www.ominecaexpress.com Open in urlscan Pro
35.203.155.45 Public Scan

Software

Google Tag Manager /

Resource Hash

57f101ebb62f2cea34d6dde36d480bfdaf9530740fd885e2b5842c4acd64fc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35793
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H/1.1 200
OK sp.js Show response
includemodal.global.ssl.fastly.net/ 101 KB
27 KB 31ms
8ms Script
application/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/sp.js
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: b56465907e470c9a93abfe4fdf54885d7372cdacfaefd0ec5432580549d9b681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:13:25 GMT
Content-Encoding: gzip
Age: 1429
transfer-encoding: chunked
X-Cache: Hit from cloudfront, MISS
Connection: keep-alive
x-request-id: FrDD-2unI_6cfxEGfeKC
X-Served-By: cache-hhn4055-HHN
access-control-allow-origin: *
Server: Cowboy
X-Timer: S1635041605.316930,VS0,VE3
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront), 1.1 varnish
access-control-expose-headers
Cache-Control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: y-Mr7v6UqWy5KA0_4aT1SKqU7Q_IzmK3FiF7fwwdZOlPah0Yo_qvMQ==
X-Cache-Hits: 0

GET
H2 200 launch.js Show response
oap.accuweather.com/ 17 KB
6 KB 39ms
6ms Script
application/javascript 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oap.accuweather.com/launch.js
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
etag: "8513a708788d21:0"
last-modified: Thu, 16 Feb 2017 19:04:02 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 6333

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 72 KB
29 KB 41ms
28ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC4CSJ5

Requested by

Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b54db4180804065ff04e804cfba703e3f1d6924bc6ac16d3d0e36feda273997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29294
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 72 KB
29 KB 45ms
45ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56M65DZ

Requested by

Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

182a4dfe2ab732c915d0db88747c6ec490c923293b19b7b22111d7cf990dbaa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29293
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 25ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:13:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/6711)
Age: 292
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29104

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 35ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

165109b77527988d8f65bf8c271ca68eb2f5a9eb3ece333054fcdbbbd210ac4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1023 / 840 of 1000 / last-modified: 1634854038"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27188
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
vortex.accuweather.com/adc2010/oap/javascript/ 90 KB
33 KB 14ms
6ms Script
application/javascript 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Requested by: Host: oap.accuweather.com
URL: https://oap.accuweather.com/launch.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
etag: "aad455d39b55ce1:0"
last-modified: Mon, 20 May 2013 20:51:39 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 33817

GET
H2 200 26899690_web1_181017_YKN_Pot-shop-sign_007FN.jpg
www.canadianevergreen.com/wp-content/uploads/2021/10/ 52 KB
52 KB 531ms
162ms Image
image/jpeg 146.148.100.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canadianevergreen.com/wp-content/uploads/2021/10/26899690_web1_181017_YKN_Pot-shop-sign_007FN.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.100.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.100.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 00dd8ee4782ceff92a3f03a9f7ddc649a717e50fe733daae9ba0dfeccc5873b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Thu, 21 Oct 2021 18:15:54 GMT
server: nginx
etag: "6171ae5a-d064"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 53348

GET
H2 200 page_1_thumb_large.jpg
image.issuu.com/211021092030-2664f1ab62a2d17041cf0a587138d1d1/jpg/ 35 KB
35 KB 53ms
29ms Image
image/jpeg 151.101.130.110
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.issuu.com/211021092030-2664f1ab62a2d17041cf0a587138d1d1/jpg/page_1_thumb_large.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51e38a93b143d7576a63550be22893ef20a0db674f1610d7488daffc54e50a98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 233569
x-cache: HIT, HIT
content-length: 35530
x-amz-id-2: 3YMqk2o4CyZky/Kz9CIa7F45us4Av+VBewLbbd2YTodi9rW5By3Vrki+1vSnO6jPeR6Zn+rXAUI=
x-served-by: cache-bwi5120-BWI, cache-fra19164-FRA
last-modified: Thu, 21 Oct 2021 09:20:35 GMT
server: AmazonS3
x-timer: S1635041605.465671,VS0,VE1
etag: "92361d4047e39645946e09cddcf50171"
x-amz-request-id: TKBE2TEV4KQ2AZRH
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 submit.png
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/ 1 KB
1 KB 6ms
5ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/submit.png
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5aeae9effa57334a2f01fe5bc138d28d2a378a9fa24b94bb37dcb5dc23135e86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 01 Oct 2021 23:18:50 GMT
server: NetDNA-cache/2.2
etag: "6157975a-48c"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1164

GET
H2 200 BlackPressMedia.svg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/ 6 KB
3 KB 7ms
6ms Image
image/svg+xml 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/BlackPressMedia.svg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 847828ce76d2de856454fd299bb28a970df5c2a07496aa8372d82482f47b46a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 23:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"60d66a89-186e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 yrJQMy68.js Show response
content.jwplatform.com/libraries/ 127 KB
41 KB 35ms
10ms Script
text/javascript 18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/yrJQMy68.js?ver=1.0.0
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: dcb424cc01d2b8145f5f69a79ed61a6f7c4edbcade79105907e1a4887c3a4605

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:01 GMT
content-encoding: gzip
server: openresty
age: 24
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA56-P5
content-length: 41494
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-id: 6brAUk4ZlkV7WaV_YpBJQpCSfd55Mc0ReX46QScOpIggfC5xpF6YUA==
expires: Sun, 24 Oct 2021 02:13:00 GMT

GET
H2 200 featherlight.js Show response
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/components/featherlight/ 22 KB
8 KB 7ms
7ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/components/featherlight/featherlight.js?ver=1.6.1
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b663419733f90e316eda931466ed2777ac88965474ff4cb1cb8ce4e78f4aa87d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 23:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"60d66a89-58b0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 foundation.min.js Show response
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/javascript/ 2 MB
464 KB 10ms
10ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/javascript/foundation.min.js?ver=2.37.00
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a30cf27bf4f5e5a36691545e2adf296b8c7c8c8fca7d0d34fec9773b4cb1ac31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 22:18:28 GMT
server: NetDNA-cache/2.2
etag: W/"6171e734-1dbf1e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 what-input.min.js Show response
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/javascript/what-input/ 2 KB
1 KB 70ms
69ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/javascript/what-input/what-input.min.js?ver=4.0.3
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ecda9bc7461947ae9c9a0a52eb4d2839d543283c48993a52631dba9eb4141fb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 23:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"60d66a89-98f"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
1016 B 70ms
70ms Script
application/javascript 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: NetDNA-cache/2.2
etag: W/"5ff5d754-592"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dsgw.js Show response
files.dosomegood.ca/scripts/p/w/ 159 KB
160 KB 81ms
7ms Script
application/javascript 13.32.121.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/dsgw.js
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-111.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ab6cdd5c7095349f243cd1f3ed712b73ce99f7fbc3fbbe315f91ca21a8533f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 03:41:16 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f9.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:04:02 GMT
server: AmazonS3
age: 81130
etag: "c608a467d363084cc8bb86b4cfdc1f6d"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 163078
x-amz-cf-id: Rm5cphfHByPWxoRbaJT0TcmG6WOG6ELpbypOcitI1OjqaczGZP6C7A==

GET
H2 200 pubads_impl_2021101401.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
123 KB 40ms
16ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f06fa6a4a36d9702745dec58ef82ea73b36cc8e2636504a85f65207904322d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125076
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 17:37:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
702 B 37ms
15ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ominecaexpress.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a104-111-214-80.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

d0deb6050354f87ff8db07909a3c839b288a5aa2151fb8b8e5162e9375cd7c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H2 200 fv-play-btn.png
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/images/ 2 KB
3 KB 6ms
6ms Image
image/png 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/images/fv-play-btn.png
Requested by: Host: 1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com
URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=2.37.00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 07989fce6a6a8a3e2d6a809effa05f2530edc3b4bd2ce0d4075d9754dc4b0e9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=2.37.00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Tue, 12 Oct 2021 21:59:00 GMT
server: NetDNA-cache/2.2
etag: "61660524-9c9"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2505

GET
H2 200 fontawesome-webfont.woff2
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/fonts/ 65 KB
65 KB 18ms
5ms Font
font/woff2 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: 1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com
URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=2.37.00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=2.37.00
Origin: https://www.ominecaexpress.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 25 Jun 2021 23:45:13 GMT
server: NetDNA-cache/2.2
etag: "60d66a89-10440"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 66624

GET
H2 200 26915879_web1_211028-OEB-COVIDroundup-NechakoRegion-NechakoHealth_1-640x427.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 79 KB
79 KB 7ms
6ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26915879_web1_211028-OEB-COVIDroundup-NechakoRegion-NechakoHealth_1-640x427.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1e7025b668f3e791e0f3876cba81e5984c6f61ea0e356f2d7369a50c288d5e51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Oct 2021 19:42:34 GMT
server: NetDNA-cache/2.2
etag: "6173142a-13bbd"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 80829

GET
H2 200 26929039_web1_211023-BPD-LifeLabs-Strike-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 28 KB
28 KB 284ms
283ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26929039_web1_211023-BPD-LifeLabs-Strike-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bd7fe88b712c74941e487d8400bce11f100847ac876b55b9886715425a9f3a00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Sat, 23 Oct 2021 23:22:00 GMT
server: NetDNA-cache/2.2
etag: "61749918-6fb9"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28601

GET
H2 200 26927427_web1_copy_211023-MCR-Chilliwack-Shooting-morning-shooting_1-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 22 KB
23 KB 464ms
461ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26927427_web1_copy_211023-MCR-Chilliwack-Shooting-morning-shooting_1-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f0b3d5810b787c4be74137b589190c53a33b61cc4cc370b0acf750ccbb4b4897

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
last-modified: Sat, 23 Oct 2021 17:41:51 GMT
server: NetDNA-cache/2.2
etag: "6174495f-5964"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22884

GET
H2 200 26926961_web1_2021102215100-61730a7d9c5867f6ef9e9d45jpeg-300x206.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 13 KB
13 KB 284ms
282ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26926961_web1_2021102215100-61730a7d9c5867f6ef9e9d45jpeg-300x206.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5f42d81815c01daa3e8dc075beb1732bef053ef404f349b3dde61451a459b3cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Sat, 23 Oct 2021 15:26:58 GMT
server: NetDNA-cache/2.2
etag: "617429c2-3466"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13414

GET
H2 200 26926907_web1_2021102220104-6173523a6cea6a63f3caf53fjpeg-300x205.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 14 KB
14 KB 12ms
10ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26926907_web1_2021102220104-6173523a6cea6a63f3caf53fjpeg-300x205.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5cd7fa28b1030197ac2eb922c382271fefcab093060fb82f189c861f982aa174

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Sat, 23 Oct 2021 15:08:35 GMT
server: NetDNA-cache/2.2
etag: "61742573-38ca"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 14538

GET
H2 200 26920815_web1_RJB11672206-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 10 KB
11 KB 12ms
10ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26920815_web1_RJB11672206-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 20c787f7e8c051e44b8de000f8b00a9e70eab1300f5223564e8da6d9f78a93fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Oct 2021 22:50:24 GMT
server: NetDNA-cache/2.2
etag: "61734030-29a5"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10661

GET
H2 200 26920818_web1_20211022-BPD-vax-HOM-211021-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 16 KB
16 KB 12ms
10ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26920818_web1_20211022-BPD-vax-HOM-211021-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b85fb4ba2e0d24f4059604763e55d0522834426ffdc99d40fc9a79938737817d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Oct 2021 22:49:21 GMT
server: NetDNA-cache/2.2
etag: "61733ff1-3f56"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16214

GET
H2 200 26922432_web1_2021102211104-6172d370f1437db5155ee62fjpeg-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 12 KB
12 KB 17ms
15ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26922432_web1_2021102211104-6172d370f1437db5155ee62fjpeg-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1c37b58ea3e5ce92910f593d6c1b658f4306216f0be4db7000d3b838b4ed1865

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Oct 2021 22:35:59 GMT
server: NetDNA-cache/2.2
etag: "61733ccf-3086"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12422

GET
H2 200 26921926_web1_20211022161028-596c7f791e96da6ffb279ef0fed1e1b902d5640cae6e49c61419b86ca69cb62a-300x196.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 14 KB
15 KB 18ms
15ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26921926_web1_20211022161028-596c7f791e96da6ffb279ef0fed1e1b902d5640cae6e49c61419b86ca69cb62a-300x196.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d98d721103ef9aad256ab8be884a919b60f36d48fafc22464cfc9315c378d9a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Oct 2021 22:31:45 GMT
server: NetDNA-cache/2.2
etag: "61733bd1-398a"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 14730

GET
H2 200 26900176_web1_CP128043254-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 26 KB
27 KB 18ms
16ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26900176_web1_CP128043254-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: cd622702bfa9d50d21eb97841df46c9bd9ca3051bb6c497e2faa920fb030fbcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Thu, 21 Oct 2021 14:56:11 GMT
server: NetDNA-cache/2.2
etag: "61717f8b-6954"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 26964

GET
H2 200 26894726_web1_Shakeout-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 21 KB
21 KB 18ms
16ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26894726_web1_Shakeout-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6eee051293b63871bd1178e8e4a8c4c3cbbace715d19a62ce703618f8713a852

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Thu, 21 Oct 2021 14:30:44 GMT
server: NetDNA-cache/2.2
etag: "61717994-5237"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21047

GET
H2 200 26881340_web1_211019-CRM-5G-egging1-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 16 KB
16 KB 22ms
20ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26881340_web1_211019-CRM-5G-egging1-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 755db1141e1f06e5c7cd7939c919cebd4f1ea9b1d0c67409647dd84c7d7b88d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Tue, 19 Oct 2021 23:53:53 GMT
server: NetDNA-cache/2.2
etag: "616f5a91-4092"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16530

GET
H2 200 26876098_web1_CP133467521-300x200.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 18 KB
18 KB 22ms
20ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26876098_web1_CP133467521-300x200.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f1cd7e0329c9cddaab5e236e45b2d24ec4b4265bb1a63e085ec68d3dd475e507

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Tue, 19 Oct 2021 20:44:25 GMT
server: NetDNA-cache/2.2
etag: "616f2e29-46f3"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18163

GET
H2 200 26927655_web1_20211022181012-6173377b8bc5b141fe221d0cjpeg-640x356.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 54 KB
54 KB 22ms
20ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26927655_web1_20211022181012-6173377b8bc5b141fe221d0cjpeg-640x356.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: cdc753ab6d177561718d6b41aa68108d95b2c9416da227e04ba5312031823489

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Sat, 23 Oct 2021 18:35:52 GMT
server: NetDNA-cache/2.2
etag: "61745608-d6e2"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 55010

GET
H2 200 26926934_web1_20211022081012-6172ab68ea82352255fdcc57jpeg-640x427.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 18 KB
19 KB 22ms
21ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26926934_web1_20211022081012-6172ab68ea82352255fdcc57jpeg-640x427.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b869efae571dcb6478599cf4d022e0ff47d8dcb542585550462f2aaadef86324

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Sat, 23 Oct 2021 15:17:48 GMT
server: NetDNA-cache/2.2
etag: "6174279c-49f8"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18936

GET
H2 200 26930109_web1_211023-CPW-Lions-Bombers-lions_1-640x427.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 68 KB
68 KB 461ms
460ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26930109_web1_211023-CPW-Lions-Bombers-lions_1-640x427.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3dfdc4ebaee50e470a0c84b21bf2fc78a5729de92c7c62571632aad0360a9455

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
last-modified: Sun, 24 Oct 2021 02:10:17 GMT
server: NetDNA-cache/2.2
etag: "6174c089-10e60"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 69216

GET
H2 200 26926952_web1_2021102218100-6173350a81635b0de8b2b61fjpeg-640x427.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 57 KB
58 KB 22ms
21ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26926952_web1_2021102218100-6173350a81635b0de8b2b61fjpeg-640x427.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 127f34e8641df5695d3237e372e2a514b71b81570440fa9ed27d3c38f12ab665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Sat, 23 Oct 2021 15:20:50 GMT
server: NetDNA-cache/2.2
etag: "61742852-e5e7"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 58855

GET
H2 200 26916259_web1_211022-VNE-Record-Humpbacks-Born_1-640x427.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 83 KB
83 KB 22ms
21ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26916259_web1_211022-VNE-Record-Humpbacks-Born_1-640x427.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ad45c9d678fd68936af41e6159e7b8a2f57270c5e03c212dcf7c5e8a7808b779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Oct 2021 18:05:58 GMT
server: NetDNA-cache/2.2
etag: "6172fd86-14ae8"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 84712

GET
H2 200 26892063_web1_201007-PQN-poll-candy_1-640x427.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 96 KB
96 KB 22ms
21ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26892063_web1_201007-PQN-poll-candy_1-640x427.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ee674e5b5a40846dee2036c3ac582f2cc58e92811477cc735bfc8995023c5b59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Oct 2021 17:59:53 GMT
server: NetDNA-cache/2.2
etag: "6172fc19-17ead"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 97965

GET
H2 200 26904771_web1_puppy-640x427.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 79 KB
80 KB 22ms
21ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26904771_web1_puppy-640x427.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9e1ecd019a1debde4f54204f6d0035b6c56ab66b4cc150bfbd795cb8677af626

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Thu, 21 Oct 2021 19:43:38 GMT
server: NetDNA-cache/2.2
etag: "6171c2ea-13d7e"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 81278

GET
H2 200 26856819_web1_211028-TST-adaawk-lorna-brown_1-640x427.jpg
1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 81 KB
82 KB 22ms
21ms Image
image/jpeg 94.31.29.96
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1g35ko1wnl60p3ki2lfxeavm-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26856819_web1_211028-TST-adaawk-lorna-brown_1-640x427.jpg
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.96.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 327223b2202864087cc2961ae162d656bc3f14459028d8e1f7e91038af54abc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Tue, 19 Oct 2021 18:15:39 GMT
server: NetDNA-cache/2.2
etag: "616f0b4b-144d7"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 83159

GET
H2 200 widgets-20170109.css
vortex.accuweather.com/adc2010/oap/stylesheets/ 112 KB
14 KB 9ms
6ms Stylesheet
text/css 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
Requested by: Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
etag: "43ca979bc36ad21:0"
last-modified: Mon, 09 Jan 2017 21:59:10 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 13968

GET
H2 200 current Show response
www.accuweather.com/ajax-service/oap/ 3 KB
3 KB 188ms
187ms Script
text/javascript 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.accuweather.com/ajax-service/oap/current?callback=jQuery19105236744199808625_1635041605447&uid=awcc1517421973278&locationkey=1366280&unit=c&language=en-us&useip=false&targeturl=%2Fweather%2F&css=&_=1635041605448

Requested by

Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.214.80 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

af6d27a6db37a7d999df455b69a67ae07f76422b51ca75038ce59011941db8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=155
servername: gweb-v03
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 991

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 5CAD 319 KB
103 KB 7ms
6ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.ominecaexpress.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ominecaexpress.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 187892
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 24 Oct 2021 02:13:25 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
X-EC-BBR-Enable: 1
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
17ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17101304-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 771
date: Sun, 24 Oct 2021 02:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sun, 24 Oct 2021 04:00:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 31ms
30ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17101304-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cf25314b439c0b9f0409deed01e7debf085c5be556c1a7ff4be5c9006c172b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35725
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 38ms
37ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17101304-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d550dd23815dd11f0dd07bbd2c9fef72b539fd0ab392c5805579472230027529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35756
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 36ms
36ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17101304-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5290206995c875b5b1de7ee41090f14564cc78f37281bfbf1f681fe900558e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35728
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H2 200 media.dsgw.js Show response
files.dosomegood.ca/scripts/p/w/ 319 KB
319 KB 9ms
9ms Script
application/javascript 13.32.121.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/media.dsgw.js
Requested by: Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/dsgw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-111.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9230cfbbe8657ebc18bc1a1c4c1d9498a97757178487b910da35e0784b8b3110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:44:58 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f9.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:04:02 GMT
server: AmazonS3
age: 88317
etag: "c7bb0b5eddf93e491ab3df0aed39dbf0"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 326339
x-amz-cf-id: Eu6Flhm6Hs3dXxn2ApNU_98yZtIPBl_EPUXcm9_75BlPyc3eQoV8Bg==

GET
H2 200 platform.dsgw.js Show response
files.dosomegood.ca/scripts/p/w/ 365 KB
366 KB 9ms
9ms Script
application/javascript 13.32.121.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/platform.dsgw.js
Requested by: Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/dsgw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-111.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70642c0422d4b5bfd419d065514d61cf9a3704002eccd116b362fd1699e3711d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 05:58:21 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f9.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:04:02 GMT
server: AmazonS3
age: 72904
etag: "db9173fd1f7f0a54bfeff6a8051b90a9"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 373768
x-amz-cf-id: 7duMwgygUkwLbYHfDocfOlbhY07hM1lvEElAmX-BDQqBj5Hi9iCV8A==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 38ms
15ms Script
application/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ominecaexpress.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 308ms
293ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit0&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x30%7C970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605913&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=139&adks=635914923&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=994x0&msz=994x0&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24101e74466d464d05b3c438e72005b3e698deef0cf26f7a26953c05f961918a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11388
x-xss-protection: 0
google-lineitem-id: 5570481295
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138335767286
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 1431ms
1417ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605917&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=804&adks=3984404392&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x15&msz=970x15&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ce7ab183dc244524f9553638b99c73c7ae4ec84325a58faf4a6280fc67cd5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11354
x-xss-protection: 0
google-lineitem-id: 5570481295
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138335767289
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 1081ms
1068ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605918&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=2512&adks=3422903207&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7511049db409b728dd99d6dc891242a94aa4777a0ceb7b0fed78954183ebf686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8942
x-xss-protection: 0
google-lineitem-id: 5741145787
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138356586907
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 525ms
511ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit5&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605919&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=3508&adks=254253508&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fb423ea8a215bdf68c2584429fa1aff094a9b5231999b4dbf0c69c19a113b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11339
x-xss-protection: 0
google-lineitem-id: 5569359306
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364985556
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 908ms
895ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit7&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605921&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=4706&adks=2240521934&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75526548010153007afc6e2df3dfdc156036925830aa82242100200ed915c769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8214
x-xss-protection: 0
google-lineitem-id: 5789457823
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364616919
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 1427ms
1413ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit9&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605922&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=5326&adks=1371688121&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c20d1b6a2137ea9f96f1185badee1c12d5428f6854f965cf1e5fe18c260bec41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11261
x-xss-protection: 0
google-lineitem-id: 5790375578
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368671354
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 1267ms
1253ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit11&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605923&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=6032&adks=2333070162&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=994x15&msz=994x15&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097cdb569a26b67effa39cecb05717bc5b57f4916683723432373966024027f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
google-lineitem-id: 5562981081
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138296036895
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 1600ms
1587ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit13&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605926&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=6681&adks=2088326607&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=994x0&msz=994x0&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2ee46940f016cb90b952106047d1652bb817f546acddcabb1707ffd1dc4ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11243
x-xss-protection: 0
google-lineitem-id: 5635745008
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138365616035
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 1435ms
1422ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cvendor_library_0&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605927&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=8555&adks=3346448585&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8556&msz=1x-1&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=0&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221a1b19b8d22d1cfddd5a8178e551b4191ff9584bbf16677e271226c405f8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8084
x-xss-protection: 0
google-lineitem-id: 4417344124
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138210660707
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 1605ms
1592ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460468877419379&correlator=3650851350922425&output=ldjh&impl=fif&eid=31063083%2C31063237%2C31062526&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=1036919%2Cadunit22&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=ccaud%3D%26site%3Dominecaexpress.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635041605&dt=1635041605928&dlt=1635041605273&idt=552&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1041647911&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ominecaexpress.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1333759550.1635041606&ga_sid=1635041606&ga_hid=1075382353&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7e839c310b04e9bf235e2245c01e98f373591f49ef986c0781edbcf5c697c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11180
x-xss-protection: 0
google-lineitem-id: 4833083953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138247729828
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
51268b18c0c1ffc144d913ab1001e35a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A389 6 KB
4 KB 49ms
14ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://51268b18c0c1ffc144d913ab1001e35a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 51268b18c0c1ffc144d913ab1001e35a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ominecaexpress.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 24 Oct 2021 02:13:25 GMT
expires: Mon, 24 Oct 2022 02:13:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 33-xl.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 38 KB
38 KB 6ms
6ms Image
image/png 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/33-xl.png
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 28baaf896631ea221c5a1549b81d32a94aad3a13fe3a41c48ee886c4cfe3474e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Jan 2010 17:10:22 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "053e3c7859bca1:0"
content-type: image/png
cache-control: max-age=31536000
servername: origin-v03
accept-ranges: bytes
content-length: 38750

GET
H2 200 33-t.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 3 KB
4 KB 7ms
6ms Image
image/png 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/33-t.png
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cdf273c788d3a65b2d422550fe6350f952e805bc143921d3db555b4d1aad25c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:25 GMT
last-modified: Fri, 22 Jan 2010 17:10:22 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "053e3c7859bca1:0"
content-type: image/png
cache-control: max-age=31536000
servername: origin-v02
accept-ranges: bytes
content-length: 3581

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
13ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1075382353&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ominecaexpress.com%2F&dp=%2Foap-weather-widgets%2Fcurrent&ul=en-us&de=UTF-8&dt=Vanderhoof%20Omineca%20Express%20%E2%80%93%20Vanderhoof%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABCAAAAC~&jid=701967586&gjid=1673440041&cid=1333759550.1635041606&tid=UA-31945348-1&_gid=1352330934.1635041606&_r=1&_slc=1&cd1=OAP_Weather_Widgets&cd2=www-ominecaexpress-com&cd3=accuweather&cd4=OAP_Widget_current&cd5=1&z=1569683031

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1075382353&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ominecaexpress.com%2F&ul=en-us&de=UTF-8&dt=Vanderhoof%20Omineca%20Express%20%E2%80%93%20Vanderhoof%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABCAAAAC~&jid=1843939836&gjid=942274814&cid=1333759550.1635041606&tid=UA-17099191-4&_gid=1352330934.1635041606&_r=1&gtm=2ouak0&z=1955080050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1075382353&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ominecaexpress.com%2F&ul=en-us&de=UTF-8&dt=Vanderhoof%20Omineca%20Express%20%E2%80%93%20Vanderhoof%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABCAAAAC~&jid=764564411&gjid=226955386&cid=1333759550.1635041606&tid=UA-17099191-1&_gid=1352330934.1635041606&_r=1&gtm=2ouak0&z=1125497504

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1075382353&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ominecaexpress.com%2F&ul=en-us&de=UTF-8&dt=Vanderhoof%20Omineca%20Express%20%E2%80%93%20Vanderhoof%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABCAAAAC~&jid=1696148252&gjid=1193904315&cid=1333759550.1635041606&tid=UA-17099191-9&_gid=1352330934.1635041606&_r=1&gtm=2ouak0&z=905145301

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

host-66-209-187-158.canhost.ca

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fGn59B7Pm597A6H Show response
api.dosomegood.ca/posts/cities/media/ 11 KB
4 KB 538ms
186ms Fetch
application/json 66.209.187.158
CANHOST-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dosomegood.ca/posts/cities/media/fGn59B7Pm597A6H?context=widget&limit=3&includeEndorsed=false&cityIds=347787,347964,348039,351538,3174035

Requested by

Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/media.dsgw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.209.187.158 Kelowna, Canada, ASN40438 (CANHOST-INC, CA),

Reverse DNS

Software

nginx/1.13.6 /

Resource Hash

b85cd9baead060fdd5728ac610ad8c69c232b17c05036951f90e7db5db7a336d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-response-time: 29ms
date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: br
server: nginx/1.13.6
access-control-max-age: 600
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, private
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Authorization,X-Timezone,X-App-Version,X-Device-Name,X-Device-ID
expires: Sun, 24 Oct 2021 02:13:25 GMT

GET
H2 200 / Show response
api.dosomegood.ca/community-partners/ 1 KB
816 B 524ms
176ms Fetch
application/json 66.209.187.158
CANHOST-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dosomegood.ca/community-partners/?cityIds=347787,347964,348039,351538,3174035&context=widget

Requested by

Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/platform.dsgw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.209.187.158 Kelowna, Canada, ASN40438 (CANHOST-INC, CA),

Reverse DNS

host-66-209-187-158.canhost.ca

Software

nginx/1.13.6 /

Resource Hash

ce9208337cc775a40ce92f32e0196e6653accce8991a27425da292619e22d745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-response-time: 18ms
date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: br
server: nginx/1.13.6
access-control-max-age: 600
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, private
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Authorization,X-Timezone,X-App-Version,X-Device-Name,X-Device-ID
expires: Sun, 24 Oct 2021 02:13:25 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 65ms
22ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-31945348-1&cid=1333759550.1635041606&jid=701967586&gjid=1673440041&_gid=1352330934.1635041606&_u=YAhAAEAACAAAAC~&z=1421986109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Oct 2021 02:13:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5CAD 232 B
448 B 139ms
124ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3d05d2e15245c26a53f2ab577031643f176371ba

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.ominecaexpress.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-response-time: 117
date: Sun, 24 Oct 2021 02:13:25 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 02:13:26 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d42249c48de59ceee3e5ad13169badf35664643518e39ad9865fb8fe08e3aab2
content-length: 166

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 26ms
22ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-17099191-4&cid=1333759550.1635041606&jid=1843939836&gjid=942274814&_gid=1352330934.1635041606&_u=aAjAAUABCAAAAC~&z=573145072

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Oct 2021 02:13:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
416 B 25ms
21ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-17099191-1&cid=1333759550.1635041606&jid=764564411&gjid=226955386&_gid=1352330934.1635041606&_u=aAjAAUABCAAAAC~&z=204323416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Oct 2021 02:13:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 26ms
23ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-17099191-9&cid=1333759550.1635041606&jid=1696148252&gjid=1193904315&_gid=1352330934.1635041606&_u=aAjAAUABCAAAAC~&z=617880258

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Oct 2021 02:13:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.ominecaexpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 39ms
17ms Image
image/gif 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-31945348-1&cid=1333759550.1635041606&jid=701967586&_u=YAhAAEAACAAAAC~&z=1678304934

Requested by

Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 40ms
18ms Image
image/gif 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-17099191-4&cid=1333759550.1635041606&jid=1843939836&_u=aAjAAUABCAAAAC~&z=326986003

Requested by

Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 39ms
18ms Image
image/gif 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-17099191-9&cid=1333759550.1635041606&jid=1696148252&_u=aAjAAUABCAAAAC~&z=651166346

Requested by

Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 38ms
17ms Image
image/gif 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-17099191-1&cid=1333759550.1635041606&jid=764564411&_u=aAjAAUABCAAAAC~&z=1738910923

Requested by

Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1211.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 20ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1211.min.js
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding: gzip
etag: "3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id: AVTH4FS16E8233K7
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12477
x-amz-id-2: 2tuSKKHgv0Gnez3uDvObk6hLwQ8iuD9gc7ol0THBhcBhUhhziKcdH9SFph396VEKpqK2bwfbwRs=
x-served-by: cache-hhn4073-HHN
last-modified: Mon, 27 Sep 2021 20:46:50 GMT
server: AmazonS3
x-timer: S1635041606.184113,VS0,VE0
date: Sun, 24 Oct 2021 02:13:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6448

GET

rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=14244/rand=521917644/pv=y/int=%23OpR%2396012%23www.ominecaexpress.com%20%3A%20Total%20Site%20Traffic/ Frame 6F43
Redirect Chain

https://bcp.crwdcntrl.net/5/c=14244/rand=521917644/pv=y/int=%23OpR%2396012%23www.ominecaexpress.com%20%3A%20Total%20Site%20Traffic/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=14244/rand=521917644/pv=y/int=%23OpR%2396012%23www.ominecaexpress.com%20%3A%20Total%20Site%20Traffic/rt=ifr

0
0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 41ms
7ms Script
application/x-javascript 18.66.99.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.99.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:19:06 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
age: 3259
etag: W/"60e79439-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 0mcN3Qa6H1g07pc6kLOsJMVtL5K_U-AsRasK4JdqTAMoFKVUu1xaYg==
expires: Sun, 24 Oct 2021 03:19:06 GMT

GET yql
query.yahooapis.com/v1/public/ 0
0

GET
H/1.1 200
OK e4824da135 Show response
bam-cell.nr-data.net/1/ 49 B
711 B 498ms
467ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/e4824da135?a=96620528&v=1211.ba193a8&to=NFVWZ0YCCERXAkxeXQ0fdVBACglZGRJIGlQRX1pH&rst=1863&ck=1&ref=https://www.ominecaexpress.com/&ap=1546&be=962&fe=1837&dc=1389&perf=%7B%22timing%22:%7B%22of%22:1635041604330,%22n%22:0,%22f%22:303,%22dn%22:304,%22dne%22:304,%22c%22:304,%22s%22:446,%22ce%22:732,%22rq%22:733,%22rp%22:940,%22rpe%22:1079,%22dl%22:943,%22di%22:1389,%22ds%22:1389,%22de%22:1408,%22dc%22:1837,%22l%22:1837,%22le%22:1849%7D,%22navigation%22:%7B%7D%7D&fp=1401&fcp=1401&at=GBJVEQ4YG0o%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 02:13:26 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a2faf96fbeaf9d2-PRG

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 335ms
109ms Image
image/gif 3.216.115.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=ominecaexpress.com&p=%2F&u=CmiKASDR1yd_yOjLY&d=ominecaexpress.com&g=65935&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8579&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1837&t=BmEEz0CIKtN5BId1mrCYfm2SDA9l7r&V=128&i=Vanderhoof%20Omineca%20Express%20%E2%80%93%20Vanderhoof%20News&tz=0&sn=1&sv=wuNPlDRbyNzCi5YgFCDpuSODFJNa4&sd=1&im=067b0ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.115.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-115-51.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:26 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ 86 KB
22 KB 151ms
124ms Script
application/javascript 52.222.232.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-93.fra56.r.cloudfront.net
Software: Cowboy /
Resource Hash: c34e9cc5e8570dbeff479b1e170ed419f98475c4a69509e6d917a95e3af9f1eb

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: br
server: Cowboy
x-amz-cf-pop: FRA56-P4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: 7h3fv2t4mRXfwWEFd_QDliFzIf92IOzzNaG8i1-moXWL8VJF0UB8JA==
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-request-id: FrDNSI-3v9tnXaUG5Hcy

GET
H2 200 11617228278673525130
tpc.googlesyndication.com/simgad/ 8 KB
8 KB 32ms
7ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11617228278673525130

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72bec5eabadd6eef2f924bc99666ce8e120f88364b4de20368421db728c7d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 04:52:54 GMT
x-content-type-options: nosniff
age: 163232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8174
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 23:38:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Oct 2022 04:52:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ 3 KB
2 KB 32ms
6ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 01:30:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 30ms
14ms Image
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjalAHmw6Dz0Xe1WwYYBrZ9V01dMAHMrISB1lUPhcRboeVbD2nIUQwrJbUTeP_LB6ntG-0RmdfijbPlkCkIYGnWLlFWQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 120 KB
37 KB 30ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ominecaexpress.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Oct 2021 02:13:26 GMT

GET
H2 202 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ 0
647 B 287ms
239ms Image
text/plain 104.21.37.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=861094
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.37.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyUFkUxz2axXtWZokm7fzJCpQDdfxgBrYAuOjeidn7%2BRrp7gejjyyG%2BHfAPE491sdWKVXmnOUP86ikkd8PfUIt8Lx4YWApvZ%2B%2FIf8w%2BEC2XTc6Ac4z9S%2BDTPlu9ceyTEk0TtQE8%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a2faf988f954137-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-request-id: FrDVra2jN9NVOhIHNs6x

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 45ms
45ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbzbhGkDTsG8mHx7rDhi61Hi9uYHGqbeLW0lwVGw2phoxACw4K6qRw3Mauj35EIRWBfhW4Q1nsYP696Mw5LK6R6Wp_z-N-ze1_1DRGV9s93qBvCSVNSUigOP8sue1Xzt0DlJcublbfc3sLquGn3H4ISJtViKUiEpr_bXS4yRCvjK-Km8Pt21ldfnixqK_7cmI17htbxQXk--vPAmftPGOPBv-PKEDlzkoEiAAaTVr2fWDKipYQRSSE4tML4vBAoipJavq7s7vPLV-JbP3nAXr6L8EmKOM1GJGTiZkNgGXktCSjdNzS7GA_NqE&sai=AMfl-YTTCETmr20_B5GCkh3rRm17vH4xz7ctqUQo0jjgX2Ad_he5u29Ik2BwMczge-2qSeNh-JOAwavm0-iJwxX8wUay3u2N2DDfasuc8hH1qX1yAIVeTZkhQKAN2rWc6WU&sig=Cg0ArKJSzKKxr5FsOiODEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 24 Oct 2021 02:13:26 GMT

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dce83f773113a7da616c865581aebe5cf29717854714053e9a0c363f6f557de2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 57ms
42ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWNmG-qe6_h07EyT9FqTCmbL5ZDejN6wZQ13vyJJqONC6tMuK6PjTp2LW9k4ntfgzAtQvNMMXrnX6mpiMKXgCjqZVEa0LamUJyF9UMoyalXO1ZRC0Vgi6nSwYfJq25OddCO_pxKX0wrEbU4HgMK21cZ8Z0UVyzuOPJQ9u04DRCpD_rq7eo3Uwzs4Oh-nwuDElPZM3pdUNL_jIgk0l2ZWHuA1M4VpDDqhcuxFEKj2MjTWjkIE_Aa2ckW8seVPR_tgH8tCfVZOao6ihGym7NDs7k1ttfpc_SR1sHhi-TS12UksMWv8zBkjYFL67y5g&sai=AMfl-YQ5FA8lEYI8297Zy8mB9v8rRqiqRAKb3kMlv8U_4bjdlvTe23Ls-hPTHUb-FjFBmSjRJEvRJrUBtiA-nF0JrVzwfnIoxg5QBjbkSnGfs6oUtdd1jhbFKizNUraar2U&sig=Cg0ArKJSzCV2jMZvx1CJEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 24 Oct 2021 02:13:26 GMT

GET
BLOB 200
OK af2c6f89-0a81-4171-82ee-16eefc1325fe
https://www.ominecaexpress.com/ 770 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ominecaexpress.com/af2c6f89-0a81-4171-82ee-16eefc1325fe
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f69dd6b098dbaf75174fc465f718afbd920263197dcffcc6d0824420a7c08bbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 770
Content-Type: application/javascript

GET
H2 200 712d95cd1975464165a67216076fe795c491e308_logo.png
media.volinspire.com/images/71/2d/95/ 20 KB
20 KB 41ms
15ms Image
image/png 172.67.143.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/71/2d/95/712d95cd1975464165a67216076fe795c491e308_logo.png
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c8ecde52241236d3d6616c649c14b4e9ca296acdc1fa62b34df89d1e5faa628

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152
cf-ray: 6a2faf993fe75b5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20457
x-amz-id-2: t+g5bwvq//uivi10g3o9CH+edloaEtfFrEncH6T+60U9Mt/klElSrZ3E4cXQpCQIqpqqcMdD6Nk=
last-modified: Thu, 10 Sep 2020 18:17:12 GMT
server: cloudflare
etag: "edda04396f4c88efc51bab86e2379eb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbRfiEskVHx48rM2Kgb0tDCaBG4Ev%2F4H5cr6GnO5FYuX6XHkhtKTJhNcTzSq3vkZMjuFuNhmPGB9W%2FC82RZTua4%2FDKZDQYFJQsfYdaHR1ME%2BtdOaTIh4BovmtoPdCa%2BwEfErlxHMuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: EEN5G00PK4Q513T6
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 86c83737234bb90c93fdcf916e52f17bd7d63a4c_logo.png
media.volinspire.com/images/86/c8/37/ 14 KB
14 KB 40ms
13ms Image
image/png 172.67.143.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/86/c8/37/86c83737234bb90c93fdcf916e52f17bd7d63a4c_logo.png
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6267ebc45aa59a758c5b442d3cd6c9f0298a9b328ba2748d08184a32c5d27b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152
cf-ray: 6a2faf993fe85b5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13974
x-amz-id-2: QdX6io5kZGJPlWujo/uuhys02GEA6A72guXKJC468cJHjumkEaG02qrZcF6YCxthEoaNKPwbMMs=
last-modified: Wed, 24 Jul 2019 14:31:38 GMT
server: cloudflare
etag: "31a8a3f785d279afdd0cb2ddc04aa14c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmWqOFiCF7FjqhLauZK%2BRH3Yrn4VYPmK%2FytymNT1nnLmz%2BEeThFT13N2k273J2u%2BlDZFXW6n4DdJteqyEQN0oOmxjOx47u3%2BoGNnpVDyByhLhSaj2P71bBaVNfL%2FR8vBLMalW6BDPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: STFQZN0EHB0NP0NP
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 cd65ed58020dc1d64b837e90da4a155fe5d5359d_logo.png
media.volinspire.com/images/cd/65/ed/ 9 KB
9 KB 40ms
14ms Image
image/png 172.67.143.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/cd/65/ed/cd65ed58020dc1d64b837e90da4a155fe5d5359d_logo.png
Requested by: Host: www.ominecaexpress.com
URL: https://www.ominecaexpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.143.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 573b7f293fa9030abbea24db9fe6f9b69e4ee6cf2ebcd68b061429d7c96099fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5166
cf-ray: 6a2faf993feb5b5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8758
x-amz-id-2: PU2Yp4UQom7Hvh16ELl5inHj+Tbr7vG0k2mFxGqzbjUAEixAnV39nMzTFhyPgpb+seJsbVx4gDY=
last-modified: Fri, 03 Sep 2021 00:35:41 GMT
server: cloudflare
etag: "cb627935e1f07f66777865f0b15f4582"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsFJCIeQxVnNkiLJDICOSVLBGrbXIBNyLjJKfrhDrJ4GuJNZMrms0pm8WEfwCbM7hjXEyXst%2F51lOCzySDnfq2A4b6IIz2j001cWTrtbkdGyQGX2dtRoFYxoKFDQoL%2Ftm4CDHvv9cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 77YSKQ89RBFKMAP8
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 40ms
18ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d5a187cc4679f2c2fb52bdc5ba1d414d4ec54a041cef424147c659a78daa8fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8505
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
23ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 02:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 24 Oct 2021 02:13:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 18A0 12 KB
5 KB 13ms
13ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ominecaexpress.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 23 Oct 2021 19:33:26 GMT
expires: Sun, 23 Oct 2022 19:33:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C8D 783 B
535 B 16ms
16ms Document
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2be4fd873ebd5ed0f4addcc002c04c5c9b882b572771a1c3e13f7e7ac67cd00

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A8IxNj9froYlW0YjlzHGlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ominecaexpress.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 24 Oct 2021 02:13:26 GMT
date: Sun, 24 Oct 2021 02:13:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-A8IxNj9froYlW0YjlzHGlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C8D 0
0 37ms
22ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101401&jk=1460468877419379&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 18A0 35 KB
13 KB 20ms
7ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 22:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 22 Oct 2022 22:58:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101401&jk=1460468877419379&bg=!TE-lTwvNAAbUs_yW1LM7ACkAdvg8WshCWpJ7eRDIp6AwS1v9dbvZluX31lok58G-vZGYgcOUuZ9AlQIAAABOUgAAAApoAQcKACTC_djrSlKj6vKSb1d_0kPBDKy_LUGrRG8Y98GyxoTk-SZmdimZArb9KBCUzV_Dnd7tvpg8Z49V4YpmWVVvX_6UxyaK_EfMzJvJQn13oynOe73nxwe8WjzCbX7IgkIykZemqqI-OwBHKrbpAOpurbqk_x3Lygp98N0r2vRC8g3OJGO3pbQrqdhcz-_tG6cS_rYQGhN_kWYMPrGDsJxw5FRaeqrDJtC3MFNTK4FgtIvFy5paK5DDyS3ObjuI-N714-lsCCFenMhHpoIdDa_c37xHBCYEfdDgggc1QiUGARp7GK_elT3lfzFOGgTDIiNzp_wE1m05b1xVMhnJBtCwwEupNBYwciAUvGQCAEyzufxZqmvjHQrZHpU0FI21iNgGNwuIUUTItIL4uFHsitRAGz4Hqm7b6HLzL0rd8xyEXCWtOET6F0AxVb8AyLqGG_sczniJfe2G1XAMZ4krb3iW6CkcCkEatwqMQadNc35DO_IXtp5ynb6UCzLL530ja6V5r7ivYCjusRN1Rm57cK7GwD8sMY1P_cIIEaHBIeVh5ib-arKn7pSOl0j8V7_iZzADpzGKa_P_D2RQo5-GkeHmwJZ_AhVY_vUrn7ZBh2quH0fu2kEsc6cvkdM7mvtHMUum5wna0hCm-sQtgGy7tjQI5IqFFAKuEucMTtkg9tbZC-h_EcG8ztmh9p9zDp9V9N50NOsZlmYYGZXkgnD_UQpIlG6HDBJUGQyFQZbU2wKJiIVf4gjPgSSCBjmqIf8srPaIip2KiRP_pKSVq8bNIE106ABsIscYIXLFzeXKA1GqZ9ACOsh84daz-_vADp-inpNwh8J28dhYvFJ-JCOTkEj_GSbBvIpRZLiqJmZSfX86mDXCfyVh1-NgAa92-YDK4ro9d3DrDXUYEUtQcTdonXda3BQW8l9jqa7OHsAhQqmY4RsBifj8dW2sTQMNnEDclDyvWRBvgOMHLgi_VRtCAKw-

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 16ms
15ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=ominecaexpress.com&host=www.ominecaexpress.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ominecaexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 02:13:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
64 B 30ms
15ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1vLiGTci5wGp00ubAKOD6WrXWj7_EN8wGtNc4UQdwTRlOBU-UqyzqSeHSCCZNLToNKhF0UvcH_KrlKHXA5ogNUerGqQ5-PhVQuqV9kZPH0PlpodR0&sig=Cg0ArKJSzNgSdxj6eSWpEAE&id=lidar2&mcvt=1000&p=0,0,30,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=635914923&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635041604330&rpt=2125&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS