pga.hetadonc.com Open in urlscan Pro
104.21.11.173  Public Scan

53 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

• https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D56097eb0-6eca-405a-8175-0ebe2d32f4c8%26uid%3D&&callback=window.proper_22e3ff75_b8d95d90_1 HTTP 302
• https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=56097eb0-6eca-405a-8175-0ebe2d32f4c8&uid=

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response pga.hetadonc.com/	279 KB 280 KB	595ms 467ms	Document text/html	104.21.11.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pga.hetadonc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.173 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9dfcb085c4839fc97855787fb72fdcf48250f7e5f429bee0867784718ae06d44 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 3049 alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, no-transform cf-cache-status DYNAMIC cf-ray 893c8bad7f159f34-FRA content-type text/html; charset=UTF-8 date Fri, 14 Jun 2024 18:57:21 GMT expires Fri, 14 Jun 2024 18:57:21 GMT last-modified Fri, 14 Jun 2024 17:22:55 GMT link <https://www.jamieoliver.com/wp-json/>; rel="https://api.w.org/", <https://www.jamieoliver.com/wp-json/wp/v2/pages/688>; rel="alternate"; type="application/json", <https://www.jamieoliver.com/?p=688>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2se7wfr8mWYygJIa3MhuFZTu9Y%2BJG4fRr4C8yugJsFFtG51l3qKLM2A1GJvAdzCk1GoH3ySJi3kdGY%2FzjklLk%2FmnDKZfihoPa7oEGDBZ6S%2F32%2BYZVf9NlwHrLKcu75r49rq"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding via 1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront) x-amz-cf-id xNIVuCB4qmffm9XJYHdrNzabe3vbcSbYYcw8bSd6yfi0S5kCqJ4TGg== x-amz-cf-pop AMS1-P2 x-backend default x-cache Miss from cloudfront x-cache-age 3049.802 x-cache-hits 3 x-cache-keep 3600.000 x-cache-ttl-remaining 550.198 x-chef 2020 x-country-code x-frame-options SAMEORIGIN x-zephr-cache miss
GET H2	200	css2 fonts.googleapis.com/	8 KB 1 KB	142ms 51ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Cabin:wght@400;500;600&family=Oswald:wght@400;600&family=Poppins:wght@900&display=swap Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 82304c8ba1858c3f6c4783132a582b9db3547dc6e84f13bac67cb6e512fcd853 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 14 Jun 2024 18:57:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 14 Jun 2024 18:57:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 14 Jun 2024 18:57:22 GMT
GET H2	200	overall.concat.css cdn.jamieoliver.com/library/build/1127/	367 KB 53 KB	168ms 69ms	Stylesheet text/css	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jamieoliver.com/library/build/1127/overall.concat.css Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a5886eb91b14ca7cca14bef92e75950b1476bbd795619b52a982ced866096ce Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT x-amz-version-id .jUQMrlpXZ8rXlZX5wX4BlP0Pmk_ufR2 content-encoding gzip cf-cache-status HIT x-amz-request-id N8DN2Z92H07CVN3E age 1275393 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 gpwNHharGoTXTtZ/V+2IfzRBoLVnK36QsSjWL7PQvjUHl1JVIEemBtCw+HxFMfzptq+vAO74Wlw= last-modified Thu, 30 May 2024 18:52:18 GMT server cloudflare etag W/"f0816b84f976a81b52c8c05e81a1e812" vary Accept-Encoding content-type text/css cache-control public, max-age=16070400 cf-ray 893c8bb11db218ed-FRA expires Tue, 17 Dec 2024 18:57:22 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.4/	88 KB 31 KB	133ms 39ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 16:20:05 GMT content-encoding gzip x-content-type-options nosniff age 9437 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31154 x-xss-protection 0 last-modified Tue, 04 Apr 2023 03:27:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Jun 2025 16:20:05 GMT
GET H2	200	cookie.concat.js Show response cdn.jamieoliver.com/library/build/1127/	335 KB 96 KB	168ms 70ms	Script application/javascript	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jamieoliver.com/library/build/1127/cookie.concat.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d775838fba8f1f716c809308231419ec2eaf7bb34c37b772df877baef5b921a7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT x-amz-version-id gsdZJybApOnep32d7.IT.gS4dLmeUv0L content-encoding gzip cf-cache-status HIT x-amz-request-id N8DZX8JXJNMN22C3 age 1275393 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 RcxtaXB74oMD0MeNu62zUwTZooUiCWWOAT1lTh7HLI+ykuMpjG5Thotl3eBiOPGoZHJMRjO2vxY= last-modified Thu, 30 May 2024 18:52:18 GMT server cloudflare etag W/"1c71923a2f593a149636b4d44cd971f3" vary Accept-Encoding content-type application/javascript cache-control public, max-age=16070400 cf-ray 893c8bb11db318ed-FRA expires Tue, 17 Dec 2024 18:57:22 GMT
GET H2	200	154640293.jpg img.jamieoliver.com/jamieoliver/recipe-database/	93 KB 93 KB	141ms 126ms	Image image/webp	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.jamieoliver.com/jamieoliver/recipe-database/154640293.jpg?tr=w-800,h-1066 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6106fedfa38aad31db1af0858078f5c19e934aab155a98e703ca7d80c165f91 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT via 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-cf-pop FRA56-P4 x-cache Hit from cloudfront content-length 95056 x-request-id bd2061d8-f31f-4890-9dc2-42535afcd0de server cloudflare etag W/"17350-RnMwVzQWnz3md3AHEZLg08MQEO4" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-server ImageKit.io accept-ranges bytes cf-ray 893c8bb18e6418ed-FRA timing-allow-origin * link <https://cdn.jamieoliver.com/recipe-database/154640293.jpg>; rel="canonical" x-amz-cf-id awaN8lDDuiZtbZdrADN0Bzw9TlyXriWNnuFnhy1IkPbYwDk01ewNIA== access-control-allow-headers * expires Sat, 14 Jun 2025 18:57:22 GMT
GET H2	200	navigation.concat.js Show response cdn.jamieoliver.com/library/build/1127/	5 KB 2 KB	81ms 81ms	Script application/javascript	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jamieoliver.com/library/build/1127/navigation.concat.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d38078e5167f90a4d86967ebf43e20fc3b0e5ce37594d0a9accd8412289352cd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT x-amz-version-id dJklANa6WbyurGAjQu2QVHvc1u0drzF4 content-encoding gzip cf-cache-status HIT x-amz-request-id TFE3KNZR9M20WJTN age 261726 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 qcioQzZPuWi6Vt9TBNTM3U+EEdmkUvK1DRxYwnZJesAksqexTCzFZWpAyQchyRH65cV1yWC8wvY= last-modified Thu, 30 May 2024 18:52:18 GMT server cloudflare etag W/"2476fb5be0d182d3e1d2142387a1db95" vary Accept-Encoding content-type application/javascript cache-control public, max-age=16070400 cf-ray 893c8bb18e6918ed-FRA expires Tue, 17 Dec 2024 18:57:22 GMT
GET H2	200	overall.concat.js Show response cdn.jamieoliver.com/library/build/1127/	221 KB 65 KB	126ms 124ms	Script application/javascript	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jamieoliver.com/library/build/1127/overall.concat.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2845df2e6eae9d9eedbd4caacfbec6b4c1dd4ca0486f07d9085e99624f48dd5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT x-amz-version-id U_Q5WeacAsn1hb_wK6r6yoVM8zJuTA7o content-encoding gzip cf-cache-status HIT x-amz-request-id AG61VXB23R9T7NMP age 265989 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 EdmZW3OD6CLe04hLMF4b668J6xMONdfMf9lb5Yyj2w9XlO3s/bqrq13XYzRKdCq9XrLgL9EsPt0= last-modified Thu, 30 May 2024 18:52:18 GMT server cloudflare etag W/"7a0bf01741f01018c8cf327cc1055bf7" vary Accept-Encoding content-type application/javascript cache-control public, max-age=16070400 cf-ray 893c8bb22f7e18ed-FRA expires Tue, 17 Dec 2024 18:57:22 GMT
GET H3	200	shopping-list-sp.js Show response cdn.whisk.com/sdk/	189 KB 64 KB	179ms 63ms	Script text/javascript	172.67.38.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.whisk.com/sdk/shopping-list-sp.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.38.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9046b5e1156e58f12656473d733ec719afed3e2ddf4e302a8613f6b144ac68f2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 31 May 2024 11:05:35 GMT server cloudflare age 11011 etag W/"145a316383ae60821a79fb67167aa273" vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=14400, must-revalidate cf-ray 893c8bb34e471941-FRA alt-svc h3=":443"; ma=86400 expires Fri, 14 Jun 2024 19:10:26 GMT
GET H2	200	recipes.js Show response cdn.jamieoliver.com/library/build/1127/	10 KB 3 KB	149ms 148ms	Script application/javascript	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jamieoliver.com/library/build/1127/recipes.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c4794e3d69b30b7b898732807b8b7bfd9cb0550459e5d347df8a56ec644b473 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT x-amz-version-id yDndHhlJbKZQ8VkaJx.oL4ZmqbiwOOB0 content-encoding gzip cf-cache-status HIT x-amz-request-id K29YQ9191409J966 age 1275203 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 9F5OXkREPehICmIBaDWoBQtV5FsYa6v/SNesPV8uizT2Sx6eAixCIts/6+cjyFOtTTtl91axsvA= last-modified Thu, 30 May 2024 18:52:18 GMT server cloudflare etag W/"6194ee0afba292abf6f1afd6d5f9bd6c" vary Accept-Encoding content-type application/javascript cache-control public, max-age=16070400 cf-ray 893c8bb28ff618ed-FRA expires Tue, 17 Dec 2024 18:57:22 GMT
GET H2	200	jamieoliver.min.js Show response global.proper.io/	35 KB 8 KB	1268ms 1167ms	Script text/javascript	108.138.7.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://global.proper.io/jamieoliver.min.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-125.fra56.r.cloudfront.net Software / Resource Hash d434a3021fab7505d7c9aca7035456fb363144be47a2733f888d687ac22cac9a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:23 GMT content-encoding br via 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront) last-modified Mon, 13 May 2024 16:51:16 GMT x-amz-cf-pop FRA56-P6 x-amzn-requestid 470623ff-5158-424f-9045-56ab0e433248 x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Miss from cloudfront content-type text/javascript cache-control public, max-age=300 x-amz-cf-id poWfz5qVh4LyJmN6eMaBxwQ_a_36-t8wfpxqxCBz4zdVbr3trR4AgA==
GET H2	200	search-bg.png cdn.jamieoliver.com/library/images/search/	604 B 842 B	109ms 108ms	Image image/png	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.jamieoliver.com/library/images/search/search-bg.png Requested by Host: cdn.jamieoliver.com URL: https://cdn.jamieoliver.com/library/build/1127/overall.concat.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b54aa330087ee9e6dc7f55773e3782cdf5aa4756716cc4e7b8c7ad3c778d331a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://cdn.jamieoliver.com/library/build/1127/overall.concat.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT x-amz-version-id null cf-cache-status HIT x-amz-request-id BRVDBKVVTQMQ3KSQ age 2471931 content-length 604 x-amz-id-2 94l2OgRiCZ1b1VKyT+1sXKWTZp/IF4fseOo9EpqhZHOxqbTU4v7MCJzGIMkLdjCLExkv8J5WBAo= last-modified Wed, 08 May 2019 10:05:34 GMT server cloudflare etag "3723fd9c05982b73584718acfa37f2ca" vary Accept-Encoding content-type image/png cache-control public, max-age=16070400 accept-ranges bytes cf-ray 893c8bb2c85918ed-FRA expires Tue, 17 Dec 2024 18:57:22 GMT
GET H2	200	search-icon-v2.svg cdn.jamieoliver.com/library/images/SVG/	572 B 647 B	109ms 109ms	Image image/svg+xml	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.jamieoliver.com/library/images/SVG/search-icon-v2.svg Requested by Host: cdn.jamieoliver.com URL: https://cdn.jamieoliver.com/library/build/1127/overall.concat.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d995220eb37bf96caf1445f4bf61ffddff5db0669fefc1a97452adac8dae811c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://cdn.jamieoliver.com/library/build/1127/overall.concat.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT last-modified Tue, 07 May 2019 12:50:45 GMT server cloudflare x-amz-request-id 33BZF7QW268CFAFS age 267514 etag W/"e083904db2cb8f89c8bd3a4e982f09fc" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=16070400 cf-ray 893c8bb2c85e18ed-FRA x-amz-id-2 TlXrdhWCh4L+wvgpyi1Mjg6I1Vf1m3hjj48HreXbsqiquToTl5gfRvZGuU9SJXUt++H8+2OmNOA= expires Tue, 17 Dec 2024 18:57:22 GMT
GET H2	200	btn-print.svg cdn.jamieoliver.com/library/images/recipes/svg/	1 KB 895 B	110ms 110ms	Image image/svg+xml	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.jamieoliver.com/library/images/recipes/svg/btn-print.svg?v=1.1 Requested by Host: cdn.jamieoliver.com URL: https://cdn.jamieoliver.com/library/build/1127/overall.concat.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e92a83100d65e149fbd41bb9158dfa0b733b7982405b9a37b4baa1cc23ab1505 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://cdn.jamieoliver.com/library/build/1127/overall.concat.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT x-amz-request-id 6P2012S2RTH9M1EF x-amz-meta-storage-class REDUCED_REDUNDANCY age 3281 x-amz-id-2 mqzKDbtMV2ifHXhI7iwAxNBTRCZPdQ9WBiFgZ6UtiJ8toGRZ7TNsPAWj7980lz1s8Lz/UqNGjTk= last-modified Wed, 27 Jun 2018 13:44:30 GMT server cloudflare etag W/"48f2265c461bd66b15374e20b5186ff7" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=16070400 cf-ray 893c8bb2c86318ed-FRA expires Tue, 17 Dec 2024 18:57:22 GMT
GET H2	200	pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	7 KB 8 KB	146ms 43ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Cabin:wght@400;500;600&family=Oswald:wght@400;600&family=Poppins:wght@900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://pga.hetadonc.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 23:22:49 GMT x-content-type-options nosniff age 156873 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7632 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:00:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 12 Jun 2025 23:22:49 GMT
GET H2	200	u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 fonts.gstatic.com/s/cabin/v27/	27 KB 28 KB	151ms 48ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Cabin:wght@400;500;600&family=Oswald:wght@400;600&family=Poppins:wght@900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://pga.hetadonc.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:59:11 GMT x-content-type-options nosniff age 129491 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28076 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:14:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 06:59:11 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 fonts.gstatic.com/s/oswald/v53/	21 KB 21 KB	194ms 92ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Cabin:wght@400;500;600&family=Oswald:wght@400;600&family=Poppins:wght@900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://pga.hetadonc.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 23:53:45 GMT x-content-type-options nosniff age 68617 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21444 x-xss-protection 0 last-modified Tue, 15 Aug 2023 18:38:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 13 Jun 2025 23:53:45 GMT
GET H2	200	152580630.jpg img.jamieoliver.com/jamieoliver/recipe-database/	29 KB 29 KB	121ms 119ms	Image image/webp	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.jamieoliver.com/jamieoliver/recipe-database/152580630.jpg?tr=w-318 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ca221bbfa936732045b456c6483a99261e2bca7bd2afe6333dd4d9d1872b4ea Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT via 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P4 age 11630 x-cache Hit from cloudfront content-length 29254 x-request-id e7b688df-ac2c-466b-93c8-861c52d5fe36 server cloudflare etag W/"7246-Ld7ngYJ1bX47jDC6d0rh5epLRx4" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-server ImageKit.io accept-ranges bytes cf-ray 893c8bb2e88e18ed-FRA timing-allow-origin * link <https://cdn.jamieoliver.com/recipe-database/152580630.jpg>; rel="canonical" x-amz-cf-id 4xZBHaZdF0Qb1eKjCbCfhQgjepo_pxUBTZ7TgFj8ln_0pJDu9TisoQ== access-control-allow-headers * expires Sat, 14 Jun 2025 18:57:22 GMT
GET H2	200	152315752.jpg img.jamieoliver.com/jamieoliver/recipe-database/	30 KB 30 KB	89ms 87ms	Image image/webp	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.jamieoliver.com/jamieoliver/recipe-database/152315752.jpg?tr=w-318 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c188465225069af267ca8985f0f8165db0455b3e5319c2c2f03e4eb7b591bc0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT via 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P4 age 642725 x-cache Hit from cloudfront content-length 30214 x-request-id 0d0315cd-f17d-4539-8adc-f53977a43381 server cloudflare etag W/"7606-ple21tDYZPAz2RhjIain68aeQOY" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-server ImageKit.io accept-ranges bytes cf-ray 893c8bb2f89118ed-FRA timing-allow-origin * link <https://cdn.jamieoliver.com/recipe-database/152315752.jpg>; rel="canonical" x-amz-cf-id EvY5wTMlNtscM_Jt5obUDpRQInxUAQvVO8M6KlxwH65skfkVoZR6gQ== access-control-allow-headers * expires Sat, 14 Jun 2025 18:57:22 GMT
GET H2	200	152315753.jpg img.jamieoliver.com/jamieoliver/recipe-database/	36 KB 36 KB	122ms 120ms	Image image/webp	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.jamieoliver.com/jamieoliver/recipe-database/152315753.jpg?tr=w-318 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 321a9c6f6a3c3f39bc213ba44b4d84633381c5e38b34bde7013a24d0cd56be10 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT via 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P4 age 51115 x-cache Hit from cloudfront content-length 36606 x-request-id b0af78d0-3a48-49fc-8842-5cb6d59fe798 server cloudflare etag W/"8efe-2wbGiZVxB4y5RENdP7i5pFPhnFE" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-server ImageKit.io accept-ranges bytes cf-ray 893c8bb2f89418ed-FRA timing-allow-origin * link <https://cdn.jamieoliver.com/recipe-database/152315753.jpg>; rel="canonical" x-amz-cf-id _8gfTgG9sJsGsdVZkQI2Yn_lvEsD8xYq3bD-JK-eTNLbXdApd4T2bw== access-control-allow-headers * expires Sat, 14 Jun 2025 18:57:22 GMT
GET H3	200	datalayer Show response pga.hetadonc.com/blaize/	279 KB 280 KB	361ms 361ms	XHR text/html	104.21.11.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pga.hetadonc.com/blaize/datalayer Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.173 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43e11a0d6ba676d4ee404a9494cf62d18346e194b1e32db9174c4112e8157a2e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Fri, 14 Jun 2024 18:57:22 GMT x-zephr-cache miss date Fri, 14 Jun 2024 18:57:22 GMT via 1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront) x-cache-keep 3600.000 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-backend default age 1630 x-amz-cf-pop AMS1-P2 x-cache Miss from cloudfront x-chef 2020 alt-svc h3=":443"; ma=86400 x-cache-age 1630.535 referrer-policy last-modified Fri, 14 Jun 2024 18:30:12 GMT server cloudflare x-cache-ttl-remaining 1969.465 vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uof%2B2TPmRWc1kq6yI1%2FlCYv2Z4sKx6MngUc7NS63qoOv5m7g%2F6Ym2hwTDK%2BUZ3F8TbZNHVzT0qaHYk%2FLG8rd3KYlZHnsbAl7jMb0zyFnVR3ZiRsv6OhRVrCRPy5HNPrQeBgI"}],"group":"cf-nel","max_age":604800} cache-control no-cache, no-store, no-transform cf-ray 893c8bb3b8959f34-FRA link <https://www.jamieoliver.com/wp-json/>; rel="https://api.w.org/", <https://www.jamieoliver.com/wp-json/wp/v2/pages/688>; rel="alternate"; type="application/json", <https://www.jamieoliver.com/?p=688>; rel=shortlink x-amz-cf-id blMt5zw4_QPUDwqWdhr3utWWWYZRIuEq-rLewMs97HF--H956m8u9g== x-country-code x-cache-hits 2
GET H2	400	v Show response apikeys.civiccomputing.com/c/	107 B 438 B	297ms 74ms	XHR application/json	2001:1b40:e200::1b:243 IOMART-AS
General Check archive.org Show headers Download Go to Full URL https://apikeys.civiccomputing.com/c/v?d=pga.hetadonc.com&p=CookieControl%20Multi-Site&v=9&k=ef54f8e260324358f22347f1a6abf1ebe80f3ff4&format=json Requested by Host: cdn.jamieoliver.com URL: https://cdn.jamieoliver.com/library/build/1127/cookie.concat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:1b40:e200::1b:243 , United Kingdom, ASN20860 (IOMART-AS, GB), Reverse DNS Software Apache / Resource Hash 302a2ba50620fc6d23a8395124daa850e451cfad9a148e2a4ba1819031d08c75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json, text/plain, */* Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-apikeys miss date Fri, 14 Jun 2024 18:57:22 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff server Apache vary X-Forwarded-Protocol access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-allow-headers origin, x-requested-with, content-type x-xss-protection 1
GET H2	200	Amazing_Dressed_Beets_310-1024x683.jpg img.jamieoliver.com/home/wp-content/uploads/2021/06/	22 KB 22 KB	63ms 62ms	Image image/webp	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.jamieoliver.com/home/wp-content/uploads/2021/06/Amazing_Dressed_Beets_310-1024x683.jpg?tr=w-485 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eda728aaf9f7d4ca907d495298f82ade47fc3722d58715919582c6d072fb0a7d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT via 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P4 age 246733 x-cache Hit from cloudfront content-length 22646 x-request-id 5d7afac6-d344-4bf8-afae-e1e33c7b9bc6 server cloudflare etag W/"5876-E4BVg6xrW+IH9Fgf51eClTdiKq4" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-server ImageKit.io accept-ranges bytes cf-ray 893c8bb3e9d818ed-FRA timing-allow-origin * link <https://cdn.jamieoliver.com/home/wp-content/uploads/2021/06/Amazing_Dressed_Beets_310-1024x683.jpg>; rel="canonical" x-amz-cf-id y2pScYyY9lPWj4ZwY4R_DIkpoNvXcvXhWaY1WePGL8thYjde0X9gQw== access-control-allow-headers * expires Sat, 14 Jun 2025 18:57:22 GMT
GET H2	200	Roasted-Tomato-Risotto-1024x683.jpg img.jamieoliver.com/home/wp-content/uploads/2024/05/	13 KB 14 KB	70ms 70ms	Image image/webp	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.jamieoliver.com/home/wp-content/uploads/2024/05/Roasted-Tomato-Risotto-1024x683.jpg?tr=w-485 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5f461b1a1146a34ce02173ac7a6a3740625cee94f2f2a6e38b5005d167d523c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT via 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P4 age 262905 x-cache Hit from cloudfront content-length 13596 x-request-id aedc75c2-7695-496d-9fc9-d7eadfc211be server cloudflare etag W/"351c-mXw5T4dEdf2gdhhDhCjECfjpAns" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-server ImageKit.io accept-ranges bytes cf-ray 893c8bb3e9dd18ed-FRA timing-allow-origin * link <https://cdn.jamieoliver.com/home/wp-content/uploads/2024/05/Roasted-Tomato-Risotto-1024x683.jpg>; rel="canonical" x-amz-cf-id fZC-mH0UeY053iIg5UbKGY9JzpB0OG8BuCars_vImE2O8zHXVAGp5g== access-control-allow-headers * expires Sat, 14 Jun 2025 18:57:22 GMT
GET H2	200	JO_Seasons_Spring-2556-1024x819.jpg img.jamieoliver.com/home/wp-content/uploads/2022/05/	43 KB 43 KB	67ms 66ms	Image image/webp	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.jamieoliver.com/home/wp-content/uploads/2022/05/JO_Seasons_Spring-2556-1024x819.jpg?tr=w-485 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb1c3c360402c49f44f900e483f0a702a3f6f771085d9662e532c052715b81d8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:22 GMT via 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P4 age 262905 x-cache Hit from cloudfront content-length 43908 x-request-id 5084934a-b4e2-4b49-a72e-15d2800cced2 server cloudflare etag W/"ab84-ZAUM6FQ8VGe14FKsZAgnPGv+9V4" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-server ImageKit.io accept-ranges bytes cf-ray 893c8bb3e9df18ed-FRA timing-allow-origin * link <https://cdn.jamieoliver.com/home/wp-content/uploads/2022/05/JO_Seasons_Spring-2556-1024x819.jpg>; rel="canonical" x-amz-cf-id P7xQ3jVmJKLkY2qmmOTwSdSUpycydoSpXgb1k_puZhJkM0dG7U-Y4w== access-control-allow-headers * expires Sat, 14 Jun 2025 18:57:22 GMT
GET H3	200	proxy.html cdn.whisk.com/sdk/ Frame 8AC7	0 0	214ms 80ms	Document text/html	172.67.38.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.whisk.com/sdk/proxy.html?v=5.12.0 Requested by Host: cdn.whisk.com URL: https://cdn.whisk.com/sdk/shopping-list-sp.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.38.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://pga.hetadonc.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * access-control-expose-headers Content-Type age 13265 alt-svc h3=":443"; ma=86400 cache-control public, max-age=14400, must-revalidate cf-apo-via origin,host cf-cache-status HIT cf-ray 893c8bb5ecd65b9e-FRA content-encoding br content-type text/html date Fri, 14 Jun 2024 18:57:22 GMT etag W/"dc9496d14d5758d0d8a20de87c02049a" expires Fri, 14 Jun 2024 18:55:48 GMT last-modified Fri, 31 May 2024 11:05:28 GMT server cloudflare vary Accept-Encoding
OPTIONS H3	200	track events.whisk.com/v1/ Frame	0 0	207ms 141ms	Preflight	172.67.38.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://events.whisk.com/v1/track Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.38.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options deny Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://pga.hetadonc.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods PATCH, HEAD, PUT, GET, POST, DELETE access-control-allow-origin * access-control-max-age 3600 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 893c8bb7efaa5b7a-FRA date Fri, 14 Jun 2024 18:57:23 GMT referrer-policy strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=31536000 vary Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options deny x-robots-tag noindex
POST H3	200	track events.whisk.com/v1/	0 0	80ms 80ms	Fetch	172.67.38.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://events.whisk.com/v1/track Requested by Host: cdn.whisk.com URL: https://cdn.whisk.com/sdk/shopping-list-sp.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.38.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options deny Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 14 Jun 2024 18:57:23 GMT strict-transport-security max-age=31536000 referrer-policy strict-origin-when-cross-origin cf-cache-status DYNAMIC server cloudflare x-frame-options deny access-control-allow-origin * x-robots-tag noindex cf-ray 893c8bb8d87c5b7a-FRA alt-svc h3=":443"; ma=86400
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	96 KB 30 KB	158ms 78ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: global.proper.io URL: https://global.proper.io/jamieoliver.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash 59d01a12d3e24e85076ed2dd3202c8b51dd68e367958d8a63caa1f938b7ee015 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:23 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30735 x-xss-protection 0 server cafe etag 742 / 19888 / m202406110101 / config-hash: 9163015021803399532 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 14 Jun 2024 18:57:23 GMT
GET H2	200	latest.js Show response global.proper.io/payloads/	622 KB 140 KB	48ms 47ms	Script text/javascript	108.138.7.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://global.proper.io/payloads/latest.js Requested by Host: global.proper.io URL: https://global.proper.io/jamieoliver.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-125.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f07f79dc1723fc734a546f7d7de02b389dc51d51e40a33dd5b5d26f6fad09d88 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 03:16:31 GMT content-encoding br via 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront) last-modified Mon, 22 Apr 2024 17:49:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P6 age 56453 x-amz-server-side-encryption AES256 etag W/"7f2a4177283a67444a200e43a6b6fed3" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id DsK3UNDNqMrML9NHJDRcTClJO1IjYJibIagXh2308iKHNtciT6KzDA==
GET H2	200	px.gif abcheck.proper.io/	842 B 1 KB	135ms 42ms	Image image/gif	13.225.78.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://abcheck.proper.io/px.gif?ch=1&rn=6.411255148710062 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-110.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 10:13:18 GMT via 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront) last-modified Thu, 06 Jan 2022 18:51:44 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 31445 etag "04b36c8411ae7bf7a8c369fa94b30e56" vary Accept-Encoding x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 842 x-amz-cf-id hja-gOXradjb-iKkn_L-f4voQvIMUFLBfkqy0pT-BaPLY7Jd6H1pMg==
GET H2	200	px.gif abcheck.proper.io/	842 B 1 KB	133ms 41ms	Image image/gif	13.225.78.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://abcheck.proper.io/px.gif?ch=2&rn=6.411255148710062 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-110.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 10:13:18 GMT via 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront) last-modified Thu, 06 Jan 2022 18:51:44 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 31445 etag "04b36c8411ae7bf7a8c369fa94b30e56" vary Accept-Encoding x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 842 x-amz-cf-id a_MzsHfjVOOkpZXKrtObCOzn17wP83uWqGHLCO7jxdvB9mc5n4pz4Q==
GET H2	200	quant.js Show response secure.quantserve.com/	23 KB 9 KB	151ms 47ms	Script application/javascript	2620:116:800d:21:7eb1:3826:be7e:d981 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: global.proper.io URL: https://global.proper.io/payloads/latest.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT content-encoding gzip etag "bvEECQq4Zy6gU9J/qv1O6Q==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Fri, 21 Jun 2024 18:57:24 GMT
GET H2	200	vwpt.js Show response static.vidazoo.com/basev/	150 KB 44 KB	168ms 63ms	Script application/javascript	2606:4700:4400::ac40:9a4e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.vidazoo.com/basev/vwpt.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a4e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1361ca1de1ef5754bc042de72d8b3b8a1d2077d6211988f0da51ff3f85e5b8c8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id NHESS4BMCKNPDEYZ age 9483 x-amz-server-side-encryption AES256 content-length 44098 x-amz-id-2 XNLFc6X8C7z7q+B3fvsBLpsy8XTIjNZX7F1ezXIZGHvETt53ZkhKOxVdRisxCi0KxtIzWnw44nigUUYdvWd+tH5g9hXlSQfy last-modified Sun, 26 May 2024 08:16:31 GMT server cloudflare etag "a40eb8848a0d4030c013bec49a6018ef" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range cache-control public, max-age=86400 accept-ranges bytes cf-ray 893c8bbd2865927f-FRA access-control-allow-headers Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range expires Sat, 15 Jun 2024 18:57:24 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	308 KB 76 KB	133ms 45ms	Script application/javascript	108.138.6.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: global.proper.io URL: https://global.proper.io/payloads/latest.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.6.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-6-136.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:16:12 GMT content-encoding gzip via 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront) last-modified Tue, 11 Jun 2024 21:55:26 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P6 age 2473 x-amz-server-side-encryption AES256 etag W/"8f94a6a072a070cbb8299e59a43dbe3f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id a4CwJ1nZNdlpEvIcKZ61qtlM9UwiPJ5oBIeVPE0fINqUYbOAIvNAQQ==
GET		usersync usync.proper.io/v1/ Redirect Chain https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D56097eb0-6eca-405a-8175-0ebe2d32f4c8%26uid%3D&&callback=window.proper_22e3ff75_b8... https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=56097eb0-6eca-405a-8175-0ebe2d32f4c8&uid=	0 0
GET H/1.1	200 OK	https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D56097eb0-6eca-405a-8175-0ebe2d32f4c8%26uid%3D%24%7BBSW_UUID%7D Show response x.bidswitch.net/check_uuid/	43 B 235 B	139ms 42ms	Script image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D56097eb0-6eca-405a-8175-0ebe2d32f4c8%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_b5875753_e339839e_2 Requested by Host: global.proper.io URL: https://global.proper.io/payloads/latest.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 14 Jun 2024 18:57:24 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	204	merge Show response ce.lijit.com/	0 223 B	193ms 61ms	Script text/plain	63.33.158.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ce.lijit.com/merge?pid=263069&3pid=56097eb0-6eca-405a-8175-0ebe2d32f4c8&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_outstream%26proper_uid%3D56097eb0-6eca-405a-8175-0ebe2d32f4c8%26uid%3D%5BSOVRNID%5D&&callback=window.proper_fafe0973_d73ef79a_3 Requested by Host: global.proper.io URL: https://global.proper.io/payloads/latest.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.33.158.21 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-158-21.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Fri, 20 Mar 2009 00:00:00 GMT pragma no-cache date Fri, 14 Jun 2024 18:57:24 GMT x-merge GDPR Optout true cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 vary Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID"
POST H2	200	445.json Show response id5-sync.com/g/v2/	251 B 448 B	135ms 42ms	XHR application/json	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/445.json Requested by Host: global.proper.io URL: https://global.proper.io/payloads/latest.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash ca57524f8796300919b286021afe5028ce2dad0a142cd094bb4f44a7d5f2c56c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://pga.hetadonc.com date Fri, 14 Jun 2024 18:57:24 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin content-type application/json
GET H2	200	fed Show response ups.analytics.yahoo.com/ups/58491/	2 B 203 B	174ms 68ms	XHR application/json	3.75.62.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ups.analytics.yahoo.com/ups/58491/fed?v=1&1p=1&url=https%3A%2F%2Fpga.hetadonc.com%2F&puid=56097eb0-6eca-405a-8175-0ebe2d32f4c8&pixelId=58491&gdpr=0&_t=Fri%20Jun%2014%202024%2020:57:23%20GMT+0200%20(Mitteleurop%C3%A4ische%20Sommerzeit) Requested by Host: global.proper.io URL: https://global.proper.io/payloads/latest.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-62-37.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.121 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.121 age 0 vary Origin p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV access-control-allow-origin https://pga.hetadonc.com content-type application/json access-control-allow-credentials true
POST H/1.1	200 OK	bidding Show response bids.proper.io/api/	0 171 B	843ms 209ms	XHR application/octet-stream	44.233.178.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bids.proper.io/api/bidding Requested by Host: global.proper.io URL: https://global.proper.io/payloads/latest.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.233.178.111 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-233-178-111.us-west-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Fri, 14 Jun 2024 18:57:24 GMT Connection keep-alive Content-Length 0 Content-Type application/octet-stream
GET H2	200	main.js Show response player.propervideo.io/new_rtp/	187 KB 37 KB	147ms 51ms	Script application/javascript	52.222.236.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://player.propervideo.io/new_rtp/main.js Requested by Host: global.proper.io URL: https://global.proper.io/payloads/latest.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-105.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 8135f30dab435f0cd70ba0eca37641769bfd42b3cf5d7eb53c3b85f06efa60c2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:53:59 GMT content-encoding br via 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront) last-modified Thu, 02 May 2024 18:15:37 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 206 x-amz-server-side-encryption AES256 etag W/"6d1d533b5ec0f7d2f9b0f9ed09a119a0" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=300 x-amz-cf-id ZFz0pQhXr1chP3dzmAIRwcBMwTb_hNGaOytwMoWuJ3G7x23XxvF7fg==
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/	463 KB 144 KB	40ms 39ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash b2f25671517f19b9c477ca58527ed79a2f3902d04de4d0032c91caede08c885f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 16:46:01 GMT content-encoding br x-content-type-options nosniff age 7882 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147307 x-xss-protection 0 server cafe etag 17342946017096099043 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 14 Jun 2025 16:46:01 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	64 B 74 B	154ms 75ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pga.hetadonc.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash 067ce52f1a0f6df2f08792a92a2bdafbcc7fe501efa8a931fd28f46b0cdc0748 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50 x-xss-protection 0 expires Fri, 14 Jun 2024 18:57:24 GMT
GET H2	200	rules-p-mEzuYq24VEJ-3.js Show response rules.quantcount.com/	4 KB 2 KB	143ms 40ms	Script application/javascript	2600:9000:223c:9200:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:9200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:31:00 GMT content-encoding gzip via 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 1585 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Fri, 14 Oct 2022 00:52:56 GMT server AmazonS3 etag W/"bc35b7c476efec25f5c48ba8fb7b9906" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-id u44N0v9L2Vu9ohAAFez-0Ksk4TNCd7SwH_NxtnbfyNu7uheeyCQ0YQ==
GET H2	200	cmp.js Show response static.vidazoo.com/basev/cmp/1.0.1/	3 KB 2 KB	62ms 62ms	Script application/javascript	2606:4700:4400::ac40:9a4e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.vidazoo.com/basev/cmp/1.0.1/cmp.js Requested by Host: static.vidazoo.com URL: https://static.vidazoo.com/basev/vwpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a4e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2345e6cbff5c4272c633dafc3d96b17107fa2bb3643fa3efa5ce4718c52adead Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id PWTGPTPV6MQZVHDQ age 10222 x-amz-server-side-encryption AES256 content-length 1399 x-amz-id-2 1kp7GN08pDQgSHcnXq8JCXRPRWrDZkGzCK/wziyaaW+hqQoymzZYHGblLWKJL4K7pzWa7d8bQCEUKb3i4FJQGqWyWoyQEGCyYlmHreML/eY= last-modified Tue, 12 Mar 2024 16:34:24 GMT server cloudflare etag "537d031a09119574ca284f3fe36dd61b" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range cache-control public, max-age=86400 accept-ranges bytes cf-ray 893c8bbdd958927f-FRA access-control-allow-headers Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range expires Sat, 15 Jun 2024 18:57:24 GMT
GET H2	200	tcf.js Show response static.vidazoo.com/basev/tcf/1.0.3/	16 KB 5 KB	52ms 52ms	Script application/javascript	2606:4700:4400::ac40:9a4e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.vidazoo.com/basev/tcf/1.0.3/tcf.js Requested by Host: static.vidazoo.com URL: https://static.vidazoo.com/basev/vwpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9a4e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ced2b5e941867d92627d8f06c5ba98a4786f8fb5de8f4b89537112fc73bb8ed3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT content-encoding gzip cf-cache-status HIT x-amz-request-id YJFZ2GSFQJZZBVYE age 10001 x-amz-server-side-encryption AES256 content-length 5047 x-amz-id-2 9HZKuP6JgHEuTRXZeYcuwleckz82XlKdCrLDpYF3vfmczkdGKhLkNrectJBB7TsbPD5Fxg5jz7BgrYATUGIvgNAHnm8Fs8JQ last-modified Mon, 08 Jan 2024 10:40:28 GMT server cloudflare etag "c754706f000335ac7007603f04f43f2d" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, HEAD content-type application/javascript access-control-allow-origin * access-control-expose-headers Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range cache-control public, max-age=86400 accept-ranges bytes cf-ray 893c8bbdd95d927f-FRA access-control-allow-headers Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range expires Sat, 15 Jun 2024 18:57:24 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	504ms 424ms	XHR application/javascript	108.138.6.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.6.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-6-136.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:25 GMT x-amz-version-id r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE content-encoding gzip via 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Thu, 29 Feb 2024 02:13:08 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id XoeSvTJQvYF9uHh_oRCsMQI3KilWdP8_I0B8q9YMpFL-w5XQRj6vSA==
GET H2	200	cb3b5777-430d-4622-b7fc-358cfa27d518 Show response config.aps.amazon-adsystem.com/configs/	563 B 831 B	128ms 38ms	Script application/javascript	18.238.243.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/cb3b5777-430d-4622-b7fc-358cfa27d518 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.243.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-243-114.ams58.r.cloudfront.net Software CloudFront / Resource Hash b2b65d16115f25392a9e13656b3b3b06f02e596740521330428225333a56fa51 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:44:49 GMT via 1.1 bf57ce1929fb438631e46b2c83b05e2a.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS58-P1 age 755 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 563 x-amz-cf-id KP0i9JksffBMHcdUpKH2-X0cnTwQjbJ1KkjXIPq8xH3e5MjyneKBxA==
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	3 KB 4 KB	137ms 135ms	XHR application/json	108.138.6.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpga.hetadonc.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.6.136 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-6-136.fra56.r.cloudfront.net Software Server / Resource Hash 43798a86501ebb65d2252be137f257d92486a2c3b986246744c5482d97e14e30 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT via 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://pga.hetadonc.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 3249 x-amz-cf-id NYihY2S5wmLZxT4XOnfkUf-fwOSA5LHReNRwV5mA4jyBqvz0VqocOA==
GET H2	200	pubcid.min.js Show response secure.cdn.fastclick.net/js/pubcid/latest/	54 KB 17 KB	147ms 42ms	Script application/javascript	184.30.211.26 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-211-26.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT content-encoding gzip last-modified Mon, 23 Jan 2023 19:40:17 GMT server Apache etag "d734-5f2f3919e751f-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=900 accept-ranges bytes content-length 17407 expires Fri, 14 Jun 2024 19:12:24 GMT
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16576/	39 KB 12 KB	169ms 79ms	Script text/javascript	65.9.66.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16576/sync.min.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-122.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:50:08 GMT content-encoding gzip via 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront) last-modified Wed, 14 Feb 2024 17:39:34 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 437 x-amz-server-side-encryption AES256 etag W/"0f107a0e7753aa69cd07ded21852408c" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id zbayjDI4-kpUuXX9AHR-YX8E8h2A765ClcJtWW_PquFBmQIyvl9uyA==
GET H2	200	hadron.js Show response cdn.hadronid.net/	56 KB 12 KB	196ms 98ms	Script application/javascript	2606:4700:10::6816:34ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fpga.hetadonc.com%2F&ref=&_it=amazon&partner_id=615 Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 04 Jun 2024 15:30:02 GMT server cloudflare x-amz-request-id 4GNMNHQXA94JVW78 age 1751 etag W/"1e77f38a1df1490d4175e3c4878bd150" vary Accept-Encoding content-type application/javascript cache-control max-age=432000 cf-ray 893c8bbf7a754d59-FRA x-amz-id-2 FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
GET		30d863b2-37 aps.zqtk.net/	0 0
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	93 KB 28 KB	151ms 54ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: pga.hetadonc.com URL: https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26e14e8f2ccd855240a903708f250499c1696fb13a5f76d9e7851af290922b4f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status HIT last-modified Thu, 13 Jun 2024 12:35:05 GMT server cloudflare x-amz-request-id SJ0RR0Q6WQ9N6C69 age 1621 etag W/"37efcc7cc1c5ef52a27433bfc0e65e5e" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 893c8bbf7a9135f4-FRA x-amz-id-2 zluy9/oE1+Zhk4QnC5ugxHzRrd5JQPH3u5VM6lPSYIZh9SrWS3pMA/uNI5p7uVB8SDxbLZ/1X9umLXxXQ5PAng==
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 335 B	188ms 60ms	XHR application/json	52.49.45.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.45.15 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-45-15.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash aa4e651c77d26cf9185f70af43de08b10e1636de4c3293fc82c001afd300fff2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 14 Jun 2024 18:57:24 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://pga.hetadonc.com cache-control no-cache x-server 10.45.29.228 access-control-allow-credentials true content-length 60 expires 0
GET H2	200	hadron.json Show response id.hadron.ad.gt/v1/	97 B 261 B	155ms 154ms	XHR application/json	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=615&sync=0&domain=pga.hetadonc.com&url=https://pga.hetadonc.com/ Requested by Host: cdn.hadronid.net URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fpga.hetadonc.com%2F&ref=&_it=amazon&partner_id=615 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8eb8e902861e35b0e2e92a036c8398a457c519316306fd50050d1cb3ad47b5cf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 14 Jun 2024 18:57:24 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin * cache-control private,max-age=30 access-control-allow-credentials true debug NON-OPTIONS access-control-allow-headers authorization cf-ray 893c8bc1deb63835-FRA
OPTIONS H2	200	hadron.json id.hadron.ad.gt/v1/ Frame	0 0	275ms 171ms	Preflight application/json	2606:4700:10::6816:545 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=615&sync=0&domain=pga.hetadonc.com&url=https://pga.hetadonc.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://pga.hetadonc.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-origin * allow POST, OPTIONS, GET cache-control max-age=31536000 public, no-transform cf-cache-status DYNAMIC cf-ray 893c8bc0cd423835-FRA content-length 0 content-type application/json date Fri, 14 Jun 2024 18:57:24 GMT debug OPTIONS block expires Sat, 14 Jun 2025 18:57:24 GMT server cloudflare
GET H2	200	favicon.ico cdn.jamieoliver.com/library/images/	1 KB 733 B	81ms 81ms	Other image/x-icon	2606:4700::6812:4de CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jamieoliver.com/library/images/favicon.ico?v=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:4de , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50b7f0ff60c4c7d4f4a4e2bd296ea5827976b7bb1fd97604abd0f80730311cc9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:24 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT x-amz-meta-crossftp-original-file-date-iso8601 2015-08-05T10:56:13.000Z x-amz-request-id F86RQDZ07AVGHS63 x-amz-meta-storage-class REDUCED_REDUNDANCY age 7961 x-amz-storage-class REDUCED_REDUNDANCY x-amz-id-2 f10/Lbd+oBMjgeEKDkIWHWTgTviq0Q7Dy+7KDkXFCDQ0ZVd2pq7Q3OOvpI3hx5OQ2G1R14rkIPQ= last-modified Thu, 05 Nov 2015 17:02:14 GMT server cloudflare etag W/"36f821aa9a194311d805c887a518d761" vary Accept-Encoding content-type image/x-icon cache-control public, max-age=16070400 cf-ray 893c8bc18ee818ed-FRA expires Tue, 17 Dec 2024 18:57:24 GMT
GET H2	200	615 Show response a.ad.gt/api/v1/u/matches/	13 KB 4 KB	160ms 57ms	Script application/javascript	2606:4700:10::ac43:17ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.ad.gt/api/v1/u/matches/615?_it=amazon Requested by Host: cdn.hadronid.net URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fpga.hetadonc.com%2F&ref=&_it=amazon&partner_id=615 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccb94eaf6793b26aaf4303e01b1847f27bb1cb2c8362b593165f7dd85b6a2f14 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pga.hetadonc.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 14 Jun 2024 18:57:25 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 14 Jun 2024 18:52:07 GMT server cloudflare age 232 vary Accept-Encoding content-type application/javascript cache-control max-age=14400 cross-origin-resource-policy cross-origin cf-ray 893c8bc37bcd9238-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

usync.proper.io

URL

https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=56097eb0-6eca-405a-8175-0ebe2d32f4c8&uid=

Domain

aps.zqtk.net

URL

https://aps.zqtk.net/30d863b2-37?url=https%3A%2F%2Fpga.hetadonc.com%2F