjid=443544791&cid=1200069369.1632053135&tid=UA-136862565-6&_gid=1815828629.1632053135&_r=1&gtm=2ou9f0&did=dZTNiMT&z=722324824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://okefood.agughostkey.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 12:05:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://okefood.agughostkey.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.facebook.com/login/ Frame C9B2
Redirect Chain

https://www.facebook.com/v9.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37fff7ae1bb3cc%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

235ms
227ms

Document
text/html

157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37fff7ae1bb3cc%2526domain%253Dokefood.agughostkey.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fokefood.agughostkey.com%25252Ff260c3b9890f588%2526relation%253Dparent.parent%26container_width%3D320%26height%3D145%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252FCektime%26locale%3Did_ID%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js?hash=56928f8d5355d1c1a514e41ec7b7f216

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37fff7ae1bb3cc%2526domain%253Dokefood.agughostkey.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fokefood.agughostkey.com%25252Ff260c3b9890f588%2526relation%253Dparent.parent%26container_width%3D320%26height%3D145%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252FCektime%26locale%3Did_ID%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://okefood.agughostkey.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: tL8m13fnEiswiJQCrv6iixMOZzP8HGQQYPu7GEhBw6GWE8Ip7rwpVRwcZEy/Ax4My4PEN6W03HJ8p4xmUEYj1g==
date: Sun, 19 Sep 2021 12:05:34 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37fff7ae1bb3cc%2526domain%253Dokefood.agughostkey.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fokefood.agughostkey.com%25252Ff260c3b9890f588%2526relation%253Dparent.parent%26container_width%3D320%26height%3D145%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fweb.facebook.com%252FCektime%26locale%3Did_ID%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline%26width
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 1czL0Ee9svIpf/YVRJ+XwPOeT3XIALSn2Acm5+ilqJB1gXA7CRWuyHiKUwUNZbOlBKT4CWOYcogTC52byiNZlQ==
content-length: 0
date: Sun, 19 Sep 2021 12:05:34 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
660 B 39ms
18ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=okefood.agughostkey.com&callback=_gfp_s_&client=ca-pub-9578074244178174

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c52225d927e2bde53a4ba909539dd75fef211dece0b46aa9a04ebb2998342612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 41ms
18ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=okefood.agughostkey.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B49 120 KB
37 KB 599ms
577ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578074244178174&output=html&h=90&slotname=7996051076&adk=1889483541&adf=1801062927&pi=t.ma~as.7996051076&w=920&lmt=1632053134&psa=0&format=920x90&url=https%3A%2F%2Fokefood.agughostkey.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134526&bpp=3&bdt=1238&idt=159&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=8073029716052&frm=20&pv=2&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=15&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CDmdbe16HD&p=https%3A//okefood.agughostkey.com&dtd=175

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

de2b41745e24cf790790bd19159deb96dc2aee32469b471ea262ff2f117450ef

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJSV6Nr_ivMCFZDs7QodlUkIEA&gqi=jidHYfzPLeT3tgfhlLCgDw&layout=/sadbundle/%24csp%253Der3%24/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9578074244178174&output=html&h=90&slotname=7996051076&adk=1889483541&adf=1801062927&pi=t.ma~as.7996051076&w=920&lmt=1632053134&psa=0&format=920x90&url=https%3A%2F%2Fokefood.agughostkey.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134526&bpp=3&bdt=1238&idt=159&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=8073029716052&frm=20&pv=2&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=15&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CDmdbe16HD&p=https%3A//okefood.agughostkey.com&dtd=175
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://okefood.agughostkey.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJSV6Nr_ivMCFZDs7QodlUkIEA&gqi=jidHYfzPLeT3tgfhlLCgDw&layout=/sadbundle/%24csp%253Der3%24/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Sep 2021 12:05:35 GMT
server: cafe
content-length: 37839
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 12:20:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 12:05:35 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 60ms
25ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1631879122047051"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 12:05:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
36ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fokefood.agughostkey.com%2F&tn=DIV&cls=code-block%20code-block-5%20ai-viewport-1%20ai-close&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 12:05:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E113 231 KB
56 KB 554ms
554ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578074244178174&output=html&adk=1812271804&adf=3025194257&lmt=1632053134&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fokefood.agughostkey.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134566&bpp=1&bdt=1278&idt=164&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=920x90&nras=1&correlator=8073029716052&frm=20&pv=1&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b25614c40e6e12abe0241fca4940e55dda36cfdefaf3542be9aee0bc1ba59795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9578074244178174&output=html&adk=1812271804&adf=3025194257&lmt=1632053134&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fokefood.agughostkey.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134566&bpp=1&bdt=1278&idt=164&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&prev_fmts=920x90&nras=1&correlator=8073029716052&frm=20&pv=1&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=168
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://okefood.agughostkey.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 Sep 2021 12:05:35 GMT
server: cafe
content-length: 56991
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-Sep-2021 12:20:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 12:05:35 GMT
cache-control: private

GET
H3 200 jquery.min.js Show response
okefood.agughostkey.com/wp-includes/js/jquery/ 87 KB
32 KB 29ms
28ms Script
application/javascript 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
cookie: _ga_47XFFFKRXJ=GS1.1.1632053134.1.0.1632053134.0; _ga=GA1.2.1200069369.1632053135; _gid=GA1.2.1815828629.1632053135; _gat_gtag_UA_136862565_6=1; __gads=ID=d9d8b23cd918bcf5-224e60a136c90017:T=1632053134:RT=1632053134:S=ALNI_MZqlZo4BgPg0cyh6BpZ1Q0_IAuizw
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Sep 2021 03:07:00 GMT
server: cloudflare
age: 6977
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2OeGgEqUmmVVvGXDT%2B0TJfabhk2TAYmzn%2FL%2BdeVj3wRoOydG%2BCfg2DcZDShc%2F2SvQTGDaMjhDK%2F6hrT5KjItUUUHZPl%2F42eUGYeZPSH%2BU7ULUFf%2BwYTKJt0s2tW5zmjKrozbIemNuJo8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aedc9b7df9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 jquery-migrate.min.js Show response
okefood.agughostkey.com/wp-includes/js/jquery/ 11 KB
5 KB 26ms
25ms Script
application/javascript 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okefood.agughostkey.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=5.8.1
Requested by: Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=5.8.1
pragma: no-cache
cookie: _ga_47XFFFKRXJ=GS1.1.1632053134.1.0.1632053134.0; _ga=GA1.2.1200069369.1632053135; _gid=GA1.2.1815828629.1632053135; _gat_gtag_UA_136862565_6=1; __gads=ID=d9d8b23cd918bcf5-224e60a136c90017:T=1632053134:RT=1632053134:S=ALNI_MZqlZo4BgPg0cyh6BpZ1Q0_IAuizw
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Sep 2021 03:07:00 GMT
server: cloudflare
age: 6976
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4%2FFULArEr4ePB0%2BxK1SB%2BuH01WNIkb3KAdnoy1rDMPNG6hvHdj5QfUkg8WADuDnKIe6RF%2BRcJTxrtr%2BmyccMTveiISSRMuH9U7H4B99hCEYQNyWtMTfE%2B0atGoE76M5k7jQWlSf5TihVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6912aedcebe6f9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 C3-All-In-One-728x90-v1.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/ Frame A691 3 KB
3 KB 42ms
13ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

eba136c8c0f2a4a5f09aa3c08f55bca2a3a1129185b413506a6f5feef29b0f76

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 1281
date: Thu, 16 Sep 2021 00:58:38 GMT
expires: Fri, 16 Sep 2022 00:58:38 GMT
last-modified: Thu, 07 May 2020 14:26:55 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 299217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B31 0
0 40ms
40ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ-JjjidHYZSWLpDZtweVk6GAAb7Gvbhhmt-qroMOz7e-z4gKEAEg6a_JVmDJBqAB34O39QLIAQmoAwHIA0iqBNoBT9CIxITj7qCBezpQ0KbMidLGTZPxmi15ZtlCRnU6goRBWDT11Z5nx11Q0OQcc3VOCoJmS65wvC5yAZx3vzwAimdYokm1CW8VcYfZNvGoQtzjaWrYPteyiQAzpGRrX1r0Fu4G_R8TcuxQIpjViltNyLiDTADVMZjnOAXIGMR4qegKREjmc6IERya0DawSqe8nUtAm2a8Wx1xiTPwEVZ1UAdOErRMtEfbLLM3GY_LOYcVYajPada-TriQJdReALogivXFFOW5Nrb1CPeIa80YpoRlzJow5ulQ9L-vABOfM2OumA5IFBAgEGAGSBQQIBRgEoAYugAeJ_MiKAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ2Y0G0ggHCIBhEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NTc4MDc0MjQ0MTc4MTc0GAA&sigh=_XxYAX857rU&template_id=419

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578074244178174&output=html&h=90&slotname=7996051076&adk=1889483541&adf=1801062927&pi=t.ma~as.7996051076&w=920&lmt=1632053134&psa=0&format=920x90&url=https%3A%2F%2Fokefood.agughostkey.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134526&bpp=3&bdt=1238&idt=159&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=8073029716052&frm=20&pv=2&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=15&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CDmdbe16HD&p=https%3A//okefood.agughostkey.com&dtd=175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 19 Sep 2021 12:05:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame 9B31 18 KB
8 KB 34ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578074244178174&output=html&h=90&slotname=7996051076&adk=1889483541&adf=1801062927&pi=t.ma~as.7996051076&w=920&lmt=1632053134&psa=0&format=920x90&url=https%3A%2F%2Fokefood.agughostkey.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134526&bpp=3&bdt=1238&idt=159&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=8073029716052&frm=20&pv=2&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=15&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CDmdbe16HD&p=https%3A//okefood.agughostkey.com&dtd=175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 11:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 11:55:40 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 9B31 2 KB
1 KB 39ms
12ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 12:00:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B31 128 KB
39 KB 52ms
28ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 9B31 14 KB
6 KB 35ms
8ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 11:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 11:59:32 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/ 145 KB
52 KB 46ms
43ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3827f61fb79cfe72886e152f47e32cc6b9e112c40fffbfd254a9828f94ebf65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53040
x-xss-protection: 0
server: cafe
etag: 10624087348813358335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4363 143 B
163 B 17ms
14ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578074244178174&output=html&h=90&slotname=7996051076&adk=1889483541&adf=1801062927&pi=t.ma~as.7996051076&w=920&lmt=1632053134&psa=0&format=920x90&url=https%3A%2F%2Fokefood.agughostkey.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134526&bpp=3&bdt=1238&idt=159&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=8073029716052&frm=20&pv=2&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=15&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CDmdbe16HD&p=https%3A//okefood.agughostkey.com&dtd=175
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmh3wHcS4R21F9N_BXCFnXmimzzsnS4eMOWNWRGpjUdY9AIV-cifvRwy8JvxOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9578074244178174&output=html&h=90&slotname=7996051076&adk=1889483541&adf=1801062927&pi=t.ma~as.7996051076&w=920&lmt=1632053134&psa=0&format=920x90&url=https%3A%2F%2Fokefood.agughostkey.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632053134526&bpp=3&bdt=1238&idt=159&shv=r20210915&mjsv=m202109170101&ptt=9&saldr=aa&abxe=1&correlator=8073029716052&frm=20&pv=2&ga_vid=1200069369.1632053135&ga_sid=1632053135&ga_hid=785543876&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=15&ady=1100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C44747621&oid=3&pvsid=273700788898843&pem=169&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=CDmdbe16HD&p=https%3A//okefood.agughostkey.com&dtd=175

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 19 Sep 2021 12:02:16 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A691 9 KB
3 KB 22ms
6ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 19 Sep 2021 13:46:43 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A691 26 KB
10 KB 22ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 19 Sep 2021 13:46:49 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A691 236 KB
63 KB 114ms
30ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H3 200 C3-All-In-One-728x90-v1.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/ Frame A691 106 KB
9 KB 24ms
9ms Script
application/x-javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/C3-All-In-One-728x90-v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

edf3d709af273c80a6b7ee4d1cadc8540c2797e398341d6d7ff94ef420821f3d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 299216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9107
x-xss-protection: 0
last-modified: Thu, 07 May 2020 14:26:55 GMT
server: sffe
date: Thu, 16 Sep 2021 00:58:39 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Sep 2022 00:58:39 GMT

GET
DATA 200
OK truncated
/ Frame 9B31 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1b2d09029f05d44fbe0ac0895d59b29ade5036b242f8c6619b3a5d26202ff1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
16ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=okefood.agughostkey.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/ Frame EE9D 10 KB
5 KB 14ms
14ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://okefood.agughostkey.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmh3wHcS4R21F9N_BXCFnXmimzzsnS4eMOWNWRGpjUdY9AIV-cifvRwy8JvxOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 18 Sep 2021 12:54:32 GMT
expires: Sat, 02 Oct 2021 12:54:32 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 83463
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/ Frame CF50 10 KB
5 KB 17ms
16ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://okefood.agughostkey.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmh3wHcS4R21F9N_BXCFnXmimzzsnS4eMOWNWRGpjUdY9AIV-cifvRwy8JvxOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 18 Sep 2021 12:54:32 GMT
expires: Sat, 02 Oct 2021 12:54:32 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 83463
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4363
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

25ms
25ms

Document
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmh3wHcS4R21F9N_BXCFnXmimzzsnS4eMOWNWRGpjUdY9AIV-cifvRwy8JvxOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 19 Sep 2021 12:05:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 19-Sep-2021 13:05:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 12:05:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 19 Sep 2021 12:05:35 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame EE9D 4 KB
633 B 30ms
16ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 19 Sep 2021 10:50:57 GMT
server: ESF
date: Sun, 19 Sep 2021 12:05:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EE9D 205 B
764 B 33ms
7ms Image
image/png 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:49:54 GMT
x-content-type-options: nosniff
age: 72941
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 18 Sep 2022 15:49:54 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EE9D 604 B
694 B 33ms
7ms Image
image/png 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 10:46:30 GMT
x-content-type-options: nosniff
age: 4745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 19 Sep 2022 10:46:30 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/ Frame EE9D 17 KB
8 KB 7ms
6ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7656
x-xss-protection: 0
server: cafe
etag: 8352096984186353373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 12:02:28 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame CF50 18 KB
7 KB 6ms
6ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 11:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 11:55:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame CF50 2 KB
1 KB 7ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 12:00:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF50 128 KB
39 KB 27ms
27ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame CF50 14 KB
6 KB 7ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 12:03:27 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame CF50 26 KB
11 KB 7ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 06:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
server: cafe
etag: 553973696465445763
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 06:23:57 GMT

GET
H3 200 7661786579884014835
tpc.googlesyndication.com/simgad/ Frame CF50 34 KB
34 KB 8ms
8ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7661786579884014835?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qki5hsZ2CPzP2OVqks2cSg1HZ6i7w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

b651aec5516c248bd73783ed19a8234fdfcbd04aaa6bf373f38c3b464acbbd5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:06:44 GMT
x-content-type-options: nosniff
age: 334731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34743
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 22:44:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Sep 2022 15:06:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BEF5 143 B
163 B 13ms
13ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmh3wHcS4R21F9N_BXCFnXmimzzsnS4eMOWNWRGpjUdY9AIV-cifvRwy8JvxOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 19 Sep 2021 12:02:16 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 37E1 3 KB
578 B 16ms
16ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 19 Sep 2021 10:53:49 GMT
server: ESF
date: Sun, 19 Sep 2021 12:05:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 37E1 1 KB
860 B 6ms
6ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 11:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 11:58:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame 37E1 18 KB
7 KB 6ms
6ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 11:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 11:55:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 37E1 2 KB
1 KB 7ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 12:00:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 37E1 128 KB
39 KB 31ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1631879102694099"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame 37E1 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Oct 2021 12:03:27 GMT

GET
H3 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 37E1 26 KB
11 KB 21ms
7ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 10:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 04:03:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Thu, 16 Dec 2021 10:53:54 GMT

GET
H3 200 C3_All_In_One_728x90_v1_atlas_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/images/ Frame A691 39 KB
39 KB 7ms
7ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5373314148610209230/728x90/images/C3_All_In_One_728x90_v1_atlas_1.png?1588250031909

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

ebd002f5f12ff0e75be61a1c0b8cd55c556e9f4071cea5a3c26af22bf38792f9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 441151
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40264
x-xss-protection: 0
last-modified: Thu, 07 May 2020 14:26:55 GMT
server: sffe
date: Tue, 14 Sep 2021 09:33:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 09:33:04 GMT

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame A691 35 KB
13 KB 14ms
13ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 18 Sep 2022 15:42:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BEF5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

22ms
21ms

Document
text/html

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmh3wHcS4R21F9N_BXCFnXmimzzsnS4eMOWNWRGpjUdY9AIV-cifvRwy8JvxOY; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 19 Sep 2021 12:05:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 19-Sep-2021 13:05:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 19 Sep 2021 12:05:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 19 Sep 2021 12:05:35 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6199 35 KB
13 KB 15ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 18 Sep 2022 15:42:29 GMT

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame BE4F 35 KB
13 KB 13ms
13ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Host: okefood.agughostkey.com
URL: https://okefood.agughostkey.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 18 Sep 2022 15:42:29 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
22ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3f922ee7cca17c4f2042821a4b9acf0030ed8bafdc0de0aeaa44a5a5be26ee46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Sep 2021 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8544
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
23ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109170101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 19 Sep 2021 12:05:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7749 12 KB
5 KB 7ms
6ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://okefood.agughostkey.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 19 Sep 2021 11:51:35 GMT
expires: Mon, 19 Sep 2022 11:51:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2F1C 783 B
534 B 17ms
16ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

GSE /

Resource Hash

31f1a114d25227228c03101ad6872d6bf9bcc6f49b79bb4b5f0cf01874dc3901

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vqvLm/ysgX7Vn4R6dGcUnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://okefood.agughostkey.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 19 Sep 2021 12:05:35 GMT
date: Sun, 19 Sep 2021 12:05:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-vqvLm/ysgX7Vn4R6dGcUnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7749 35 KB
13 KB 13ms
13ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 15:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 18 Sep 2022 15:42:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F1C 0
0 68ms
67ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=273700788898843&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
71ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210915&jk=273700788898843&bg=!KSqlKm7NAAaUnz4elJ87ACkAdvg8Wu53koUmW7Kxtb2EvlXvDYay99iRBcwLfwQLV0y4s-O3vqCJ6AIAAABkUgAAAAZoAQcKAPRz5O-g7L9W81IlnaxYnca_bsltzIFFChaua0umsSjwcAkUtUpsGSO_m8Oi14KeWGGQeXkbLz6z09DgSgqSsnReqlxq2XQOx4qyO6Zls1cWxqiZzZ33mi0ttZUcibSEJeGWBNHwDRnaICzETcvCjAA0waEZKD0MFRIUH-WnxrovKtEkoJJzG9VuG9aJJ-ds2fekK2DjRJ9IZGvgZYp8lqU-0HzRDlCY-ehoGfnLlr4m2H2anCkMk2j2NiMfAnf7dSedq8nWBmpTnW006YapgFzczB2QA2ITBRiL-91GJJbVPkeNcAGFSaWWp4mgEN4I7gpGfotFmQJ_4z3uPlfRBLwYgrZoCEtBh_pqk8zlo1iDXIGJaXvu6pyr3viJFsRCf9O8Rl2r7ogBk2YBZsacjs7TkjQ99Pq-hgFJsN7Y-Z8pVDak0l-INA748eGIuzLJ0mc1JIketr4I73xfyg31H4xCnqM-z6FJxn1Qgrf5iqRj_EVHd2ysycTn-iXQqUFO0pcH3SKaLlKJ6kIfAJfcExcJGGHLDPWEhQ5tYRv-vrg5DYkIKoxW5HWLHu7zDEv2W1Sq5Aa2S-U3zFPri8gu1vegSky40EA0LReyxVBjjcHZH8dMlx-BaFgNQly10kjkMwURzN2CJ62JeuJvCxMQIoqG5HqZoYz6RIu5wkGZQS3ndCpCdQO3oPj6Fq20HLKAaA6EnyBbo1RNskRBszz_L5w_kYTyIR87mdA1LKUfWMdtTYJsHfk9Uojrrm-garg_TjtXj0K_iapJX_lLp9F4YHzW27FxDB3vzHvZloo1iw11Oip84cXZ1Pd2ekkicEcYwRkh_TcHMNlJwWwbeZppoYveSHFkl6Er8WuP5w-EX-pb-X3DrRn-7nPoVjfSESVTkVOy0NLR3yZWfTPcqN2v-JLt6_2t6c5OYUwLqJKOBtHMdajiWMyf9q_R5K_1iGQCKqm0XDkz6FvkvYWfQ2YeW1S1OXjjctfVCm5W4AtAxLaNdljgL04e0wUDM0cmf1jLq0gi58jEwNqodtqVDasZF7ttNLkuvxK_LaCaKBBEAbVnVHjEu5nKrEpG-GaqVRTvTzpzOK1TDYrv4zkabnqExaxfhjMpoAapxWbzDOOZm-VenBxMrQwcq_2rAREX7T06xaViweNgcqHJ08fe4S13eC6PXWElz_D1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B31 42 B
64 B 32ms
32ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjTGsbZxLGbv77trVEZKvhw6kxGeu_by7Nxd8NTGQKC4R7t1vS9nRLHnAuWPAYvDubaatA51BSsxvkB5LD56_5CB5T_KfqpiDU_7bEjRoxxMwVIk0&sai=AMfl-YQPfgCQ30UmvwTkNYF1AhqI_XL0xgSKMBNWhDn6akKHHtJPXjKdPc9bDrvzG8M2-bwnXnE8SPhDgcWV&sig=Cg0ArKJSzGrpOtuin0aaEAE&id=lidar2&mcvt=1000&p=1100,15,1190,743&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210917&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1889483541&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632053135328&rpt=127&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Sep 2021 12:05:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 close-button.png
okefood.agughostkey.com/wp-content/plugins/ad-inserter-pro/css/images/ 1 KB
2 KB 252ms
251ms Image
image/png 172.67.163.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okefood.agughostkey.com/wp-content/plugins/ad-inserter-pro/css/images/close-button.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.163.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0

Request headers

:path: /wp-content/plugins/ad-inserter-pro/css/images/close-button.png
pragma: no-cache
cookie: _ga_47XFFFKRXJ=GS1.1.1632053134.1.0.1632053134.0; _ga=GA1.2.1200069369.1632053135; _gid=GA1.2.1815828629.1632053135; _gat_gtag_UA_136862565_6=1; __gads=ID=d9d8b23cd918bcf5-224e60a136c90017:T=1632053134:RT=1632053134:S=ALNI_MZqlZo4BgPg0cyh6BpZ1Q0_IAuizw
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: okefood.agughostkey.com
referer: https://okefood.agughostkey.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://okefood.agughostkey.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 12:05:37 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Aug 2021 02:05:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ao3LvxKVD6rmd7XIRS7368uLay1zJ9XmR0MLUpKJKrWXQ5BrFKNwDSNPy7Bx%2FzMBlyjH%2FNaStQRYJMUPd%2BGTOCoqEOVerzwgs4m7Rl3scxU6s%2FOQLfZx8QeiemohaKHNXMNwM8n7%2FZDVtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6912aeeabebdf9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1434
expires: max-age=A10368000, public

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.agughostkey.com/	1970-01-20 14:52:05	Name: _ga_47XFFFKRXJ Value: GS1.1.1632053134.1.0.1632053134.0
.agughostkey.com/	1970-01-20 14:52:05	Name: _ga Value: GA1.2.1200069369.1632053135
.agughostkey.com/	1970-01-19 21:22:19	Name: _gid Value: GA1.2.1815828629.1632053135
.agughostkey.com/	1970-01-19 21:20:53	Name: _gat_gtag_UA_136862565_6 Value: 1
.agughostkey.com/	1970-01-20 06:42:29	Name: __gads Value: ID=d9d8b23cd918bcf5-224e60a136c90017:T=1632053134:RT=1632053134:S=ALNI_MZqlZo4BgPg0cyh6BpZ1Q0_IAuizw
.doubleclick.net/	1970-01-20 14:52:05	Name: IDE Value: AHWqTUmh3wHcS4R21F9N_BXCFnXmimzzsnS4eMOWNWRGpjUdY9AIV-cifvRwy8JvxOY
.doubleclick.net/	1970-01-19 21:20:56	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
okefood.agughostkey.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.181.225
142.250.181.226
142.250.184.226
142.250.185.100
142.250.185.106
142.250.185.131
142.250.185.66
142.250.186.166
142.250.186.34
142.250.186.78
142.250.74.195
157.240.236.1
157.240.236.35
172.217.16.136
172.67.163.232
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199898d01ee6a242c64dc62559177261862ebfd52ee6903eddb87017cfa6d295
1fe1cc56632f566338a35f7fc04a31751a810e3d8c7fdcded365cbcea065ac44
230b53ffa362e48f3bcba8c6b504c367d8166db6cc1cff97e860197893507669
24d026371427b41d6d168c5d4c18de465b026afc3907c86c8f3b3bc31bd87467
26a0e64202de33da20d689b1b45e0ca4deb330f434713d15631c292b42654109
31f1a114d25227228c03101ad6872d6bf9bcc6f49b79bb4b5f0cf01874dc3901
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3827f61fb79cfe72886e152f47e32cc6b9e112c40fffbfd254a9828f94ebf65e
3f922ee7cca17c4f2042821a4b9acf0030ed8bafdc0de0aeaa44a5a5be26ee46
401d3c2d7e2a591aaedfb6edc3269152427d01b1967ccc93694e2a612ec13839
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
46f3ae13d30c47932e1f9444214e615e5873d410f9f5902622df80367149abdb
48cc70f94edb2c24b991d294eee512130a13bba90dcfd054eaffaebf50818e83
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51e90fcae805aef6e8dc3072a548ac23ea2eed5aaabf8c3c37ffb847c89b1011
53fc45656f8cf0429178472e62060272f7ad353f840947eb0df71ecb82356ba3
5421fd6a30c3e9fcb2ba784ca67fd9807aa0a5787bd546b043881dfff8f584ac
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
66515691694390db25716bbdd8713a63b0cd1f8e0e115fe733d00edd7d90c002
669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
72c01cea00eb9d9b9006f96d30ee4b6e480773ec81d89d6d6980d09ad03147c5
77c8bb1e05706281670ac30c10a9b255ddad882c134627a1373a330090f928bb
7ec3fa364b495495ca2a9750ddcf4ef9acd1cd1d441f9530e3f3afb54155a891
7fea6ebedd553109acb7de5a4639b7c1cf8abc66377abe252aae9605c10295d2
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93
94dcbfd217ebcabb12fcd3012f9e2f098bd9f2a2bbd89fb6a1c3596258372f26
956614e0221d0cdcf2d85ee22078e29dcf6292d284b9a5b62a87ac5238ef82d4
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
b25614c40e6e12abe0241fca4940e55dda36cfdefaf3542be9aee0bc1ba59795
b651aec5516c248bd73783ed19a8234fdfcbd04aaa6bf373f38c3b464acbbd5a
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b770c54aab3f8ea232874da40b3762b334ba0b0152f4f4d44cd4e8c1c697dea4
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c52225d927e2bde53a4ba909539dd75fef211dece0b46aa9a04ebb2998342612
c71bb0927c95d7af3e56d0554d0449e2d208b4c610e30cb801f862ef68be1d82
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cbc9e6af93772355e53cc85b3671f6a38ecfd82b4c674d2a14739f1960564c61
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d946b30c11217382f52a78c86ab082e08f30118d7f4dc325f2d264ec70d32ae4
daaaa4101e8414d3c9c0baab3c015599b7e1fa70035268b8ba23ea6790f00bf3
dcfc405caef9678e3c71117288378ac4cccb70568908e3dddccaaa99e7402950
dd2f5d213f26bf951d75c5270c053dd19c21bf53f03b5e561b7634078b45b99d
de2b41745e24cf790790bd19159deb96dc2aee32469b471ea262ff2f117450ef
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0768fcb6c119d43d877209aa38d0927f9d1424d818d5782aec811b585e62a3b
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba136c8c0f2a4a5f09aa3c08f55bca2a3a1129185b413506a6f5feef29b0f76
ebd002f5f12ff0e75be61a1c0b8cd55c556e9f4071cea5a3c26af22bf38792f9
edf3d709af273c80a6b7ee4d1cadc8540c2797e398341d6d7ff94ef420821f3d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b2d09029f05d44fbe0ac0895d59b29ade5036b242f8c6619b3a5d26202ff1b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fece609132179152484c9592c0cad0b32ea746fd41546306a38b8556b82d2fb5

okefood.agughostkey.com Open in urlscan Pro 172.67.163.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

100 %HTTPS

0 %IPv6

13 Domains

16 Subdomains

16 IPs

2 Countries

4781 kBTransfer

6885 kBSize

7 Cookies

15 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

okefood.agughostkey.com Open in urlscan Pro
172.67.163.232 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

4781 kB
Transfer

6885 kB
Size

7
Cookies

92 HTTP transactions
1 data transactions