ombra.net Open in urlscan Pro
3.229.206.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ombra.net/
Effective URL:
https://ombra.net/
Submission: On July 25 via api (July 25th 2021, 12:55:39 am UTC) from KR

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 105 HTTP transactions. The main IP is 3.229.206.229, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ombra.net.
TLS certificate: Issued by R3 on July 13th 2021. Valid for: 3 months.

This is the only time ombra.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	3.229.206.229 3.229.206.229	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	148.66.138.190 148.66.138.190	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
16	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
105	21

42 3.229.206.229 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-206-229.compute-1.amazonaws.com

ombra.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
venicexplorer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.66.138.190 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

www.veneziadoc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.8 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	venicexplorer.net venicexplorer.net	1 MB
32	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	259 KB
7	ampproject.org cdn.ampproject.org	124 KB
6	doubleclick.net googleads.g.doubleclick.net	48 KB
4	ombra.net 1 redirects ombra.net	56 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	53 KB
3	google.com adservice.google.com www.google.com	1 KB
2	exactag.com m.exactag.com	2 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.de adservice.google.de	330 B
2	google-analytics.com www.google-analytics.com ssl.google-analytics.com	7 KB
2	veneziadoc.net www.veneziadoc.net	58 KB
1	googleapis.com fonts.googleapis.com	674 B
1	googleadservices.com partner.googleadservices.com	257 B
105	14

	Domain	Requested by
38	venicexplorer.net	ombra.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	ombra.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ombra.net	1 redirects ombra.net
2	fonts.gstatic.com	fonts.googleapis.com
2	m.exactag.com	googleads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.veneziadoc.net	ombra.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ssl.google-analytics.com	ombra.net
1	www.google-analytics.com	ombra.net
105	18

This site contains no links.

Subject Issuer	Validity	Valid
hotels-in-venice.info R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
veneziadoc.tibowindia.com veneziadoc.tibowindia.com	`2021-02-25` - `2022-02-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://ombra.net/
Frame ID: 360BBF528E14C31A8290167B984115C5
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627174523&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522951&bpp=12&bdt=47&idt=73&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=8372310512744&frm=20&pv=2&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4K19GYWtAj&p=https%3A//ombra.net&dtd=91
Frame ID: EF5CB8CBC23943B62DB85FD799E79B7A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627174523&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522974&bpp=3&bdt=69&idt=74&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YVLxAtPdzn&p=https%3A//ombra.net&dtd=78
Frame ID: 064D1A81C2D9021F24CA66B7DAB36A52
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Frame ID: 2186C9F409877767D61E20DC36463459
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: 7E79D6B566C39EE16B0C5359BC90EA70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&adk=1812271804&adf=3025194257&lmt=1627174524&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fombra.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174524216&bpp=3&bdt=1311&idt=3&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600_as%2C300x250_as&nras=1&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9uVXnPRFSHh13kVEBD2yS7GMK1lnccAd8ReY4g-kwDK4Jkj9BQUDL1g4YbU6UWtfGNoMwpBzVgMQ%2CAGkb-H9v31wWTDQHzUoDvFnTYsoHJB9BykkxzN4HoN7LOpUoRMQUCoWf7RhjlGQ-9dYxamhzOJ8RE4VRePI&pvsid=1549758315347801&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=25
Frame ID: 4580121DA3B40A90033D5E3E90B4DA7E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1EE0157C5A0517D4775E3195A4D725CA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD73B743B99AA3E56608C278B6D8DAC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ombra.net/ HTTP 301
https://ombra.net/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

105
Requests

97 %
HTTPS

80 %
IPv6

14
Domains

18
Subdomains

21
IPs

3
Countries

2112 kB
Transfer

3240 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ombra.net/ HTTP 301
https://ombra.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ombra.net/
Redirect Chain

http://ombra.net/
https://ombra.net/

52 KB
11 KB

541ms
340ms

Document
text/html

3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx / PHP/5.6.40

Resource Hash

d4e3e872b1197e084e16c33d2c5c200b9a7ffef15f2ec776ac6dca82197847b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ombra.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 25 Jul 2021 00:55:22 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 10706
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Server: nginx
Date: Sun, 25 Jul 2021 00:55:22 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ombra.net/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK veniceXplorer-advertisement-FINAL.gif
venicexplorer.net/graphics/ 1 MB
1 MB 856ms
204ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/veniceXplorer-advertisement-FINAL.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2b486ba3ae86981e895ed4efff98bf514e777855908935d60e093add70e92831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Sun, 09 May 2021 23:51:12 GMT
Server: nginx
ETag: W/"149e39-5c1ee55ff7555"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK close.png
venicexplorer.net/graphics/ 18 KB
18 KB 844ms
107ms Image
image/png 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/close.png

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

200004da5f23d68b91afa306a8cb75d0acfb96843f4f85887e9c8ab8aa914790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 May 2021 11:49:11 GMT
Server: nginx
ETag: W/"463f-5c20c7b84e570"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ombra110.gif
venicexplorer.net/graphics/ 2 KB
3 KB 837ms
100ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/ombra110.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6aed91bc3fe363917c20172ada28b8b82661425448cd470b2fbeaade298ba050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"8e0-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fante_da_mar.gif
venicexplorer.net/graphics/ 3 KB
3 KB 843ms
100ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/fante_da_mar.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

450548c294cc983ee4e3e977990c49ef77a394f7e79fbb6b649018391c3fb19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"b34-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 97 KB
35 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb5d0db4a0e486d673deb8cdb8db8f27e3060f969f7cdd204e0923b0a71c5705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35374
x-xss-protection: 0
server: cafe
etag: 10446470180555236043
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 00:55:22 GMT

GET
H/1.1 200
OK expflagblk.gif
venicexplorer.net/graphics/ 5 KB
6 KB 847ms
102ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/expflagblk.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f85c28d88553d51870430707e647442e46b1ce4c7f11e99a112d372b02d77a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"1544-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Venezia-flash-ico.gif
venicexplorer.net/graphics/icons/ 2 KB
2 KB 931ms
101ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/icons/Venezia-flash-ico.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a3ecb97544ccb44fb7452d864111dfd68e7cef43199a2fa5b98b7908258817b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"7b4-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_it.gif
venicexplorer.net/graphics/flags/ 90 B
468 B 373ms
100ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_it.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b690b3d35ce8f81432a157676ae131de0303ce175a651132b0968045a679b4e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"5a-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_gb.gif
venicexplorer.net/graphics/flags/ 114 B
492 B 372ms
99ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_gb.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a06180fb9a5e601584734aa3a1271706147a37cb8697ec2ed8291ea40b5ebe5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"72-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_de.gif
venicexplorer.net/graphics/flags/ 76 B
454 B 278ms
101ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_de.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7be2638e7ce718a8c93bd3291a1bd4c9eafac76dfbdcf4b10af38de6f543643d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"4c-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_fr.gif
venicexplorer.net/graphics/flags/ 90 B
468 B 472ms
99ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_fr.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7e21b98fe8d870cd8e1bbdf4cd1d89ce166d741bc6206a15a238b2bc2f3e7b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"5a-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_hr.gif
venicexplorer.net/graphics/flags/ 103 B
481 B 473ms
100ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_hr.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9052292049e7e31831a874f945df5dc21db5c41d9a4a03b5c52a2237bcabcf25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"67-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_es.gif
venicexplorer.net/graphics/flags/ 96 B
474 B 277ms
99ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_es.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

033fff1b7f4a78b7768d440a6f70199693b0aed118973daac3b9f930b823508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"60-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_cn.gif
venicexplorer.net/graphics/flags/ 64 B
442 B 376ms
99ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_cn.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c076be7ea667da6b951e92af3a78137a5ae5c7de8d55d8a503a14fb239d741f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"40-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_hk.gif
venicexplorer.net/graphics/flags/ 906 B
825 B 367ms
99ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_hk.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3cf1497c74bbd8bdfc2a6075ed9f98fc1c64de227049bac40d63a3bd0d558f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"38a-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_jp.gif
venicexplorer.net/graphics/flags/ 79 B
457 B 382ms
99ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_jp.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bbd74a98ed1c879bfb6ec3f278e8d665f90e938aa8224a0cca484632a9d27c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"4f-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_bn.gif
venicexplorer.net/graphics/flags/ 907 B
977 B 283ms
101ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_bn.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e975ebeee1b07b9ada5f9a893f6245bfbda7248c1fdea28b44a5b0a7a3f27ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"38b-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_ve.gif
venicexplorer.net/graphics/flags/ 174 B
552 B 377ms
99ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_ve.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8fcb22108c77c1701ecd0388362c592a7e352eb35f75917fcc69ff3dc926136a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"ae-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1379864387_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
3 KB 471ms
101ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1379864387_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3edb2816c31ea361376b22c49fd66c3f66b17b9bb7c63e59e9a0d032c327aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"b42-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1330868212_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
3 KB 474ms
100ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1330868212_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6d94482014c8932e79da1cf46c2522a8d124a52ad5fe551cea46ec273e9b6386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"a0f-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1320235726_T.jpg
venicexplorer.net/observer/upload_images/ 2 KB
2 KB 469ms
100ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1320235726_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

65486f0d6a4d58d5839bfbdd95a7b482df055c71b18fe0f828f523649c622a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"6b0-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK TiBowVX-en.gif
ombra.net/graphics/banners/ 43 KB
43 KB 125ms
122ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ombra.net/graphics/banners/TiBowVX-en.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

00a83a129d4f23b516c29164ce306e44456e5356edb73ee895504341f7928a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ombra.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://ombra.net/
Connection: keep-alive
Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:22 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"abd2-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
venicexplorer.net/artit/wall/foto/serverdir// 0
0 542ms
100ms Image
text/html 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venicexplorer.net/artit/wall/foto/serverdir//
Requested by: Host: ombra.net
URL: https://ombra.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-206-229.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 1591899093_T.jpg
venicexplorer.net/observer/upload_images/ 2 KB
3 KB 648ms
99ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1591899093_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9da55217f32bf8ad4cd86962e78b270fa2cb5e02a2a2d9d78fff6d70855ae02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Jun 2020 18:11:33 GMT
Server: nginx
ETag: W/"937-5a7d2e3f4df40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK archimede_seguso_125en.gif
venicexplorer.net/graphics/banners/ 9 KB
10 KB 539ms
103ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/banners/archimede_seguso_125en.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

285be81bd3483f6abb1daaa8490e47b36f6b4c9e46f20a7c5bf673d428e0223a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"25e1-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1310612396_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 639ms
100ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1310612396_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

10ed43de33a1f55a4030d8153902a8c8fd634c24c169eb47698a66df978f3764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"da0-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1310004415_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 550ms
101ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1310004415_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22d5f818cf25ef0e8668e6fe36f46d8a625151a6d8fae2ca2645b4ec7c24856c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d70-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1309334881_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 542ms
100ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1309334881_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b125d9907777481a0c209af91a87bad75fb81a672c5712429f261bc9a0ce3a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d8b-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1308720401_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 642ms
99ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1308720401_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22d5f818cf25ef0e8668e6fe36f46d8a625151a6d8fae2ca2645b4ec7c24856c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d70-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1308008835_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 651ms
100ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1308008835_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b125d9907777481a0c209af91a87bad75fb81a672c5712429f261bc9a0ce3a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d8b-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1307274145_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 553ms
102ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1307274145_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22d5f818cf25ef0e8668e6fe36f46d8a625151a6d8fae2ca2645b4ec7c24856c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d70-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1306454584_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 549ms
100ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1306454584_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b125d9907777481a0c209af91a87bad75fb81a672c5712429f261bc9a0ce3a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d8b-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1306043709_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
3 KB 102ms
102ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1306043709_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

54abed1de14de52fcb5435fc5eabd200ecaf46972708fc45d237bfb84e584dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:59 GMT
Server: nginx
ETag: W/"ab9-557f8175c8ac0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 VeneziaLog-logo.jpg
www.veneziadoc.net/Graphic/ 32 KB
32 KB 563ms
176ms Image
image/jpeg 148.66.138.190
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.veneziadoc.net/Graphic/VeneziaLog-logo.jpg
Requested by: Host: ombra.net
URL: https://ombra.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.190 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 5278fdb353821284a1d10295cd3c0682a5e81bb4df2ce4401ad909d1d48d6f20

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:23 GMT
last-modified: Thu, 25 Feb 2021 04:02:53 GMT
server: Apache
accept-ranges: bytes
etag: "73c04f4-7e41-5bc2139d75009"
content-length: 32321
content-type: image/jpeg

GET
H2 200 maree-cop-en.jpg
www.veneziadoc.net/ourvenice/graphics/ 26 KB
26 KB 562ms
176ms Image
image/jpeg 148.66.138.190
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.veneziadoc.net/ourvenice/graphics/maree-cop-en.jpg
Requested by: Host: ombra.net
URL: https://ombra.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.190 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: fec2ffc602ee5bf9e5132ff977234588ea02e81c59e093fa402f5a1c8f6503f7

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:23 GMT
last-modified: Thu, 25 Feb 2021 15:02:22 GMT
server: Apache
accept-ranges: bytes
etag: "73c08c9-687e-5bc2a70514ad4"
content-length: 26750
content-type: image/jpeg

GET
H/1.1 200
OK storia-morale-venezia.jpg
venicexplorer.net/graphics/ 25 KB
15 KB 106ms
106ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/storia-morale-venezia.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b13b4cc6eacbad93926be7237270303663b91019ac94fee671a2b126456b26f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"6406-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK opuscolo-cop.jpg
venicexplorer.net/graphics/ 24 KB
11 KB 104ms
104ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/opuscolo-cop.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

47c740101bfcb918940f8d05f62af523c17cc0527d9f32f5706fe51ebdd5eb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"5e4c-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK orologio-mori.jpg
venicexplorer.net/graphics/ 23 KB
13 KB 107ms
107ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/orologio-mori.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a62acc5a85b46fd23fe8e24c8c480d16d79aaead5b1b9ba61a8567fcb0e4bfb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"5aff-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK venezia_accademia_tr.gif
ombra.net/graphics/ 1 KB
2 KB 293ms
99ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ombra.net/graphics/venezia_accademia_tr.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

413c89cd884b9bf86a36527958103a75ad4d722a547e1246fa6ebc1c71c4fb0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ombra.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://ombra.net/
Connection: keep-alive
Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"4fe-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 urchin.js Show response
www.google-analytics.com/ 22 KB
7 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 01:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 84483
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Sat, 07 Aug 2021 01:27:19 GMT

GET
H/1.1 200
OK navmap3.gif
venicexplorer.net/graphics/ 198 B
576 B 307ms
102ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/navmap3.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

de6889accf5d1391c235c1694525bbfe0aa6988dd757626a651fff72973f7157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"c6-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK navmap-3-v.gif
venicexplorer.net/graphics/ 238 B
616 B 303ms
98ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/navmap-3-v.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9c9910cfd17799bb16300d4064b50f4dfeee96b79f974c4c3a16efa3917c039e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"ee-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 250 KB
93 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-1040989709317155&plah=ombra.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95151
x-xss-protection: 0
server: cafe
etag: 4826816153601596757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 00:55:22 GMT

GET
H/1.1 200
OK ntwrk_blnk_night.gif
venicexplorer.net/graphics/ 301 B
681 B 273ms
100ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/ntwrk_blnk_night.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

db5db21f3084c268ddab39adf4a24db548c1b7b20e3b72c122bbe0f6d305cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"12d-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK venezia_blu_tr.gif
venicexplorer.net/graphics/ 2 KB
2 KB 467ms
100ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/venezia_blu_tr.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e8d0c61081c2830f503fdd39a557b8a4cbbad6459d6ef3672f2851c8e2f95dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 00:55:23 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"87f-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
130 B 5ms
5ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=802878632&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Venice&utmhn=ombra.net&utmhid=1046116180&utmr=-&utmp=/&utmac=UA-607925-3&utmcc=__utma%3D17388839.802878632.1627174523.1627174523.1627174523.1%3B%2B__utmz%3D17388839.1627174523.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jul 2021 02:52:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79356
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
257 B 37ms
36ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ombra.net&callback=_gfp_s_&client=pub-1040989709317155

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-1040989709317155&plah=ombra.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8da9a1c5b29248c0c5e435013036a55732190ce221bc4fe95a66b8c4540b1a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ombra.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ombra.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 00:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF5C 71 KB
24 KB 389ms
388ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627174523&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522951&bpp=12&bdt=47&idt=73&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=8372310512744&frm=20&pv=2&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4K19GYWtAj&p=https%3A//ombra.net&dtd=91

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0911a946e862e2e0e593ee5b64c6be3f398bc7a313713ab745b71bcfe9b7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627174523&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522951&bpp=12&bdt=47&idt=73&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=8372310512744&frm=20&pv=2&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4K19GYWtAj&p=https%3A//ombra.net&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 25 Jul 2021 00:55:23 GMT
server: cafe
content-length: 23901
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 01:10:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 00:55:23 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039897272555"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Sun, 25 Jul 2021 00:55:23 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 064D 167 KB
19 KB 523ms
522ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627174523&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522974&bpp=3&bdt=69&idt=74&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YVLxAtPdzn&p=https%3A//ombra.net&dtd=78

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f020fa27f4ccd1e78f9fd60405b54c0ba162c7c61ce7ebb6c61a9c7a4c4eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627174523&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522974&bpp=3&bdt=69&idt=74&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YVLxAtPdzn&p=https%3A//ombra.net&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 25 Jul 2021 00:55:23 GMT
server: cafe
content-length: 19275
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 01:10:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 00:55:23 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame EF5C 3 KB
674 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627174523&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522951&bpp=12&bdt=47&idt=73&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=8372310512744&frm=20&pv=2&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4K19GYWtAj&p=https%3A//ombra.net&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 23:50:18 GMT
server: ESF
date: Sun, 25 Jul 2021 00:55:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Jul 2021 00:55:23 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EF5C 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 23:02:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Aug 2021 23:02:37 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame EF5C 18 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 00:15:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EF5C 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 00:52:11 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF5C 124 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Sun, 25 Jul 2021 00:55:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EF5C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Aug 2021 00:41:13 GMT

GET
H2 200 4661e2b537cafc373934756b83790a75.js Show response
www.gstatic.com/mysidia/ Frame EF5C 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10780
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 05:53:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 00:18:49 GMT

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame EF5C 43 B
1 KB 144ms
42ms Fetch
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=13755100517&extCr=128236843190-531347729401&cb=1821621443

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 25 Jul 2021 12:55:23 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 25 Jul 2021 00:55:22 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame EF5C 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGhWDe7b8YPj_A47O3gOG8IKQC4z9jeNjqZ-O_-MNrgIQASD7v7MnYJUCoAG73KjfA8gBCakCNeHEoSzAsz6oAwHIA8sEqgSpAU_Qksp1dM1nlYwmq55xSoxu5HWHkDaU9yW0DsWAwb2_kj_CqIezIekoSUDlwV4w4o9tKJJqRhlBS8z1cWjrufcnedWDBuoZMlHHedhTuxViy6fhoo9zqAg-aJANUIKrziYl1qDwJeF4Ol3fjB4k1aBuUPqBVSJreffzaKgmlTm3zchPdGfidpWcg1UvyALDVSLJhW2s5aMJL9KPk_uc1atZxhOIhByn1wrABLbhi9zdA5IFBAgEGAGSBQQIBRgEoAYugAeto9cgqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEL6IP9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFAHQFQGYFgGAFwGyFxoKGAgAEhRwdWItMTA0MDk4OTcwOTMxNzE1NQ&sigh=Re9ZReyzgDw&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627174523&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522951&bpp=12&bdt=47&idt=73&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=8372310512744&frm=20&pv=2&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4K19GYWtAj&p=https%3A//ombra.net&dtd=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Jul 2021 00:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Jul 2021 00:55:23 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3541180610960352276/ Frame EF5C 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3541180610960352276/downsize_200k_v1?w=195&h=102

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c01b4e8c634cce12fa40dd2d2dd7eabcfd846c0e9b15aab35f9705f1b9fc2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:21:36 GMT
x-content-type-options: nosniff
age: 430427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2951
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 09:38:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:21:36 GMT

GET
DATA 200
OK truncated
/ Frame EF5C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c621d2b55c16da9ae860a2a03aeaeb42bdddae0e3b52516be1fcd7319370957

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EF5C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d183cd87bb0c1365dc82629abe5f9bf3464c01e2245b359e395dca6d7c5a8490

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame EF5C 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 426785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 02:22:18 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame EF5C 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 385741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:46:22 GMT

GET
H3-29 200 rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2186 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 20:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13334
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 20:14:37 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame 064D 188 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627174523&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522974&bpp=3&bdt=69&idt=74&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YVLxAtPdzn&p=https%3A//ombra.net&dtd=78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 064D 13 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 064D 87 KB
27 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 064D 71 KB
16 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 459984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16734
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b05480813bd9b7e9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 064D 4 KB
2 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 064D 40 KB
13 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 064D 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 77765
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 25 Jul 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 064D 295 B
325 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 42462
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 25 Jul 2021 13:07:41 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 064D 43 B
1 KB 138ms
40ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586220&cb=4006791350

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 25 Jul 2021 12:55:23 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 25 Jul 2021 00:55:23 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 064D 0
17 B 48ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-Xjge7b8YNnzA4-CjuwPsYWb-Aj8kaHIY56zqcbsDcmL5pbOARABIPu_sydglQKgAYuuwOQDyAEJqQI14cShLMCzPqgDAcgDCKoEsgFP0HUWGWaH-8XxtHl1aPrekE-e8Ji7hJwBXQrEGpkk6MDPEEqKHAx0SALIil0067ktpJU9VTPkVbKlQAvqXj10z7EdrUvu84cRMyv8QiQYOuRANGjVQ5yQLqfx7RLnGC7d6NExlSNtXZzle5YGJoymMOHRx5Yi_amqmau9vs_-ehVqYOA1XDrMq8KZiSEB7R25y9FhUgL2WIQ94YrLhGDvNfqDq6OOyioJ2mXEx4bzYvRZwASMz8jTrAOSBQQIBBgBkgUECAUYBKAGLoAH3dG_G6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCBsCjSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItMTA0MDk4OTcwOTMxNzE1NQ&sigh=YXXfOdo80Jg&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627174523&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522974&bpp=3&bdt=69&idt=74&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YVLxAtPdzn&p=https%3A//ombra.net&dtd=78
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Jul 2021 00:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 064D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f23c0724e9ceff97c07b2abbf9f653817828caab5168054d141b0c68141b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 txt1.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt1.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b159722b91f7663d33ce1f0e95de72389955edfa5a12cfe6c94b6705468ae805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:01:53 GMT
x-content-type-options: nosniff
age: 442410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1896
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:01:53 GMT

GET
H3-29 200 txt2.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 1 KB
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93aea7e3c21a5bc34e432149592dfbe6a432f4039a8f93bdb6b43db00b8d40c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:11:19 GMT
x-content-type-options: nosniff
age: 420244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1434
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 04:11:19 GMT

GET
H3-29 200 puls.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 236 B
266 B 14ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/puls.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ca6dd97b62c2f6e9263710d88f9ccb54612bdccd98c08ead481a0347e9a4e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:37:21 GMT
x-content-type-options: nosniff
age: 429482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:37:21 GMT

GET
H3-29 200 txt3.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 1009 B
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e3eac1b2c0f5c2d934241ee44a85b4a1a1f3c7c85e05381e2c4b622fe5501d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 22:01:16 GMT
x-content-type-options: nosniff
age: 10447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Jul 2022 22:01:16 GMT

GET
H3-29 200 txt4.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 863 B
893 B 10ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt4.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5189658b1f2daae71ab3b070b6e0b54f412ed79e468c14a1d16c92824a3b2af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:52:46 GMT
x-content-type-options: nosniff
age: 410557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:52:46 GMT

GET
H3-29 200 txt5.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 1 KB
1 KB 16ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt5.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f50cd1f9a7d3ab95391225b3a8d36eca059105990afdada14ca150953df3f6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 17:50:57 GMT
x-content-type-options: nosniff
age: 457466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1373
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:50:57 GMT

GET
H3-29 200 preisButt.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 3 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/preisButt.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a1c951a818174eaaaf001a306bad640b788f504b3b55a86970c8c49220bdb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:20:33 GMT
x-content-type-options: nosniff
age: 441290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3292
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:20:33 GMT

GET
H3-29 200 ll.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 622 B
652 B 15ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ll.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f69adcb2ca28e3e811ad5b88d7b6d86a68d736c715bca3d4953f0566d1447321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:54:23 GMT
x-content-type-options: nosniff
age: 410460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 622
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:54:23 GMT

GET
H3-29 200 CTA.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 761 B
791 B 14ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/CTA.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8db9f853525deceda9c0749a25a9f2639355d88231b31d6e2b9cc22c206ff41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 07:52:41 GMT
x-content-type-options: nosniff
age: 406962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 761
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 07:52:41 GMT

GET
H3-29 200 DBx.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 064D 946 B
976 B 14ms
13ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/DBx.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7dcbf991e3140883fbb0cea57b778db313c0ee8f57205404257ac98e1aa1444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:49:43 GMT
x-content-type-options: nosniff
age: 417940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 946
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 04:49:43 GMT

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012107130206000/ 20 KB
7 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28495ace17fc14af0604185a61e934a94809763e771cbd3d9eb25e3aa46b560a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 459983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "231829aeddfa638c"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:09:00 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 064D 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 77765
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 25 Jul 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 064D 295 B
325 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 42462
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 25 Jul 2021 13:07:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66cdff38cb08f85a490fd345492e61d87b68d490d2dbf6f512e527effbb59d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49252
x-xss-protection: 0
server: cafe
etag: 16470596267318169622
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 00:55:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
26ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

024399d0ad310c1a823b05f9d10a4abd607cebe0c4ecfd259a87c78f6be04639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 00:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8541
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 25 Jul 2021 00:55:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame 7E79 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210720/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 24 Jul 2021 01:27:57 GMT
expires: Sat, 07 Aug 2021 01:27:57 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 84447
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fombra.net%2F&tn=DIV&id=overlay-div&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 00:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fombra.net%2F&tn=DIV&id=overlay-div&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 00:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ombra.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 00:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ombra.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 00:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4580 2 KB
428 B 58ms
58ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&adk=1812271804&adf=3025194257&lmt=1627174524&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fombra.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174524216&bpp=3&bdt=1311&idt=3&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600_as%2C300x250_as&nras=1&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9uVXnPRFSHh13kVEBD2yS7GMK1lnccAd8ReY4g-kwDK4Jkj9BQUDL1g4YbU6UWtfGNoMwpBzVgMQ%2CAGkb-H9v31wWTDQHzUoDvFnTYsoHJB9BykkxzN4HoN7LOpUoRMQUCoWf7RhjlGQ-9dYxamhzOJ8RE4VRePI&pvsid=1549758315347801&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=25

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00e34d050b72c99d6df84c846205c65a5b228d5982200a29c470c6a22a393d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1040989709317155&output=html&adk=1812271804&adf=3025194257&lmt=1627174524&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fombra.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174524216&bpp=3&bdt=1311&idt=3&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=120x600_as%2C300x250_as&nras=1&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H9uVXnPRFSHh13kVEBD2yS7GMK1lnccAd8ReY4g-kwDK4Jkj9BQUDL1g4YbU6UWtfGNoMwpBzVgMQ%2CAGkb-H9v31wWTDQHzUoDvFnTYsoHJB9BykkxzN4HoN7LOpUoRMQUCoWf7RhjlGQ-9dYxamhzOJ8RE4VRePI&pvsid=1549758315347801&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 25 Jul 2021 00:55:24 GMT
server: cafe
content-length: 405
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 01:10:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 00:55:24 GMT
cache-control: private

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1EE0 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 25 Jul 2021 00:12:52 GMT
expires: Mon, 25 Jul 2022 00:12:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DD73 783 B
761 B 16ms
15ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

967749c3fb8ef3163c1187130b032197607385b00e92da1ce7e1d13dc9435a31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iqgG1dIzaDX1MzFOlKRT7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

expires: Sun, 25 Jul 2021 00:55:24 GMT
date: Sun, 25 Jul 2021 00:55:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-iqgG1dIzaDX1MzFOlKRT7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EE0 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 20:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13334
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Jul 2022 20:14:37 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=1549758315347801&bg=!rq2lrenNAAbnC78O5ws7ACkAdvg8Wq3isJ5c0UBeFrOfd4fk8zDRrYLPJaRkols-mjN95TNkDC_mqgIAAACaUgAAAApoAQcKAI4ZvLXUsyWzmoJiAFyTChl0FreFDD0wMFj3sDUc9nX9QmfdOcHKqAheZzh4UwL446z1dNzhGUfrYwqno8FG-dH3zivuCADapLYJog_K6L3oq7N3Ktmf4y11IitXwwFsx0UaaaiolTTFUd8QeeiMeStBkGjWkcolyXJtE2bmK_DwtfZmeauMpJYBunOts-PLmQJtBVP6cz4l8gQH3Fs43C0MBxSu9S1vOjrBfALUI0QW_M5XeDROftUHH_df4iadCpAR653oM4X5cbZtoL7vqwAUsuNO6a3yrfOeUIamU-nJHQmZcXIr2Z7Stwi_di_CEgXJ6IPpLYGvS9qcYLJsh9pwjVqQyk_vUwCqYlhdXYgTPbxgXBCFm0nfKcfTR-FKnfc1nEelwqxOfOfkcQ5dcxt7Z5gdSj0AOomEkKQlGEauJFShUmr6Ep9RCj5GJldNPnvY5sD5ZOeSCVJ_t3VujgB5I5w1y5c25uJqg9V4HDjJ7-sk9N6lZMcpHt0r4xG2FTQV_M_ejK7iUPZy2ThFzF-TA03oh2s3pAktS_NKOs48LLcB-TOCOzI5Zjoy4sCc4VHlOfU0lwxtZ0FyWOFr7M3fRai147YDjysLYLncr9raSxMEwDRpDAPwzqG8VWPab6HwtAs3KGePrMlTc67QxTtiziw_cYfYKojDuD4YZ8y0vDFWRV1qBcFbm9tpH0I7jV7rEgh2giWzYQaGFeOsTxnJ3beJzyNtBGuUVFeb1WiTXpMSPQyBH8j35l5Sn5nRfr9Ms3uGunjDMwGFW3wmG90FDH5NXxCgeVjeBWZRykAvDu-GZ3yrZVhVpQW7sp88AfMrAYuTZ1WMj1xiqKVXeQWj5QyTk-rH2dO6GrEhc5l38ZqoDmXhEMoLSza2cRFg3q5drKs2UWLHPwuSeE6KKGcds-Ci5LsLTzdB93Dg7dI2Ohe-TG4oFiN4O09x7VEutCj8VqTPgog_OD4LwjYuEy6vDbiXI0xJEFwMi-vuZxyRrMElffwubUWhoG0ZsdIo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 00:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF5C 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKr9amyj4pLvmv-yOPZNjaVwgeGfSwqfpmzjX6n9IAGBS7Oml1VqmzsM5TK4ilGeHTz3SqxbriHbIdaEOQTC4OJB_Ize7PLQTnDsexye0AYHH3366XYMoKDYkT9g&sai=AMfl-YTFQlg24otGnEXagbyYxUR4n29yscH3T_sIS3wxzYu2W266l8u_JwbXO7hGn6CPi_gDfkpWsvb1otvP&sig=Cg0ArKJSzBWgBZ3DCycxEAE&id=lidar2&mcvt=1000&p=667,15,1267,135&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210723&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&app=0&itpl=22&adk=3382206806&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627174523044&dlt=391&rpt=42&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 00:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 064D 42 B
64 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssshQpKHEjShJRds2Wrt13jZWX_gjEmV0bi84pfYDREdHZRceXAAX-sCMIAnL8vikPnLPpSqV1n1nTGHUe_kmqg3cwzhLPZMt4pbgcuUdCR9GpY2QNppR-RPZfaMg&sai=AMfl-YQjLpv-aFMAYUEc8Jk3WgPHJ5Jo13aNlcizRbQATf7Y-zw_MrFrDkP2WlvkBdyLss9fPT_U9UAlFWe8&sig=Cg0ArKJSzDAI7HnRztorEAE&id=ampim&o=430,222&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=108&tls=1108&g=100&h=100&tt=1109&r=v&avms=ampa&adk=543701114

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 00:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627174523&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627174522974&bpp=3&bdt=69&idt=74&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=8372310512744&frm=20&pv=1&ga_vid=802878632.1627174523&ga_sid=1627174523&ga_hid=1046116180&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1549758315347801&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YVLxAtPdzn&p=https%3A//ombra.net&dtd=78

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m.exactag.com
ombra.net
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.google-analytics.com
tpc.googlesyndication.com
venicexplorer.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.veneziadoc.net
pagead2.googlesyndication.com
142.250.184.226
148.66.138.190
213.202.235.8
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
3.229.206.229
00a83a129d4f23b516c29164ce306e44456e5356edb73ee895504341f7928a77
024399d0ad310c1a823b05f9d10a4abd607cebe0c4ecfd259a87c78f6be04639
033fff1b7f4a78b7768d440a6f70199693b0aed118973daac3b9f930b823508f
0c621d2b55c16da9ae860a2a03aeaeb42bdddae0e3b52516be1fcd7319370957
10ed43de33a1f55a4030d8153902a8c8fd634c24c169eb47698a66df978f3764
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
200004da5f23d68b91afa306a8cb75d0acfb96843f4f85887e9c8ab8aa914790
22d5f818cf25ef0e8668e6fe36f46d8a625151a6d8fae2ca2645b4ec7c24856c
28495ace17fc14af0604185a61e934a94809763e771cbd3d9eb25e3aa46b560a
285be81bd3483f6abb1daaa8490e47b36f6b4c9e46f20a7c5bf673d428e0223a
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
2b486ba3ae86981e895ed4efff98bf514e777855908935d60e093add70e92831
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3cf1497c74bbd8bdfc2a6075ed9f98fc1c64de227049bac40d63a3bd0d558f23
413c89cd884b9bf86a36527958103a75ad4d722a547e1246fa6ebc1c71c4fb0f
41f020fa27f4ccd1e78f9fd60405b54c0ba162c7c61ce7ebb6c61a9c7a4c4eb0
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
450548c294cc983ee4e3e977990c49ef77a394f7e79fbb6b649018391c3fb19c
47c740101bfcb918940f8d05f62af523c17cc0527d9f32f5706fe51ebdd5eb36
4ca6dd97b62c2f6e9263710d88f9ccb54612bdccd98c08ead481a0347e9a4e1f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
5189658b1f2daae71ab3b070b6e0b54f412ed79e468c14a1d16c92824a3b2af7
5278fdb353821284a1d10295cd3c0682a5e81bb4df2ce4401ad909d1d48d6f20
54abed1de14de52fcb5435fc5eabd200ecaf46972708fc45d237bfb84e584dc9
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a3f23c0724e9ceff97c07b2abbf9f653817828caab5168054d141b0c68141b2
5c01b4e8c634cce12fa40dd2d2dd7eabcfd846c0e9b15aab35f9705f1b9fc2fc
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
65486f0d6a4d58d5839bfbdd95a7b482df055c71b18fe0f828f523649c622a2b
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
66cdff38cb08f85a490fd345492e61d87b68d490d2dbf6f512e527effbb59d49
6aed91bc3fe363917c20172ada28b8b82661425448cd470b2fbeaade298ba050
6d94482014c8932e79da1cf46c2522a8d124a52ad5fe551cea46ec273e9b6386
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
7be2638e7ce718a8c93bd3291a1bd4c9eafac76dfbdcf4b10af38de6f543643d
7e21b98fe8d870cd8e1bbdf4cd1d89ce166d741bc6206a15a238b2bc2f3e7b7f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a1c951a818174eaaaf001a306bad640b788f504b3b55a86970c8c49220bdb1e
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
8da9a1c5b29248c0c5e435013036a55732190ce221bc4fe95a66b8c4540b1a7b
8fcb22108c77c1701ecd0388362c592a7e352eb35f75917fcc69ff3dc926136a
9052292049e7e31831a874f945df5dc21db5c41d9a4a03b5c52a2237bcabcf25
93aea7e3c21a5bc34e432149592dfbe6a432f4039a8f93bdb6b43db00b8d40c9
967749c3fb8ef3163c1187130b032197607385b00e92da1ce7e1d13dc9435a31
9c9910cfd17799bb16300d4064b50f4dfeee96b79f974c4c3a16efa3917c039e
9da55217f32bf8ad4cd86962e78b270fa2cb5e02a2a2d9d78fff6d70855ae02a
a00e34d050b72c99d6df84c846205c65a5b228d5982200a29c470c6a22a393d5
a06180fb9a5e601584734aa3a1271706147a37cb8697ec2ed8291ea40b5ebe5d
a3ecb97544ccb44fb7452d864111dfd68e7cef43199a2fa5b98b7908258817b8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a62acc5a85b46fd23fe8e24c8c480d16d79aaead5b1b9ba61a8567fcb0e4bfb5
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b125d9907777481a0c209af91a87bad75fb81a672c5712429f261bc9a0ce3a79
b13b4cc6eacbad93926be7237270303663b91019ac94fee671a2b126456b26f7
b159722b91f7663d33ce1f0e95de72389955edfa5a12cfe6c94b6705468ae805
b690b3d35ce8f81432a157676ae131de0303ce175a651132b0968045a679b4e6
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bbd74a98ed1c879bfb6ec3f278e8d665f90e938aa8224a0cca484632a9d27c26
c076be7ea667da6b951e92af3a78137a5ae5c7de8d55d8a503a14fb239d741f6
c7e3eac1b2c0f5c2d934241ee44a85b4a1a1f3c7c85e05381e2c4b622fe5501d
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
c8db9f853525deceda9c0749a25a9f2639355d88231b31d6e2b9cc22c206ff41
cb0911a946e862e2e0e593ee5b64c6be3f398bc7a313713ab745b71bcfe9b7ae
d183cd87bb0c1365dc82629abe5f9bf3464c01e2245b359e395dca6d7c5a8490
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d4e3e872b1197e084e16c33d2c5c200b9a7ffef15f2ec776ac6dca82197847b3
d7dcbf991e3140883fbb0cea57b778db313c0ee8f57205404257ac98e1aa1444
db5db21f3084c268ddab39adf4a24db548c1b7b20e3b72c122bbe0f6d305cfae
de6889accf5d1391c235c1694525bbfe0aa6988dd757626a651fff72973f7157
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3edb2816c31ea361376b22c49fd66c3f66b17b9bb7c63e59e9a0d032c327aee
e8d0c61081c2830f503fdd39a557b8a4cbbad6459d6ef3672f2851c8e2f95dd6
e975ebeee1b07b9ada5f9a893f6245bfbda7248c1fdea28b44a5b0a7a3f27ac8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc
f50cd1f9a7d3ab95391225b3a8d36eca059105990afdada14ca150953df3f6c4
f69adcb2ca28e3e811ad5b88d7b6d86a68d736c715bca3d4953f0566d1447321
f85c28d88553d51870430707e647442e46b1ce4c7f11e99a112d372b02d77a50
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
fb5d0db4a0e486d673deb8cdb8db8f27e3060f969f7cdd204e0923b0a71c5705
fec2ffc602ee5bf9e5132ff977234588ea02e81c59e093fa402f5a1c8f6503f7

ombra.net Open in urlscan Pro 3.229.206.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

97 %HTTPS

80 %IPv6

14 Domains

18 Subdomains

21 IPs

3 Countries

2112 kBTransfer

3240 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ombra.net Open in urlscan Pro
3.229.206.229 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

97 %
HTTPS

80 %
IPv6

14
Domains

18
Subdomains

21
IPs

3
Countries

2112 kB
Transfer

3240 kB
Size

0
Cookies

105 HTTP transactions
3 data transactions