www.pricelisto.com Open in urlscan Pro
2606:4700:20::681a:30a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za
Submission: On May 24 via api (May 24th 2023, 10:13:30 am UTC) from ZA — Scanned from DE

Summary HTTP 63 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 63 HTTP transactions. The main IP is 2606:4700:20::681a:30a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pricelisto.com. The Cisco Umbrella rank of the primary domain is 631135.
TLS certificate: Issued by E1 on May 8th 2023. Valid for: 3 months.

This is the only time www.pricelisto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:20:... 2606:4700:20::681a:30a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
63	16

15 2606:4700:20::681a:30a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pricelisto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net

p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	284 KB
15	pricelisto.com 1 redirects www.pricelisto.com — Cisco Umbrella Rank: 631135	120 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	74 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com	59 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	107 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	128 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9037	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	606 B
63	11

	Domain	Requested by
15	www.pricelisto.com	1 redirects www.pricelisto.com
12	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.pricelisto.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.pricelisto.com www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
63	16

This site contains links to these domains. Also see Links.

Domain
www.ubereats.com

Subject Issuer	Validity	Valid
pricelisto.com E1	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za
Frame ID: 2EA4B491A50732DBD247BCC0D2368671
Requests: 24 HTTP requests in this frame

Frame: https://www.pricelisto.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: 34FD4DDCDAD44D86D3FC3D6A9F922038
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: A4FA6989C6A68FA9EA2F1429234FB778
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&adk=1812271804&adf=3025194257&lmt=1684923204&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203741&bpp=8&bdt=531&idt=422&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6062437944034&frm=20&pv=2&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=479
Frame ID: FC9DDC6DE1E8654451AA38F1980E10F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=90&slotname=2996314182&adk=2981871458&adf=2297093320&pi=t.ma~as.2996314182&w=1138&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=12&format=1138x90&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rh=90&rw=1138&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203749&bpp=6&bdt=538&idt=477&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G4Ffe5ta9N&p=https%3A//www.pricelisto.com&dtd=491
Frame ID: 16D4BB204A931FF607C32BD518B23E3E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=280&slotname=3369121107&adk=1321131905&adf=1024086498&pi=t.ma~as.3369121107&w=813&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=1&format=813x280&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203755&bpp=3&bdt=544&idt=491&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1138x90&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1782&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FtpnzRxxc8&p=https%3A//www.pricelisto.com&dtd=503
Frame ID: 0C3A1A42A347DB1144EBAE06B6666788
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E0A100B3A0C3EFC95E8434E5539ACBF1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1ABBCF0F6398651AEA367A5B4E221DD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3D39B143F437C65EA6FE49767A05C3FA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 36391C026474EE61CE132101C0F16F28
Requests: 2 HTTP requests in this frame

Frame: https://p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 61834B2B7CB6B10BEE247E3F9D5A8523
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: 642869E361F4309FAC0B6C0F87E1B071
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: 1B9FFCCBE81AD35C3169B6F0EF1E5B1A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CHIAPAS eat mexican, Sandton Menu Prices (ZA) - PriceListo

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

98 %
HTTPS

93 %
IPv6

11
Domains

16
Subdomains

16
IPs

2
Countries

796 kB
Transfer

2165 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ubereats.com/store/chiapas-eat-mexican-sandton/zUKrpZfPQVKWtam6shnGsw
Title: Uber Eats

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.pricelisto.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.pricelisto.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 60

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

63 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request chiapas-eat-mexican-sandton-za Show response
www.pricelisto.com/menu-prices/ 37 KB
8 KB 583ms
539ms Document
text/html 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

066c86b3241213a7e95a81fbb1a6dfd269a27e8fd29d653215b9c0bf967dcaa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7cc4c400b8290374-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 May 2023 10:13:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzJWWGXkNqGrjeWgHH6cUou6SklRS7IfDvCfxJHHQf5OOcFSkI876uTL9CNb%2BryMV9iKL9RBG9SeRyH%2BS%2BYjPgiVI0UfbD%2FdmHCDaPqLmvQ1u3GdEjNJxkmmtG%2BFAT30AV9GVeaBHfaoiBUAkxqHmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 all.css
www.pricelisto.com/assets/css/ 71 KB
15 KB 25ms
22ms Stylesheet
text/css 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pricelisto.com/assets/css/all.css

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203a940f4183d50b9c64ae0a69696b452ceb3bdef2866f3b511c03556c345f2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Feb 2023 18:57:37 GMT
server: cloudflare
etag: W/"63e29f21-11dc3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoH%2FbFSfrMWWyGkM2jsOgSsY02kYrg8CE8OCCoAQvd2WlZx%2FoI3bx4YZt9uzXnen%2Bf%2BLvHjL9lB7Jq5Q6LM4AOLRanoVHebBGi2813fK44l2B3Cf%2FZWAPJI4utVJBxl2x%2FojnM7Nbv97aDcmxknkMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7cc4c4041cd60374-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 50ms
20ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-78805213-1

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9c592e9e1a89752cccd6456e626ec302a44f79bbe727ca90482d2ac4a5b1995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 May 2023 10:13:23 GMT

GET
H2 200 jquery.min.js Show response
www.pricelisto.com/assets/js/ 87 KB
32 KB 21ms
19ms Script
application/javascript 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pricelisto.com/assets/js/jquery.min.js

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 14:07:38 GMT
server: cloudflare
etag: W/"6130daaa-15d84"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFqy2i3xeNDKEbVc%2BlDWCd4BVpBGwd3mi4wXrGBIi8t45bkQtSd2LIbnoEwm2fD0ydNd2EHZv6O4UfUQjxdGrqaXoMqzd1PUAErTO83n8yfpD44%2BGvpY93jo7GFzxF8kJZfErZVx%2BnO4P7QjVYzidg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7cc4c4041cd80374-FRA

GET
H2 200 all.js Show response
www.pricelisto.com/assets/js/ 108 KB
32 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pricelisto.com/assets/js/all.js

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2718f25ccfd5db35ad2d189597e7200d17da22243504dd0300e95e63c1acdfca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5949
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Feb 2023 18:16:01 GMT
server: cloudflare
etag: W/"63e29561-1b05e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eV6X%2BAfyxIaTl9KBIxWh3TM0nzWZZQhR7cG5J1T2EMj5Dnjw2S1fKXY9NCvo15nJlhnnCuDtT1p%2B4116WekZ2Ey0BgXKWscuWNGi6OI38vUuNbfSB1eAouY7EJ%2FEZC6Gx4DOW1IXTKfW3V5tXzLgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
cf-ray: 7cc4c4041cda0374-FRA

GET
H3 200 icon-search-blue.png
www.pricelisto.com/assets/images/ 1 KB
2 KB 18ms
17ms Image
image/png 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pricelisto.com/assets/images/icon-search-blue.png

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/assets/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55d77ce8c5a556be160f96745074af64ae6c6083ffbfe2bdf14dbf647c941d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/assets/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1142
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 14:07:38 GMT
server: cloudflare
etag: "6130daaa-476"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klZi4UEKkeJjXMBZyyCuSzebk0mzFk3pY64bVBtmEBXgs57mX5KZQgrG4eaYd4MKljqJHzfcj7IRnCFEEks3vuHYNXUgg9vxZxDySggUntrfVHcOf%2Fs%2Ba7DwaybUzhsRyfEJ9JRAo3IpQ4CEftNdXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7cc4c4044f2f2bc6-FRA

GET
H3 200 icon-verified.png
www.pricelisto.com/assets/images/ 1 KB
2 KB 281ms
281ms Image
image/png 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pricelisto.com/assets/images/icon-verified.png

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/assets/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7db5af178413540bb832230b89d69c17b2a4db2353d5c4a7132f5f6825629a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/assets/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1500
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 14:07:38 GMT
server: cloudflare
etag: "6130daaa-5dc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe2i9UJ7fAq4paRItGE2d4XQSHUUv5SUZmphWGYj3YMNWFQ%2FOM%2B5q3yzpY9eytFLgzDYlYX3%2FX824HYeEvsyI%2FHqMJZ%2FnWfYV3izY27RxaPEGbYiS9sIKAeoInEKK6WqCSZRT5orOTJzZIX%2Bjrq5zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7cc4c4045f372bc6-FRA

GET
H3 200 icon-map-pin-white.png
www.pricelisto.com/assets/images/ 1 KB
2 KB 21ms
19ms Image
image/png 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pricelisto.com/assets/images/icon-map-pin-white.png

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/assets/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f903c158f710d1a06b277ee606f0e0bbfd75d563c04302d52e3038aee7c0cf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/assets/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1376
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1362
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 14:07:38 GMT
server: cloudflare
etag: "6130daaa-552"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wmoaG2o6JHH%2FbEwEw7JJgCguDf0Zd%2FwFSXrKttzdZcETY0IhXjyn0XOtlSrTpg%2F8DAXQEeeGLcY%2BGEdiQdHMJHwYj6xTYUGcY1L%2FSa%2BLXLx%2FotQEyxZda5jWK8kli1Xp0szKAwDKrBn7QrQ%2FgC2tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7cc4c4049f732bc6-FRA

GET
H3 200 icon-smartphone-white.png
www.pricelisto.com/assets/images/ 1 KB
2 KB 282ms
281ms Image
image/png 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pricelisto.com/assets/images/icon-smartphone-white.png

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/assets/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2306fa64a13f217a6856c9b654cf5cbd255489ac7ce0fcaac82e22841712da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/assets/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1089
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 14:07:38 GMT
server: cloudflare
etag: "6130daaa-441"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peNWsVab5BU4IenP%2FiFowf19PEntUWpzQbq5w%2B%2BHJWtJksZFqOAc8Tk2ylnqfmVZurIu4%2Bsj9CT0d0TOeH3orifNifJxwuHNhBFrvNGtXyU315KlUBtBL5fjku7i%2BE2kJqNdZ1kKuzEVHsi9zk9R1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7cc4c4049f792bc6-FRA

GET
H3 200 icon-plus-minus.png
www.pricelisto.com/assets/images/ 2 KB
2 KB 17ms
16ms Image
image/png 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pricelisto.com/assets/images/icon-plus-minus.png

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/assets/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4c57df878f6ac12c2aabde19de97066fe7d3ab0c80fe0e24925f5e03b0dd5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/assets/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7073
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1751
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 14:07:38 GMT
server: cloudflare
etag: "6130daaa-6d7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNzHU6QdfouOEJCc%2Fhrk2DJzha1FJ6YARXY4uiMoWJutAgDW8SUnVEc0HDWYsmpFeDfSIzxU4vFW3aR5KVa%2Bm4E0L2AkfuEeSc16JWbYVJaU%2FAHVt3C8psU0itmt2sUzxGYBzowrtMptyR0inN%2FCjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7cc4c4049f7b2bc6-FRA

GET
H3 200 icon-comment.png
www.pricelisto.com/assets/images/ 2 KB
2 KB 18ms
18ms Image
image/png 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pricelisto.com/assets/images/icon-comment.png

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/assets/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c0ff73f1f0ae744bab7d4db2e460b8a9c1cb0fb2529e0501b9c98c2cf245bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/assets/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7073
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1803
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 14:07:38 GMT
server: cloudflare
etag: "6130daaa-70b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Utln9t1ao5lUJvvGSrMUn1aXCTN1pDG%2B7n0kfxyF%2Brh01vtGFp%2Fd7VDyJ1njaXkat1QkqrFgDFsAxeCVLudAJ24JfCCXTx2TF9KdxaTDyi4V6Syu5b3xn8uAkNHYVr7XYyFUNWwPrAiBIwzrwksWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7cc4c4049f7d2bc6-FRA

GET
H3 200 icon-star.png
www.pricelisto.com/assets/images/ 2 KB
2 KB 20ms
19ms Image
image/png 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pricelisto.com/assets/images/icon-star.png

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/assets/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6f36a53b0f210de1f94adb177246589e8948ada88bd4721cacf4e99fd657782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/assets/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1964
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 14:07:38 GMT
server: cloudflare
etag: "6130daaa-7ac"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww57iyA7i5ZzTCnv7Awa%2BTMLVnQoKdzE2dvTJQaHUTGdB6COTmPXdO2fxahjzy09ustCllhrGzCnkHErRfDoQqG3SzgcvkPCcY3Qj9K2W%2FVIP7E7zVcSH1TTEsAos37AWirz7nLSwJI8ySEay9slXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7cc4c4049f7f2bc6-FRA

GET
H3

200

invisible.js Show response
www.pricelisto.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame 34FD
Redirect Chain

https://www.pricelisto.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.pricelisto.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

30 KB
14 KB

28ms
15ms

Script
application/javascript

2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pricelisto.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za

Protocol

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a128abb0707317286b916298502ea87942cd40cefa33a2ea90ee1f2da0c029bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vkmad0YdodNDAQ6yoUMqTDw6o82F70HFQqp%2BIwIxdCDPbls21Vz9lin8v0HcM6RQrVSjz1L7pbVAJrq4CNDWSs7g897f4iY3S0G9gdebWfN%2F5KeYJjIv%2Fed3zDTZ0%2FKLcTX7%2BGHwDCwhLIlwVcKTAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cc4c40598da2bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 24 May 2023 10:13:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVVEudQLujBpT99mSktWVif4zNQiiKQ%2F8wrqUqfCsTFynFJShtJ1owKSIcD7esvELoM%2B5DwGWy4waWHdrp9L18SHfZuALu9n0QGZAyM8POyjpxLm1TyJh2jR%2FjQGcHK%2BOVlmdGKjDRPflmvSEkN6PA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
cache-control: max-age=300, public
cf-ray: 7cc4c405286d2bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 51ms
10ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1FMLFKXBSS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78805213-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1659423562290e759fc1f64b66a919f0e5fff7b674d6f25ff6c52062b2771637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82511
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 May 2023 10:13:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 98ms
5ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78805213-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 May 2023 09:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4109
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 24 May 2023 11:04:54 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 83ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1FMLFKXBSS&gtm=45je35m0&_p=783445322&cid=1108456382.1684923204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684923203&sct=1&seg=0&dl=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&dt=CHIAPAS%20eat%20mexican%2C%20Sandton%20Menu%20Prices%20(ZA)%20-%20PriceListo&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FMLFKXBSS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 10:13:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pricelisto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 22ms
16ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=783445322&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&ul=en-us&de=UTF-8&dt=CHIAPAS%20eat%20mexican%2C%20Sandton%20Menu%20Prices%20(ZA)%20-%20PriceListo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=65609466&gjid=1725789800&cid=1108456382.1684923204&tid=UA-78805213-1&_gid=1530306400.1684923204&_r=1&gtm=457e35m0&jsscut=1&z=1876705352

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pricelisto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 May 2023 10:13:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pricelisto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 90ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2045753300779197

Requested by

Host: www.pricelisto.com
URL: https://www.pricelisto.com/menu-prices/chiapas-eat-mexican-sandton-za

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fe030d49f629a87b3c26cec06e7b82a41024fe68d52dd965aaa788375501554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pricelisto.com/
Origin: https://www.pricelisto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47477
x-xss-protection: 0
server: cafe
etag: 16522309292759194373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 May 2023 10:13:23 GMT

GET
H3 200 pica.js
www.pricelisto.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 34FD 6 KB
3 KB 32ms
27ms Other
application/javascript 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pricelisto.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9be1e214e5895cb0e0a9d5df994fea14c57735b0e56b264bc9d164accafe6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIMx5rrj4wDeRT5KJnD2Q%2BatJzEAV5Rluy30v0YXN6ytbTTO6v5qbBrbB%2BliBRaj3xVeZIHsRES%2FEE49JqYvi4zBTtLviyXYGBw31Bv44NmN5rfugAFFxwWlqSRyv7AcSu%2BJ4pGdTDbmY3AaoCLgQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cc4c4069a302bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ 350 KB
118 KB 115ms
74ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2045753300779197&plah=www.pricelisto.com&bust=31074839

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2045753300779197

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf7d4189368191f6e68b1cb5eb3e557486cf1ab5ef6edcc371e6b9ad538d612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120276
x-xss-protection: 0
server: cafe
etag: 16475459482572851086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 May 2023 10:13:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame A4FA 10 KB
5 KB 72ms
10ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2045753300779197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pricelisto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 22:54:33 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 22:54:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 7cc4c400b8290374 Show response
www.pricelisto.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 34FD 2 B
642 B 38ms
37ms XHR
text/plain 2606:4700:20::681a:30a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pricelisto.com/cdn-cgi/challenge-platform/h/g/cv/result/7cc4c400b8290374
Requested by: Host: www.pricelisto.com
URL: https://www.pricelisto.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 May 2023 10:13:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhuhUSML9rvzfDvF20I3xBGVaeNoqT18IOLRIvekm7YbDHAt4v6LIAAFwytVtVawF91hQZDNVpGAMZ%2Fb9wCzZkTV%2Fh%2FfZXslur24BbmVEeQqIoHZ8hfj1Ynis1bQSJWJiPgRnY8lpX8MWNbJRzRv9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cc4c409be492bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
606 B 91ms
12ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.pricelisto.com&callback=_gfp_s_&client=ca-pub-2045753300779197

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2045753300779197&plah=www.pricelisto.com&bust=31074839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc12dbee87224909b419e557de3385f312e69e52c3b25a7ac133a4adedf778c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 72ms
13ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pricelisto.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 75ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pricelisto.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC9D 0
179 B 243ms
219ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&adk=1812271804&adf=3025194257&lmt=1684923204&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203741&bpp=8&bdt=531&idt=422&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6062437944034&frm=20&pv=2&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=479

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pricelisto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:24 GMT
expires: Wed, 24 May 2023 10:13:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 72ms
48ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230518&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e393553c604a4542cbcea0aa82408297041a14845b71db5cfe552d078baa230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11075
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16D4 81 KB
32 KB 905ms
886ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=90&slotname=2996314182&adk=2981871458&adf=2297093320&pi=t.ma~as.2996314182&w=1138&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=12&format=1138x90&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rh=90&rw=1138&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203749&bpp=6&bdt=538&idt=477&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G4Ffe5ta9N&p=https%3A//www.pricelisto.com&dtd=491

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf3fb5a03c282ff0ed2b5182fba1182c441388e8e2f4fb2d2cde370888a53b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pricelisto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32149
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:25 GMT
expires: Wed, 24 May 2023 10:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C3A 107 KB
37 KB 448ms
440ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=280&slotname=3369121107&adk=1321131905&adf=1024086498&pi=t.ma~as.3369121107&w=813&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=1&format=813x280&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203755&bpp=3&bdt=544&idt=491&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1138x90&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1782&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FtpnzRxxc8&p=https%3A//www.pricelisto.com&dtd=503

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0aeb6efadc265aae6b4ff0cd814ae7380d2570bb6b9494b8be70fbec3ee0115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pricelisto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:24 GMT
expires: Wed, 24 May 2023 10:13:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 116ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 May 2023 10:13:24 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E0A1 13 KB
5 KB 24ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pricelisto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 09:58:22 GMT
expires: Thu, 23 May 2024 09:58:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F1AB 783 B
1 KB 104ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7522498ff798322b9b25f44bf5f370790254a1f47d6743fbc65aac272958434e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vwB6Q-1hyPgKEaLOG1JKhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pricelisto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-vwB6Q-1hyPgKEaLOG1JKhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:24 GMT
expires: Wed, 24 May 2023 10:13:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame E0A1 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:55:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F1AB 0
0 43ms
42ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230518&jk=718265056232052&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E0A1 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UUa9OQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 0C3A 8 KB
4 KB 80ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=280&slotname=3369121107&adk=1321131905&adf=1024086498&pi=t.ma~as.3369121107&w=813&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=1&format=813x280&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203755&bpp=3&bdt=544&idt=491&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1138x90&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1782&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FtpnzRxxc8&p=https%3A//www.pricelisto.com&dtd=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Fri, 19 May 2023 05:26:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 20:24:23 GMT

GET
H2 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame 0C3A 9 KB
4 KB 98ms
26ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 04:00:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C3A 14 KB
2 KB 101ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 10:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 09:15:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 10:13:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 0C3A 2 KB
765 B 32ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:00:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 0C3A 22 KB
9 KB 18ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:56:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 0C3A 3 KB
1 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 16:12:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 0C3A 19 KB
8 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:56:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C3A 171 KB
54 KB 98ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 10:13:24 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 0C3A 32 KB
13 KB 40ms
4ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0C3A 0
0 70ms
48ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvVGbRONtZM24EbGDkdUPvoqjkAvut-DMcMzW7crGEcCNtwEQASCnw9ZPYJXikIKgB6ABhLvK4APIAQGpAjQ-HZeJDl8-qAMByAPLBKoEkQJP0JarOVKtckKFiRUvAz-10Wyw_bydhuf2lRgBG3QdCF1Ty-F2-FDNlVc3sYPmUCxEAnAZZ33u7qTeLntCi7B32VHZkqSYGhH5pRjyyUaCIgLJkQvdBUDg1OUyPD8eBVaZl1-9uOZ2KQ_XZzkX5yZxcz3Z_4NOGv19x3CmcFnI94gwkw2hBLdIkVCd8X-69gcXHd5lwqUHQezHKhEWhgRZuSsHs9A2P_gTXgbBl-pBDCybjW-aP2Pzp0OgjaPBC6bjGelMlupwr4Rd-QRs3UptV8Sx6LEWz6PHfi-69yGoiuR1QHDSUn1n02_aFqMwikCoP7FzWVvCppqrVTO7C16Vfd8YckaETUoo3VaAKkJP_0PABKKCk5CwBIAH5MS1H6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJDeA9IIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItMjA0NTc1MzMwMDc3OTE5NxgA&sigh=a9ClaynwSVg&uach_m=[UACH]&cid=CAQSGwBygQiDLFIgXDpe94vwbw5PunM6pzkULH7JiRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=280&slotname=3369121107&adk=1321131905&adf=1024086498&pi=t.ma~as.3369121107&w=813&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=1&format=813x280&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203755&bpp=3&bdt=544&idt=491&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1138x90&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1782&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FtpnzRxxc8&p=https%3A//www.pricelisto.com&dtd=503
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 10:13:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 May 2023 10:13:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3D39 143 B
166 B 14ms
10ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=280&slotname=3369121107&adk=1321131905&adf=1024086498&pi=t.ma~as.3369121107&w=813&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=1&format=813x280&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203755&bpp=3&bdt=544&idt=491&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1138x90&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=1782&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FtpnzRxxc8&p=https%3A//www.pricelisto.com&dtd=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:10:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0C3A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfa4e46fdb6b0ac15e3ee232529088b4e81b6a7593e99d997e5cc9444d58ef51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0C3A 33 KB
34 KB 214ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 54248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 19:09:17 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3D39
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
17ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:25 GMT
expires: Wed, 24 May 2023 10:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230518&jk=718265056232052&bg=!09Cl0ITNAAZ8_aWmXP07ADkAdvg8WhxL75NVp1Zyffea_yeMAUb5HcDI9AjHp9o7gyDP8X9jOwCvRUHwhus5S_PYcpdqaH0CuKwCAAAAoVIAAAACaAEHCgBIjJPMZRjazuzaJB4yJgBbUBaN7zEA9Y-EcOumY9pXorJt5IJErB7kTwXEyC_PlY_O2aCzJ_GUJz3zT4weJEtvmbBr9Xxhi-jDmQKwou_nSNeiZwvHHVM9sRiDv5y791FP7aQrDcD0MFRERr5e5XyYYpoQjD3Q4EFyrVUURSNhfNX1rcPRzMbj30bWlZndmTRwuz3UbFzpp67mhqlr1rozWzIMZh2DDHcFfWC8Ouzf-GxAjQKPr-8gY77rmdtV3xv-w0gjFCGrVmwAGZm5_p3ZS0Sqtpv7wN7FDClM49SgcAttWLJvVLxQVQobqG9T0P1Ko6fkOneZRQAEH2aEX8hnP95ohQNgeUzCdlP5z5WmmcovjhhDEFVLQDgU0xHPrj1hVMtKFzXtpql4gBh3jMvDoK9SF8SF7_C_pKkGvoSTGrUoG_TS35mqnXALzmUnVMRUu8a6RWJw1KEVOcc2oToVDILgEuJICYx_HP677fRggsLQJTV1S40CmUMLWNJTOBFU2EjAdRhh-SdImLpExk9Q2I-SHIzGVI8M7aaLAKcAc-QLyr6TZrjPhHTTdGAgIGP03qdIisc56tpgzl87ULn1Bz0e3gdyQi7wTqmwLJLJwjGGfWn8yhInbXmtD9_Ne4O5-tN9kPPa9VunvhQZK_om9fMFG9WyWBdrlsKYohychavc3JXs9T9dcg5lTVeAh7lZhMLmzXM2KXs9zYXeyJ9BHNabDyS9HKcz_nKLhRewcgrIDNvrgpLYm18F9t32OY9yzroFrpjwOwCM4k_UKReu4afWZRa8eVJJcrXY9RGHJj11q9v4afKkdmc8W7UJpdvgnPh2iBypbfC283RkwdVehRw8fc5DjZW5t_pZp6AI9XcR5Y0kz2OqIFI9GMAEOcPYqjebeemAKlrM32P2Xv895T8Tc0_oJxMlUldn7TIBZGEciPkoMmieMVmE8b0DBnX7iqJ9YOZtJwaYQhtH1HwVPIzgLfOb8rkEpWRgTp4Evg_G8-fa3btrrJRRuA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pricelisto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 12994433035307566163
tpc.googlesyndication.com/simgad/ Frame 16D4 5 KB
5 KB 12ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12994433035307566163?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmKDzGuQY6tXBStz9J4GFNjpTtSxQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=90&slotname=2996314182&adk=2981871458&adf=2297093320&pi=t.ma~as.2996314182&w=1138&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=12&format=1138x90&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rh=90&rw=1138&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203749&bpp=6&bdt=538&idt=477&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G4Ffe5ta9N&p=https%3A//www.pricelisto.com&dtd=491

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3bf4e6984d53de8bdee6ad62bd95e796de51c58ca86664958f0e3cc6219e34b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 17:30:12 GMT
x-content-type-options: nosniff
age: 60193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5262
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 10:01:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 May 2024 17:30:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 16D4 22 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:56:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 16D4 3 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 16:12:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 16D4 19 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:56:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16D4 171 KB
53 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 10:13:25 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 16D4 32 KB
13 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
server: cafe
etag: 484897097926465030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 16D4 0
0 56ms
52ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPkTJRONtZJudEbHCnsEPncemkAnMzKzgb7vIsKLGEe-P89bZIhABIKfD1k9gleKQgqAHoAGk3ZqLA8gBAqgDAcgDyQSqBIoCT9CnVf1DrCXpkLBFBoBGNnW2q0yKmUgd9yLqXffhQk2aTw0EvZ0cfexmY3j0pEvSKtyPWs8hi93-VI-NlA4S_J92Okn0KzTmlLZWUwRZisHiR_vdEpd1f7O2wnh8o-dRehmF4ktAqlc5sbRcg7-p9IFwj98QFwvwt8j-LUaPW3QyAOBs32bz-5e7YMQTGOJhugyWw1BThcts0hhcHAXGbwZGN_VS_sQhcUgWjEJULpoGskCtUuBkrb3S3K22KTpgyylxJvD5tthXuPiJhSwAnz-tYXQf84prSoMRTccYECX0vnXf71_ZAU9gPSfxGtlfGQ1Bkg6MXz7hbvA3Apj7zmLnkkVvE8G3Q8vABKzIs8qlBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfEouV0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQv5wM0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOoAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yMDQ1NzUzMzAwNzc5MTk3GAA&sigh=AezfpI6JXUs&uach_m=[UACH]&cid=CAQSGwBygQiDcq9AqRYxoreGDh-quti5JfDpf3SN4hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=90&slotname=2996314182&adk=2981871458&adf=2297093320&pi=t.ma~as.2996314182&w=1138&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=12&format=1138x90&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rh=90&rw=1138&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203749&bpp=6&bdt=538&idt=477&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G4Ffe5ta9N&p=https%3A//www.pricelisto.com&dtd=491
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 10:13:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3639 143 B
166 B 10ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2045753300779197&output=html&h=90&slotname=2996314182&adk=2981871458&adf=2297093320&pi=t.ma~as.2996314182&w=1138&fwrn=4&fwrnh=100&lmt=1684923204&rafmt=12&format=1138x90&url=https%3A%2F%2Fwww.pricelisto.com%2Fmenu-prices%2Fchiapas-eat-mexican-sandton-za&fwr=0&fwrattr=true&rh=90&rw=1138&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684923203749&bpp=6&bdt=538&idt=477&shv=r20230518&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6062437944034&frm=20&pv=1&ga_vid=1108456382.1684923204&ga_sid=1684923204&ga_hid=783445322&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31074839%2C44788442%2C44789923&oid=2&pvsid=718265056232052&tmod=1847487724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=G4Ffe5ta9N&p=https%3A//www.pricelisto.com&dtd=491
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:10:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 6183 247 B
869 B 84ms
42ms Document
text/html 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

7158ebe27406decda8bcdbc82c5bb2a1e3bdc0fa4a14768378eecf6df14cd4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-fBYaroIYAVN3igYF6rV0jw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 16D4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a6035722f4f567dbc50d41f140ec60c633a73d78b9cc93bf00ad8341c99a521

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6428 37 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:55:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3639
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
15ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:25 GMT
expires: Wed, 24 May 2023 10:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 6183 5 KB
2 KB 43ms
42ms Document
text/html 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

3475a54632ada4e7bf9bf73b96a33f0cb462b8ec7853f208b4d0e62394a4880e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-8ePa4UuQVnggowDyDE3wcA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:13:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B9F 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 16:55:03 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 16D4 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0846TO0RHPhB1lUzmzUn_PRC0doDrp3HF0blRIxqOZYfFyC--XNCj5uwTCbtB12FTlhstnVkTd6Nk63m6ykTjVy19ZIuCWoAqLS88IJv1Xh4PGTVaTem7ajXMnJVJRxzh0gq81A&sai=AMfl-YR7Amg6uDoqrBPEL86pqOnJRA0sa9CmTyVW-EmXZrCBT-HdqORKrNZXXVTI3Zxh1PqXpl9XZnqRUA2w&sig=Cg0ArKJSzJD-yvFi2dFiEAE&cid=CAQSGwBygQiDcq9AqRYxoreGDh-quti5JfDpf3SN4hgB&id=lidar2&mcvt=1000&p=0,202,90,937&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2981871458&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684923204242&rpt=1093&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 10:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pricelisto.com/	1970-01-20 12:02:10	Name: XSRF-TOKEN Value: eyJpdiI6ImRXYzhBc2lFblMzeFZCM29LM0YrWEE9PSIsInZhbHVlIjoiSHJLKzFxMDBrSW80enZDcmVRUWFBM1RvdUxVaFBsb0NUcWRtUExQdWhhUVdUV2ZnOUNKZE13ZG9pRlN3NTE5RCIsIm1hYyI6IjlmYzhmNjUxM2IxNWQxZDNlMDk4M2JjYTc4MWIzMzE2YmJkOWRlODEzYmVlZDk2MGJiYTM4NzE1YjQxMTY1OTYifQ%3D%3D
.pricelisto.com/	1970-01-20 12:02:10	Name: pricelisto_session Value: eyJpdiI6IkRiYXloNkt4NlZIbWxoeTlmeExoZEE9PSIsInZhbHVlIjoib0RvNGljVkFiQ1g2VVh2THVQcmdqM1dqbUY5ZWtYQVk5K0ZxWGFDbmdITVpGU1VcL0psOVhLR2VlZGZab2Z1V3ciLCJtYWMiOiJhYTc1NWM1Y2U1ZTA2YWE3OTE0ZDkxZmFjODI4ZmZkOWNlYzAyMjE4NmY5Y2Q4ZTA4MThlYzhlMWQwNWNhY2Y3In0%3D
.pricelisto.com/	1970-01-20 21:38:03	Name: _ga_1FMLFKXBSS Value: GS1.1.1684923203.1.0.1684923203.0.0.0
.pricelisto.com/	1970-01-20 21:38:03	Name: _ga Value: GA1.2.1108456382.1684923204
.pricelisto.com/	1970-01-20 12:03:29	Name: _gid Value: GA1.2.1530306400.1684923204
.pricelisto.com/	1970-01-20 12:02:03	Name: _gat_gtag_UA_78805213_1 Value: 1
.pricelisto.com/	1970-01-20 12:02:05	Name: __cf_bm Value: KReDDYyhqpq0iPIVcLurFTLWzwYTSW_gUGCM5Y12lpE-1684923204-0-AQD5I3AM+rpzUR42sE1VKY3Kcx6cQ0adKK59YXu+WWc6VdubKXXCqPhvhVYFAJFBdODh0dqt0uoN2m0Uw92xc9a6ub9avokYSvnmApZ4xvsY
.pricelisto.com/	1970-01-20 21:23:39	Name: __gads Value: ID=981f7bee89057938-22f6698ce5dd0043:T=1684923204:RT=1684923204:S=ALNI_Ma5COQtnd2FsUSc1XR1UsMCo7rAvQ
.pricelisto.com/	1970-01-20 21:23:39	Name: __gpi Value: UID=00000c1a4daad28d:T=1684923204:RT=1684923204:S=ALNI_MZNRlYPHJc-YUUi_u9mioI6Xux2cw
.doubleclick.net/	1970-01-20 21:23:39	Name: IDE Value: AHWqTUnP5NvYYcguEGE_YIDZ3dk3txCAQh3Pf0rsgN40sn9Sh3p8xmQxLVoDdBQ-CHM
.doubleclick.net/	1970-01-20 12:02:04	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 12:02:06	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
p4-f6vk6w47cm3sg-3cncw2lxhnitkow5-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pricelisto.com
172.217.23.99
2001:4860:4802:32::36
2001:4860:4802:34::178
2606:4700:20::681a:30a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
066c86b3241213a7e95a81fbb1a6dfd269a27e8fd29d653215b9c0bf967dcaa2
0fe030d49f629a87b3c26cec06e7b82a41024fe68d52dd965aaa788375501554
1659423562290e759fc1f64b66a919f0e5fff7b674d6f25ff6c52062b2771637
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6
203a940f4183d50b9c64ae0a69696b452ceb3bdef2866f3b511c03556c345f2f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2718f25ccfd5db35ad2d189597e7200d17da22243504dd0300e95e63c1acdfca
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3475a54632ada4e7bf9bf73b96a33f0cb462b8ec7853f208b4d0e62394a4880e
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d77ce8c5a556be160f96745074af64ae6c6083ffbfe2bdf14dbf647c941d13
5c0ff73f1f0ae744bab7d4db2e460b8a9c1cb0fb2529e0501b9c98c2cf245bd8
5e393553c604a4542cbcea0aa82408297041a14845b71db5cfe552d078baa230
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7158ebe27406decda8bcdbc82c5bb2a1e3bdc0fa4a14768378eecf6df14cd4ad
7522498ff798322b9b25f44bf5f370790254a1f47d6743fbc65aac272958434e
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
9a6035722f4f567dbc50d41f140ec60c633a73d78b9cc93bf00ad8341c99a521
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a128abb0707317286b916298502ea87942cd40cefa33a2ea90ee1f2da0c029bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9be1e214e5895cb0e0a9d5df994fea14c57735b0e56b264bc9d164accafe6ae
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
bc12dbee87224909b419e557de3385f312e69e52c3b25a7ac133a4adedf778c1
bfa4e46fdb6b0ac15e3ee232529088b4e81b6a7593e99d997e5cc9444d58ef51
c0aeb6efadc265aae6b4ff0cd814ae7380d2570bb6b9494b8be70fbec3ee0115
c3bf4e6984d53de8bdee6ad62bd95e796de51c58ca86664958f0e3cc6219e34b
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
cf3fb5a03c282ff0ed2b5182fba1182c441388e8e2f4fb2d2cde370888a53b5f
cf7d4189368191f6e68b1cb5eb3e557486cf1ab5ef6edcc371e6b9ad538d612d
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d6f36a53b0f210de1f94adb177246589e8948ada88bd4721cacf4e99fd657782
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c57df878f6ac12c2aabde19de97066fe7d3ab0c80fe0e24925f5e03b0dd5fb
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7db5af178413540bb832230b89d69c17b2a4db2353d5c4a7132f5f6825629a0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f903c158f710d1a06b277ee606f0e0bbfd75d563c04302d52e3038aee7c0cf4e
f9c592e9e1a89752cccd6456e626ec302a44f79bbe727ca90482d2ac4a5b1995
fd2306fa64a13f217a6856c9b654cf5cbd255489ac7ce0fcaac82e22841712da

www.pricelisto.com Open in urlscan Pro 2606:4700:20::681a:30a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

93 %IPv6

11 Domains

16 Subdomains

16 IPs

2 Countries

796 kBTransfer

2165 kBSize

12 Cookies

1 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pricelisto.com Open in urlscan Pro
2606:4700:20::681a:30a Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

93 %
IPv6

11
Domains

16
Subdomains

16
IPs

2
Countries

796 kB
Transfer

2165 kB
Size

12
Cookies

63 HTTP transactions
2 data transactions