ovra.me Open in urlscan Pro
50.116.92.180 Public Scan

URL:
http://ovra.me/wendys-chili/
Submission: On April 19 via manual (April 19th 2021, 7:57:48 pm UTC) from US

Summary HTTP 80 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 80 HTTP transactions. The main IP is 50.116.92.180, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is ovra.me.

This is the only time ovra.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	50.116.92.180 50.116.92.180	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
80	17

22 50.116.92.180 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-116-92-180.unifiedlayer.com

ovra.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ovra.me ovra.me	453 KB
21	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	266 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com	254 KB
6	doubleclick.net googleads.g.doubleclick.net	44 KB
3	googletagservices.com www.googletagservices.com	99 KB
3	taboola.com cdn.taboola.com trc-events.taboola.com	138 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	google.com adservice.google.com	287 B
2	google.de adservice.google.de	287 B
2	google-analytics.com www.google-analytics.com	19 KB
1	googleadservices.com partner.googleadservices.com	638 B
1	googletagmanager.com www.googletagmanager.com	37 KB
80	12

	Domain	Requested by
22	ovra.me	ovra.me
14	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	fonts.gstatic.com	fonts.googleapis.com
7	pagead2.googlesyndication.com	ovra.me pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	ovra.me googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.taboola.com	ovra.me cdn.taboola.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	trc-events.taboola.com	cdn.taboola.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	ovra.me
80	16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://ovra.me/wendys-chili/
Frame ID: BEF6B4DCC40A7A3B8891B863AF786DBE
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html
Frame ID: 915BCBE78559244D9A6413677D1EAFAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=8135959052&adk=2337267858&adf=3908920309&pi=t.ma~as.8135959052&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251785&bpp=9&bdt=1498&idt=59&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5861464855714&frm=20&pv=2&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AV0eJNvmHo&p=http%3A//ovra.me&dtd=74
Frame ID: B953BFF8B9BE1D067DDF48C1799BA766
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=7990575704&adk=925267205&adf=2621670156&pi=t.ma~as.7990575704&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251795&bpp=1&bdt=1508&idt=72&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=5861464855714&frm=20&pv=1&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fd23d5RwsO&p=http%3A//ovra.me&dtd=76
Frame ID: B5BEAC4B82E2A35BD195346686776C94
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&adk=1812271804&adf=3025194257&lmt=1618858610&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618862252291&bpp=1&bdt=2004&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4027246598bbd5c3-2280cd8e98a70098%3AT%3D1618862251%3ART%3D1618862251%3AS%3DALNI_MYncrUaNnYjSkQXHovHYYUBr5fKHQ&prev_fmts=696x280%2C696x280&nras=1&correlator=5861464855714&frm=20&pv=1&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&dtd=4
Frame ID: EDF3E3683E7424AF5EE9A6CCE1A048A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: 495673CE3BBEAD7CE79BBDA27B7BB0F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 95B9DE3075CE3B23095196577807C8CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

80
Requests

60 %
HTTPS

75 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

1314 kB
Transfer

3848 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/share.php?u=http%3A%2F%2Fovra.me%2Fwendys-chili%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F
Title: +1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnhsLkxAEQsAkYrAIyCKF3SmfSy4xQ HTTP 301
https://tpc.googlesyndication.com/simgad/8924621892918236065

80 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ovra.me/wendys-chili/ 42 KB
14 KB 424ms
275ms Document
text/html 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 944994c734b97fc04bf2c0ec8be0a05d5783ed3cb32ffcca07fccfacde6cd2db

Request headers

Host: ovra.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 19 Apr 2021 18:56:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=300
Expires: Mon, 19 Apr 2021 20:02:30 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
Content-Length: 13526
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129085242-2

Requested by

Host: ovra.me
URL: http://ovra.me/wendys-chili/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa2fe1d1ffa3a908baba4a554b04b3d605dd7a6e2630bfa3265929ba26c5f0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:57:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37432
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 18:56:40 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Apr 2021 19:57:30 GMT

GET
H/1.1 200
OK blocks.style.build.css
ovra.me/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 3 KB
2 KB 174ms
159ms Stylesheet
text/css 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.0.12
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: d83ba3b24dcc06fba7631c202dfe34b4b9c8961623fde2fedef636a9b7f8a0f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 1151
Expires: Wed, 19 May 2021 19:57:30 GMT

GET
H/1.1 200
OK style.min.css
ovra.me/wp-includes/css/dist/block-library/ 25 KB
6 KB 296ms
275ms Stylesheet
text/css 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-includes/css/dist/block-library/style.min.css?ver=5.0.12
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 5674
Expires: Wed, 19 May 2021 19:57:30 GMT

GET
H/1.1 200
OK wpautoterms.css
ovra.me/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 547 B
619 B 294ms
273ms Stylesheet
text/css 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.0.12
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 195
Expires: Wed, 19 May 2021 19:57:30 GMT

GET
H/1.1 200
OK styles.css
ovra.me/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 1318ms
1297ms Stylesheet
text/css 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 662
Expires: Wed, 19 May 2021 19:57:30 GMT

GET
H/1.1 200
OK style.min.css
ovra.me/wp-content/plugins/social-warfare/assets/css/ 46 KB
8 KB 292ms
269ms Stylesheet
text/css 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=3.4.2
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: bc090202590f4cd2534a38809e3271cec2c8abaf32e344f868fa8d6c36e6da5f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 8256
Expires: Wed, 19 May 2021 19:57:30 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 26 KB
2 KB 23ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.0.1

Requested by

Host: ovra.me
URL: http://ovra.me/wendys-chili/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

604718118dc76f38c68b059cb71ebe329137cac995b7281e6b93006fde948f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 19 Apr 2021 19:57:30 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 19 Apr 2021 19:57:30 GMT

GET
H/1.1 200
OK style.css
ovra.me/wp-content/themes/Newspaper/ 1 MB
221 KB 302ms
280ms Stylesheet
text/css 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/themes/Newspaper/style.css?ver=9.0.1
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: b48ceb74cebd53c0c3ce95fca3724b562b98750e2f6b1742ddaf999e62074fd3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Upgrade: h2,h2c
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Expires: Wed, 19 May 2021 19:57:30 GMT

GET
H/1.1 200
OK jquery.js Show response
ovra.me/wp-includes/js/jquery/ 95 KB
42 KB 330ms
156ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:10:50 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Expires: Tue, 20 Apr 2021 01:57:30 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
ovra.me/wp-includes/js/jquery/ 10 KB
5 KB 446ms
154ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 4444
Expires: Tue, 20 Apr 2021 01:57:30 GMT

GET
H/1.1 200
OK p-plate-drivers-300x300.png
ovra.me/wp-content/uploads/2019/06/ 15 KB
15 KB 206ms
145ms Image
image/png 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ovra.me/wp-content/uploads/2019/06/p-plate-drivers-300x300.png
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: d3aa21dae35e21d73018facb95845356ea6f8876531d7a9c60091ba7e4a0dfe2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
X-Endurance-Cache-Level: 2
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 14988
Expires: Tue, 19 Apr 2022 19:57:31 GMT

GET
H/1.1 200
OK 165769212_1741352196069149_2206969927918697276_n.jpg
ovra.me/wp-content/uploads/2021/04/ 26 KB
26 KB 211ms
151ms Image
image/jpeg 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ovra.me/wp-content/uploads/2021/04/165769212_1741352196069149_2206969927918697276_n.jpg
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 23b7cd31d8400a111b1c8024ab019f897caed3ff53a8f01d5f1737fcc8ad5aee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Last-Modified: Sat, 17 Apr 2021 17:48:08 GMT
Server: Apache
X-Endurance-Cache-Level: 2
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 26121
Expires: Tue, 19 Apr 2022 19:57:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ovra.me
URL: http://ovra.me/wendys-chili/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98686dc2034f008687be3cae14c7561ec818c0a48c21cd9500e76a2f21275039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48178
x-xss-protection: 0
server: cafe
etag: 15975590666456113810
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Apr 2021 19:57:31 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
ovra.me/wp-includes/js/ 12 KB
5 KB 149ms
148ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-includes/js/wp-emoji-release.min.js?ver=5.0.12
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Cookie: _ga=GA1.2.1648276849.1618862252; _gid=GA1.2.1557712722.1618862252; _gat_gtag_UA_129085242_2=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 09:41:19 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 4628
Expires: Tue, 20 Apr 2021 01:57:31 GMT

GET
H/1.1 200
OK 130414606_3912616682083691_4801862453972984293_n-100x70.jpg
ovra.me/wp-content/uploads/2021/04/ 4 KB
4 KB 150ms
150ms Image
image/jpeg 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ovra.me/wp-content/uploads/2021/04/130414606_3912616682083691_4801862453972984293_n-100x70.jpg
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 1d249b0f8d99561a3ed523d663355cbc1a720979b521c86969a92e594bf418e5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ovra.me/wendys-chili/
Cookie: _ga=GA1.2.1648276849.1618862252; _gid=GA1.2.1557712722.1618862252; _gat_gtag_UA_129085242_2=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:32 GMT
Last-Modified: Fri, 16 Apr 2021 00:25:43 GMT
Server: Apache
X-Endurance-Cache-Level: 2
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 3608
Expires: Tue, 19 Apr 2022 19:57:32 GMT

GET
H/1.1 200
OK orig_keto_snickers_brownies_201902192050090695311lnnt-100x70.jpg
ovra.me/wp-content/uploads/2019/03/ 4 KB
4 KB 145ms
145ms Image
image/jpeg 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ovra.me/wp-content/uploads/2019/03/orig_keto_snickers_brownies_201902192050090695311lnnt-100x70.jpg
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: e7d9a74698a6bba93f3df9924e1640dfbc67d6967cc53c93f193f02bb8ef56c6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://ovra.me/wendys-chili/
Cookie: _ga=GA1.2.1648276849.1618862252; _gid=GA1.2.1557712722.1618862252; _gat_gtag_UA_129085242_2=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:32 GMT
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
X-Endurance-Cache-Level: 2
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 4096
Expires: Tue, 19 Apr 2022 19:57:32 GMT

GET
H/1.1 200
OK scripts.js Show response
ovra.me/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 1178ms
1178ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 4882
Expires: Tue, 20 Apr 2021 01:57:31 GMT

GET
H/1.1 200
OK script.min.js Show response
ovra.me/wp-content/plugins/social-warfare/assets/js/ 11 KB
4 KB 159ms
159ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=3.4.2
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: c8a4f275e0f7890dfe8cd1352f61c9b671a5604e0b24ec7d6c2075154e60c696

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 4112
Expires: Tue, 20 Apr 2021 01:57:31 GMT

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
ovra.me/wp-content/themes/Newspaper/js/ 204 KB
68 KB 156ms
154ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.0.1
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: de86a261595e6aa15abedbea378a89a6d78ebff1062323c1cb89cf031aa33f14

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Expires: Tue, 20 Apr 2021 01:57:31 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
ovra.me/wp-includes/js/ 1 KB
991 B 162ms
161ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-includes/js/comment-reply.min.js?ver=5.0.12
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 09:41:18 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 581
Expires: Tue, 20 Apr 2021 01:57:31 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
ovra.me/wp-includes/js/ 1 KB
1 KB 162ms
160ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-includes/js/wp-embed.min.js?ver=5.0.12
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 09:41:18 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 750
Expires: Tue, 20 Apr 2021 01:57:31 GMT

GET
H/1.1 200
OK add-button.js Show response
ovra.me/wp-content/plugins/awsome_pagination/js/ 240 B
557 B 161ms
159ms Script
application/javascript 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/plugins/awsome_pagination/js/add-button.js?ver=1.1
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 382e3ef21c09b77726f0aa910296de598fc4bf3d31aa35a85bece472b48d2f2d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 147
Expires: Tue, 20 Apr 2021 01:57:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129085242-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 69
date: Mon, 19 Apr 2021 19:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Mon, 19 Apr 2021 21:56:22 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/fb-ketolowcarber/ 222 KB
27 KB 83ms
61ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/fb-ketolowcarber/loader.js
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.43.3 /
Resource Hash: d8fe383b48c03149cc7026f71aa81c962ae33d71d319b1e07fca1e25e7e0fe18

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Amz-Version-Id: rtbUbFVUx42rQgHrOxZNyFm3yezpboPB
Content-Encoding: gzip
Etag: "be9cd4bdcbe93bec95626dcbbb2f3882ac24dc8a"
Age: 0
Via: 1.1 varnish
X-Cache: MISS
X-From-Cache: 1
Connection: keep-alive
Content-Length: 26669
X-Amz-Id-2: ZLZLGa9iJmxXla7qzSaTultQW6SgfQXFmKAKC793a8/jpEDM9AfR3lQS42vDx4dY64Txlfrkcyw=
X-Served-By: cache-fra19148-FRA
Last-Modified: Mon, 19 Apr 2021 19:57:31 UTC
Server: obaker.93.1.2-11.43.3
X-Timer: S1618862252.666668,VS0,VE24
Date: Mon, 19 Apr 2021 19:57:31 GMT
Vary: Accept-Encoding, Accept-Encoding
X-Amz-Request-Id: VA5Z29JQ07P13QBV
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 18
X-Cache-Hits: 0

GET
H/1.1 200
OK newspaper.woff
ovra.me/wp-content/themes/Newspaper/images/icons/ 22 KB
15 KB 364ms
223ms Font
font/woff 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/themes/Newspaper/images/icons/newspaper.woff?15
Requested by: Host: ovra.me
URL: http://ovra.me/wp-content/themes/Newspaper/style.css?ver=9.0.1
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: 5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Request headers

Pragma: no-cache
Origin: http://ovra.me
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wp-content/themes/Newspaper/style.css?ver=9.0.1
Connection: keep-alive
Cache-Control: no-cache
Origin: http://ovra.me
Referer: http://ovra.me/wp-content/themes/Newspaper/style.css?ver=9.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: font/woff
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 14551
Expires: Tue, 20 Apr 2021 01:57:31 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.0.1

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ovra.me
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 02:03:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:22 GMT
Server: sffe
Age: 410068
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14380
X-XSS-Protection: 0
Expires: Fri, 15 Apr 2022 02:03:03 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 13ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ovra.me
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 10:03:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:11:00 GMT
Server: sffe
Age: 122032
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15056
X-XSS-Protection: 0
Expires: Mon, 18 Apr 2022 10:03:39 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ovra.me
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 21:48:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:39 GMT
Server: sffe
Age: 598140
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15920
X-XSS-Protection: 0
Expires: Tue, 12 Apr 2022 21:48:31 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ovra.me
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 21:22:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:35 GMT
Server: sffe
Age: 599697
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15688
X-XSS-Protection: 0
Expires: Tue, 12 Apr 2022 21:22:34 GMT

GET
H/1.1 200
OK mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 13 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ovra.me
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 10:03:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:37 GMT
Server: sffe
Age: 122030
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13780
X-XSS-Protection: 0
Expires: Mon, 18 Apr 2022 10:03:41 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ovra.me
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 21:22:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:46 GMT
Server: sffe
Age: 599697
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15828
X-XSS-Protection: 0
Expires: Tue, 12 Apr 2022 21:22:34 GMT

GET
H/1.1 200
OK KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ovra.me
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Apr 2021 23:31:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Apr 2021 21:10:35 GMT
Server: sffe
Age: 591949
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 17304
X-XSS-Protection: 0
Expires: Tue, 12 Apr 2022 23:31:42 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://ovra.me
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 10:03:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:47 GMT
Server: sffe
Age: 122032
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14880
X-XSS-Protection: 0
Expires: Mon, 18 Apr 2022 10:03:39 GMT

GET
H/1.1 200
OK sw-icon-font.woff
ovra.me/wp-content/plugins/social-warfare/assets/fonts/ 5 KB
5 KB 197ms
153ms Font
font/woff 50.116.92.180
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ovra.me/wp-content/plugins/social-warfare/assets/fonts/sw-icon-font.woff?ver=3.4.2
Requested by: Host: ovra.me
URL: http://ovra.me/wendys-chili/
Protocol: HTTP/1.1
Server: 50.116.92.180 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 50-116-92-180.unifiedlayer.com
Software: Apache /
Resource Hash: d1168a9f337bb18e15b5a91a1452651c8e01cf4649179527e648f235fc409c13

Request headers

Pragma: no-cache
Origin: http://ovra.me
Accept-Encoding: gzip, deflate
Host: ovra.me
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://ovra.me/wendys-chili/
Connection: keep-alive
Cache-Control: no-cache
Origin: http://ovra.me
Referer: http://ovra.me/wendys-chili/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 19:57:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Mar 2020 10:09:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
X-Endurance-Cache-Level: 2
Content-Type: font/woff
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 4661
Expires: Tue, 20 Apr 2021 01:57:31 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=747221541&t=pageview&_s=1&dl=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&ul=en-us&de=UTF-8&dt=Wendy%E2%80%99s%20Chili%20%7C%20Keto%20low%20carbe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=859783582&gjid=85304885&cid=1648276849.1618862252&tid=UA-129085242-2&_gid=1557712722.1618862252&_r=1&gtm=2ou472&z=2144368452

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 19:57:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ovra.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/ 222 KB
83 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7711860348095410&plah=ovra.me&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84655
x-xss-protection: 0
server: cafe
etag: 16615013293570182620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Apr 2021 19:57:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/ Frame 915B 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210415/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210415/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ovra.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ovra.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Apr 2021 14:54:34 GMT
expires: Mon, 03 May 2021 14:54:34 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 18177
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 impl.20210419-1-RELEASE.js Show response
cdn.taboola.com/libtrc/ 480 KB
111 KB 107ms
46ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210419-1-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/fb-ketolowcarber/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9a93ff072096a2d6326c52f63818c17f11b1088a80cb2bdbde106f56422a09fe

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9a40yxZJI5ez98wF0jNO6hG3UhGHDK0S
content-encoding: br
etag: "4f79fbd7ccdcb9b90dc349ee7493e521"
age: 14401
x-cache: HIT
content-length: 112691
x-amz-id-2: u7RQbXTvCF1WAi0y4l7uYGy7o0yvMU13mbV6ELUuR546LSd3kEnIqf6mMIaUobDa/686WeIY6xU=
x-served-by: cache-fra19121-FRA
last-modified: Mon, 19 Apr 2021 07:54:29 GMT
server: AmazonS3-br
x-timer: S1618862252.896222,VS0,VE0
date: Mon, 19 Apr 2021 19:57:31 GMT
vary: Accept-Encoding
x-amz-request-id: JCBD31VA2NSEE3TS
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 36
x-cache-hits: 100675

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 197 B
638 B 104ms
38ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ovra.me&callback=_gfp_s_&client=ca-pub-7711860348095410

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210415/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7711860348095410&plah=ovra.me&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f7a72555e7c96311ed79b3614a357ec8250e9e1317d7dd197ffc84d20a6b4783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ovra.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 19:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ovra.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 19:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B953 59 KB
15 KB 417ms
416ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=8135959052&adk=2337267858&adf=3908920309&pi=t.ma~as.8135959052&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251785&bpp=9&bdt=1498&idt=59&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5861464855714&frm=20&pv=2&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AV0eJNvmHo&p=http%3A//ovra.me&dtd=74

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d906446c4dee97ef1b17ee45dd8c9f1ba151b1886288b92352df8442262bfbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=8135959052&adk=2337267858&adf=3908920309&pi=t.ma~as.8135959052&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251785&bpp=9&bdt=1498&idt=59&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5861464855714&frm=20&pv=2&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AV0eJNvmHo&p=http%3A//ovra.me&dtd=74
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ovra.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ovra.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Apr 2021 19:57:32 GMT
server: cafe
content-length: 15778
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Apr-2021 20:12:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 19:57:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Mon, 19 Apr 2021 19:57:31 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B5BE 66 KB
23 KB 331ms
331ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=7990575704&adk=925267205&adf=2621670156&pi=t.ma~as.7990575704&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251795&bpp=1&bdt=1508&idt=72&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=5861464855714&frm=20&pv=1&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fd23d5RwsO&p=http%3A//ovra.me&dtd=76

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e431d2f9bc031f978b845c4135aeac5d5c3fbaa977b0f570d1c643ce5d332c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=7990575704&adk=925267205&adf=2621670156&pi=t.ma~as.7990575704&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251795&bpp=1&bdt=1508&idt=72&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=5861464855714&frm=20&pv=1&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fd23d5RwsO&p=http%3A//ovra.me&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ovra.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ovra.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Apr 2021 19:57:32 GMT
server: cafe
content-length: 23389
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Apr-2021 20:12:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Apr 2021 19:57:32 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame B5BE 6 KB
742 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=7990575704&adk=925267205&adf=2621670156&pi=t.ma~as.7990575704&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251795&bpp=1&bdt=1508&idt=72&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=5861464855714&frm=20&pv=1&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fd23d5RwsO&p=http%3A//ovra.me&dtd=76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 19:12:41 GMT
server: ESF
date: Mon, 19 Apr 2021 19:57:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Apr 2021 19:57:32 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B5BE 1 KB
989 B 30ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 19:56:05 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame B5BE 17 KB
7 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 19:56:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B5BE 2 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 19:56:57 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5BE 118 KB
36 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Mon, 19 Apr 2021 19:57:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B5BE 13 KB
6 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 19:56:12 GMT

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame B5BE 25 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 268546
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 15 Jul 2021 17:21:46 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3374155363650501292/ Frame B5BE 11 KB
11 KB 28ms
16ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3374155363650501292/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

102bdb538bbc14eca923d981fc196beed293733595b62585d62eb46bc3281de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 22:06:39 GMT
x-content-type-options: nosniff
age: 78653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11292
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 13:26:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 22:06:39 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13297915546587605907/ Frame B5BE 47 KB
47 KB 23ms
12ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13297915546587605907/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d25791bd938ed9f6ece6ee9060be2550aa4efec180e7d360c55f6d8b5370cadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 10:18:51 GMT
x-content-type-options: nosniff
age: 293921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48106
x-xss-protection: 0
last-modified: Mon, 14 Oct 2019 15:16:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Apr 2022 10:18:51 GMT

GET
DATA 200
OK truncated
/ Frame B5BE 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B5BE 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4tjeq-B9YOyaNpmAx_APj6-BSPeQpe1h3Y6l1ocN_-O1j7UBEAEghfbvNWCVAqABpvDo_gLIAQmpAhE59o0DLbQ-qAMByAPLBKoErQFP0L18MRj1xIlnrSU_7Hb5MzIAGuFcDADFCg26U3oBfTDuefPSrULgFe18ld4FE9TE7gxEhXuZ1_kBJ5irKz6-a2umKBYng0vahbJ-SVFgMEl5LxP2FBv0F_s40JK7DDDlnS2wUjqPnPXSIPCiqsUiPV8TSAJJzXkh33JrrLSSKIoYuQ2z7LqhoP60NlE67hxwexM6LO7uo_mAqscK2VUtheTqhwrRvAZR2K0zasAEltHLobEDkgUECAQYAZIFBAgFGASgBi6AB5Sa0nGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQvO8c0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTc3MTE4NjAzNDgwOTU0MTA&sigh=oSBd7nt1cB4&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=7990575704&adk=925267205&adf=2621670156&pi=t.ma~as.7990575704&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251795&bpp=1&bdt=1508&idt=72&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=696x280&correlator=5861464855714&frm=20&pv=1&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=984&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=fd23d5RwsO&p=http%3A//ovra.me&dtd=76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Apr 2021 19:57:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Apr 2021 19:57:32 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ovra.me

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 19:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ovra.me

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 19:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EDF3 7 KB
804 B 70ms
70ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&adk=1812271804&adf=3025194257&lmt=1618858610&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618862252291&bpp=1&bdt=2004&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4027246598bbd5c3-2280cd8e98a70098%3AT%3D1618862251%3ART%3D1618862251%3AS%3DALNI_MYncrUaNnYjSkQXHovHYYUBr5fKHQ&prev_fmts=696x280%2C696x280&nras=1&correlator=5861464855714&frm=20&pv=1&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&dtd=4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a617c4e180cfd3eeb9c3e2ce307821d8827cb8f8ac13a1cdee8c33961346e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7711860348095410&output=html&adk=1812271804&adf=3025194257&lmt=1618858610&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618862252291&bpp=1&bdt=2004&idt=0&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4027246598bbd5c3-2280cd8e98a70098%3AT%3D1618862251%3ART%3D1618862251%3AS%3DALNI_MYncrUaNnYjSkQXHovHYYUBr5fKHQ&prev_fmts=696x280%2C696x280&nras=1&correlator=5861464855714&frm=20&pv=1&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&dtd=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ovra.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkWKJ-985z3EA0HiJg1vB0N_wLfQtVI269oOArsU9o0DSDm5SyMg82V2MyHwsk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ovra.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Apr 2021 19:57:32 GMT
server: cafe
content-length: 784
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B5BE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0407e5bb534c4ce300a0b2fcc92a34811128b6115e5e4398bcb378d8aeb734f5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B5BE 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 600104
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B5BE 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 142449
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:23:23 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame B953 3 KB
598 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=8135959052&adk=2337267858&adf=3908920309&pi=t.ma~as.8135959052&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251785&bpp=9&bdt=1498&idt=59&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5861464855714&frm=20&pv=2&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AV0eJNvmHo&p=http%3A//ovra.me&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb2d02470931440fb03380d364a9888f98ad6f367586f59639cc722d175affc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 19:07:48 GMT
server: ESF
date: Mon, 19 Apr 2021 19:57:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Apr 2021 19:57:32 GMT

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4956 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 2247
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Tue, 19 Apr 2022 19:20:05 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B953 1 KB
909 B 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 19:56:05 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame B953 17 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 5240039360651012885
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 19:56:28 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B953 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 19:56:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B953 118 KB
36 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Mon, 19 Apr 2021 19:57:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame B953 13 KB
5 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 May 2021 19:56:12 GMT

GET
H3-29 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame B953 25 KB
10 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 11:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 10:27:13 GMT
server: sffe
age: 464055
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Tue, 13 Jul 2021 11:03:17 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B953 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnVvvq-B9YNzENcObgQfYuIeoDpDi3Ydi0vvA_64N2tkeEAEghfbvNWCVAqABy7qN3gPIAQapAhE59o0DLbQ-qAMByAMCqgStAU_Qzm1F6k4eKuif3gpn8Hz0OolA-eRp5Sp_h4bDGKD1cD9uk76c4b3FWX5fGUs_hVlinVEoSDopLUixwLCMFRmayh8QudY6fj8YZodQih6800aJQKQ_GScyxXzZui4H6HrX-iKzdxsvlhC5cvY-YJvpxfblcWG0vRqBkARcB7o-CuqVPfB5dUhneUhP76YgaEJ5RftUw7CUfnd5x1qlWvmx8vJSLrUg0e3teR2cwASDr9_HwwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHncXyIagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ7YcM0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTc3MTE4NjAzNDgwOTU0MTA&sigh=yha4UKfftlo&template_id=493

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7711860348095410&output=html&h=280&slotname=8135959052&adk=2337267858&adf=3908920309&pi=t.ma~as.8135959052&w=696&fwrn=4&fwrnh=100&lmt=1618858610&rafmt=1&psa=0&format=696x280&url=http%3A%2F%2Fovra.me%2Fwendys-chili%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618862251785&bpp=9&bdt=1498&idt=59&shv=r20210415&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5861464855714&frm=20&pv=2&ga_vid=1648276849.1618862252&ga_sid=1618862252&ga_hid=747221541&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736524%2C44740079%2C31060049&oid=3&pvsid=4183534452973888&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AV0eJNvmHo&p=http%3A//ovra.me&dtd=74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Apr 2021 19:57:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29

200

8924621892918236065
tpc.googlesyndication.com/simgad/ Frame B953
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnhsLkxAEQsAkYrAIyCKF3SmfSy4xQ
https://tpc.googlesyndication.com/simgad/8924621892918236065

19 KB
19 KB

7ms
6ms

Image
image/png

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8924621892918236065

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69be2669e7b94f33c8ded87c0fce2d4b4933ed7f53149a418c38f40ad862b17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:04:04 GMT
x-content-type-options: nosniff
age: 122008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19238
x-xss-protection: 0
last-modified: Wed, 20 Nov 2019 14:41:49 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 10:04:04 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 11:51:03 GMT
x-content-type-options: nosniff
server: cafe
age: 29189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8924621892918236065
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 19 May 2021 11:51:03 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B953 37 KB
38 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQIY-Gllv4ReBE5kJ3pJk4pidcQD9rpeiG7nNLi3m-DNqcvFvc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5133d3a0a37b771641aa97c5b200aa7da94558afe4ea1e688f6a88e53643efbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:04:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2019 03:10:17 GMT
server: sffe
age: 121989
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38340
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:04:23 GMT

GET
DATA 200
OK truncated
/ Frame B953 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c32d44fb92e5524641eedaf8b2d8e2fc59e4a59c9488f80107f1498ca8c2553b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame B953 20 KB
20 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 10:38:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 379150
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Fri, 15 Apr 2022 10:38:22 GMT

GET
H3-29 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame B953 21 KB
21 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 122034
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 28ms
26ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210415&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5d74b33ad245a070f5c3cf532203e1b89f8c5ab99859c6076e99fdc667620b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 19:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6987
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 19 Apr 2021 19:57:32 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 95B9 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ovra.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ovra.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 19 Apr 2021 19:53:51 GMT
expires: Tue, 19 Apr 2022 19:53:51 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 221
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 95B9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 19:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 2247
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5682
x-xss-protection: 0
expires: Tue, 19 Apr 2022 19:20:05 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210415&jk=4183534452973888&bg=!29il2JzNAAZUuIlwVLg7ACkAdvg8WsWAfHWzZZJcPzUIm4LdQaVpnceSeFviJg6aQxNuNBVgDyC8dAIAAABAUgAAAApoAQcKAOG85zUNPvMlwPmzNO6f9fZlK9m40DAuhKKHAyL0qeLiw_d7RmfmK9gLzs0atdiuA1CyEpTDuYpTfZ6D8p0BiKtuxiZsGpLhjRvcSgvKkY30trgSxWLErtBHx7K4mVM7J_BlzE_grinaNI6WI2O87q-0h-tsWeWYsLxm2oUqrllVLgVKqJxS78Mrwbej6qPBKjNtKYdMNhdsltVWJyUe6CSFiLgQ5DGtSsKNeuwOZk1pCorDBIGYK1XchjjRC-DAUXL52ozppATZOUbsuDsvv5H48i70-oY_UbUseER7xJBO84GZAhJ4Sbo3iyZ_lfHvD84GwR1quPSNFKtS2h7jmdvTIbeGTaU58jY9lk7CGDa2Sr9IxxKRbjLjoRiCqnAyG2GCqafutIQsZ_KzTJMfdpxfaBk4cUeI9HJLmFnC_1fih3VdfwPcKkb0wx9gy6hd1N5Apj9Jc76uhKVyUTX6ghsPxOBOGe-BT_ulyqOqfbjCOW4gRIZiJpCPcQbfF-Nzvy2Ekzw6fLtjEZlcc1pzBbPYZJwZSZX8ORqi3fwZfoP-O-OnpUA345U9cIFaSsG0nIdGzmL0qvk2jWXLDkTUFsRTqsEpv_Zb6q04Jp3tBnQF8XOemUTmKqt0_2oGx7vlKZ89Wi6SdElzpe1QzxGIq2Y3sh1iTJDg3LVEmNicndQvfIWrAfsvAVAauWNVaLELxUTS6bUsIf2XRDaSip1PZUyaBnbFTJNuPZwMAqIBqUgYh6XgTAeKrZfzPvtOASA46jD47HMLcEM0pCB880Xw-uUJEOQJXZLMKpTMiA1uJkrsC7_YK9lb_W9AeWpxh96vxc7OyQJLg_neTURP5vC50Baw6GJEkxfw__BAwiPi9IPhryGONdID4n_HbAO5WofPyj2CFJPnH7iHcs6zIlu3GtJLjuksSVRvM_FDUXVsFD1dGtpFAKV_i9Xn39IcmYT8yEgqVWsyvofjqEkt5phVerLwc1XubMu7FFmoIfnXNyy15yDCpTCpmQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 19:57:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B953 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWbpb6UGujm5pb2v98L7Z5QWfwkjHYLspL7lmcAtxkY_S-rAmt34OUh5WKJ8BSDQxvNZFZvQygOEkdxZQBJ5kAxmJRr2TXdHqcFqAwOHTyX7uMMU86MTGjRKGlyg&sai=AMfl-YQUvRNm9QPfMMANETmI9v4BzgWOh52WhZt8oHGvsqLMN7djG4s90_iT6zYAAWeFqH3e8U7ei_6tbamD&sig=Cg0ArKJSzJFLI9tK-kNlEAE&id=lidar2&mcvt=1000&p=232,266,512,962&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2337267858&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618862251862&dlt=467&rpt=41&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 19:57:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 perf Show response
trc-events.taboola.com/fb-ketolowcarber/log/3/ 0
286 B 75ms
25ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/fb-ketolowcarber/log/3/perf?lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210419-1-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ovra.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 19:57:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 1105
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ovra.me
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.22.84:10213

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:41:03	Name: test_cookie Value: CheckForPermission
.ovra.me/	1970-01-19 17:42:28	Name: _gid Value: GA1.2.1557712722.1618862252
.doubleclick.net/	1970-01-20 03:02:38	Name: IDE Value: AHWqTUkWKJ-985z3EA0HiJg1vB0N_wLfQtVI269oOArsU9o0DSDm5SyMg82V2MyHwsk
.ovra.me/	1970-01-20 03:02:38	Name: __gads Value: ID=4027246598bbd5c3-2280cd8e98a70098:T=1618862251:RT=1618862251:S=ALNI_MYncrUaNnYjSkQXHovHYYUBr5fKHQ
.ovra.me/	1970-01-19 17:41:02	Name: _gat_gtag_UA_129085242_2 Value: 1
.ovra.me/	1970-01-20 11:12:14	Name: _ga Value: GA1.2.1648276849.1618862252

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://ovra.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.taboola.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ovra.me
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
trc-events.taboola.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
141.226.228.48
142.250.186.98
151.101.13.44
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200e
50.116.92.180
0407e5bb534c4ce300a0b2fcc92a34811128b6115e5e4398bcb378d8aeb734f5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
102bdb538bbc14eca923d981fc196beed293733595b62585d62eb46bc3281de6
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
1d249b0f8d99561a3ed523d663355cbc1a720979b521c86969a92e594bf418e5
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23b7cd31d8400a111b1c8024ab019f897caed3ff53a8f01d5f1737fcc8ad5aee
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
382e3ef21c09b77726f0aa910296de598fc4bf3d31aa35a85bece472b48d2f2d
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
5133d3a0a37b771641aa97c5b200aa7da94558afe4ea1e688f6a88e53643efbc
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1
604718118dc76f38c68b059cb71ebe329137cac995b7281e6b93006fde948f92
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
69be2669e7b94f33c8ded87c0fce2d4b4933ed7f53149a418c38f40ad862b17f
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd
89e431d2f9bc031f978b845c4135aeac5d5c3fbaa977b0f570d1c643ce5d332c
8a617c4e180cfd3eeb9c3e2ce307821d8827cb8f8ac13a1cdee8c33961346e70
944994c734b97fc04bf2c0ec8be0a05d5783ed3cb32ffcca07fccfacde6cd2db
98686dc2034f008687be3cae14c7561ec818c0a48c21cd9500e76a2f21275039
9a93ff072096a2d6326c52f63818c17f11b1088a80cb2bdbde106f56422a09fe
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
b48ceb74cebd53c0c3ce95fca3724b562b98750e2f6b1742ddaf999e62074fd3
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc090202590f4cd2534a38809e3271cec2c8abaf32e344f868fa8d6c36e6da5f
c32d44fb92e5524641eedaf8b2d8e2fc59e4a59c9488f80107f1498ca8c2553b
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8a4f275e0f7890dfe8cd1352f61c9b671a5604e0b24ec7d6c2075154e60c696
cb2d02470931440fb03380d364a9888f98ad6f367586f59639cc722d175affc0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d1168a9f337bb18e15b5a91a1452651c8e01cf4649179527e648f235fc409c13
d25791bd938ed9f6ece6ee9060be2550aa4efec180e7d360c55f6d8b5370cadb
d3aa21dae35e21d73018facb95845356ea6f8876531d7a9c60091ba7e4a0dfe2
d5d74b33ad245a070f5c3cf532203e1b89f8c5ab99859c6076e99fdc667620b9
d83ba3b24dcc06fba7631c202dfe34b4b9c8961623fde2fedef636a9b7f8a0f9
d8fe383b48c03149cc7026f71aa81c962ae33d71d319b1e07fca1e25e7e0fe18
d906446c4dee97ef1b17ee45dd8c9f1ba151b1886288b92352df8442262bfbf9
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
de86a261595e6aa15abedbea378a89a6d78ebff1062323c1cb89cf031aa33f14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d9a74698a6bba93f3df9924e1640dfbc67d6967cc53c93f193f02bb8ef56c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54415e29eb70befe2473a69a097e33e3f1e90376016243b2af5173f2c87bd23
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7a72555e7c96311ed79b3614a357ec8250e9e1317d7dd197ffc84d20a6b4783
fa2fe1d1ffa3a908baba4a554b04b3d605dd7a6e2630bfa3265929ba26c5f0c1
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

ovra.me Open in urlscan Pro 50.116.92.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

80 Requests

60 %HTTPS

75 %IPv6

12 Domains

16 Subdomains

17 IPs

3 Countries

1314 kBTransfer

3848 kBSize

6 Cookies

2 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ovra.me Open in urlscan Pro
50.116.92.180 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

60 %
HTTPS

75 %
IPv6

12
Domains

16
Subdomains

17
IPs

3
Countries

1314 kB
Transfer

3848 kB
Size

6
Cookies

80 HTTP transactions
3 data transactions