soothingnature.xyz Open in urlscan Pro
54.38.29.222 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKP...
Submission Tags: falconsandbox
Submission: On March 11 via api (March 11th 2021, 9:57:34 pm UTC) from US

Summary HTTP 146 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 16 domains to perform 146 HTTP transactions. The main IP is 54.38.29.222, located in France and belongs to OVH, FR. The main domain is soothingnature.xyz.

This is the only time soothingnature.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	54.38.29.222 54.38.29.222	16276 (OVH) (OVH)
13	54.38.29.224 54.38.29.224	16276 (OVH) (OVH)
12	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 16	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
20	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
146	27

10 54.38.29.222 (France)

ASN16276 (OVH, FR)
PTR: ip222.ip-54-38-29.eu

soothingnature.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.38.29.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-54-38-29.eu

revenueflex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.webeyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f8a72fbfbceabcfe4532f5a25ecff0b3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
313d67892522dea6bbeb96445f570ff0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f12d:83:face:b00c:0:25de (United States) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com f8a72fbfbceabcfe4532f5a25ecff0b3.safeframe.googlesyndication.com tpc.googlesyndication.com 313d67892522dea6bbeb96445f570ff0.safeframe.googlesyndication.com	198 KB
20	ampproject.org cdn.ampproject.org	392 KB
20	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	286 KB
16	facebook.com 2 redirects www.facebook.com	732 KB
10	soothingnature.xyz soothingnature.xyz	119 KB
7	gstatic.com fonts.gstatic.com	154 KB
7	google.com 3 redirects apis.google.com www.google.com adservice.google.com	22 KB
7	revenueflex.com revenueflex.com	161 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
6	webeyo.com cdn.webeyo.com	169 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	googletagmanager.com www.googletagmanager.com	117 KB
2	google.nl adservice.google.nl	2 KB
2	facebook.net connect.facebook.net	62 KB
1	google.de www.google.de	107 B
146	16

	Domain	Requested by
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net soothingnature.xyz cdn.ampproject.org tpc.googlesyndication.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
16	www.facebook.com	2 redirects connect.facebook.net www.facebook.com
13	pagead2.googlesyndication.com	soothingnature.xyz securepubads.g.doubleclick.net tpc.googlesyndication.com
12	securepubads.g.doubleclick.net	soothingnature.xyz securepubads.g.doubleclick.net revenueflex.com
10	soothingnature.xyz	soothingnature.xyz
7	fonts.gstatic.com	fonts.googleapis.com
7	revenueflex.com	soothingnature.xyz revenueflex.com
6	cdn.webeyo.com	soothingnature.xyz
4	ad.doubleclick.net	2 redirects soothingnature.xyz
4	www.google.com	3 redirects soothingnature.xyz
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com soothingnature.xyz
4	platform.twitter.com	soothingnature.xyz platform.twitter.com
4	fonts.googleapis.com	soothingnature.xyz securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	soothingnature.xyz
3	www.googletagmanager.com	soothingnature.xyz
2	syndication.twitter.com	platform.twitter.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.nl	securepubads.g.doubleclick.net
2	connect.facebook.net	soothingnature.xyz connect.facebook.net
1	313d67892522dea6bbeb96445f570ff0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f8a72fbfbceabcfe4532f5a25ecff0b3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	soothingnature.xyz
1	stats.g.doubleclick.net	www.google-analytics.com
1	apis.google.com	soothingnature.xyz
146	25

This site contains links to these domains. Also see Links.

Domain
webeyo.com

Subject Issuer	Validity	Valid
revenueflex.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
cdn.webeyo.com R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-13` - `2021-08-18`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.nl GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Frame ID: 8C9FA7E4B34FDC7DFA6C20B793A9446F
Requests: 56 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fsoothingnature.xyz
Frame ID: DC4B40607892333AD1716C1A664E16CD
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DF1505149434275E7AB5769F808CD5DC
Requests: 12 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
Frame ID: 8C3ACC6FDFC53165399EC77BA9603082
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
Frame ID: 04DFEC4474F3046A9B2DE5435374A7E2
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7431da776398%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&layout=button_count&locale=en_US&sdk=joey
Frame ID: 537FCB7023D92D2E05C9D46B3CE2D997
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 59123DFA4147403C2CCACDF8B1EA2470
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: EFFA74F96C658C799A027256C86BB73F
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 7CA3BA98186FBF40FFF5FC1425087DF8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 257C2F444571E22F41A730E98A30B550
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022101070013000/amp4ads-v0.mjs
Frame ID: DD6A233138B5545FDADEBC0B71105E99
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 838AFDF93AA591E27725AF149349BC23
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

146
Requests

89 %
HTTPS

77 %
IPv6

16
Domains

25
Subdomains

27
IPs

4
Countries

2582 kB
Transfer

7328 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://webeyo.com/
Title: Webeyo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://connect.facebook.net/en_EN/sdk.js HTTP 307
https://connect.facebook.net/en_EN/sdk.js

Request Chain 29

http://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c

Request Chain 64

https://www.facebook.com/v2.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550

Request Chain 111

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 131

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=1324624836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CMiVve-dqe8CFQiJdwodkBgJOQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=1324624836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 133

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 145

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046038;dc_trk_aid=461813830;dc_trk_cid=106332843;ord=250625561;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046038;dc_pre=CIG4zu-dqe8CFcw14AodLygPPQ;dc_trk_aid=461813830;dc_trk_cid=106332843;ord=250625561;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 147

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

146 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request 1 Show response
soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/ 28 KB
29 KB 95ms
60ms Document
text/html 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

HTTP/1.1

Server

54.38.29.222 , France, ASN16276 (OVH, FR),

Reverse DNS

ip222.ip-54-38-29.eu

Software

nginx/1.16.1 /

Resource Hash

2d1a347ee49da4f14098d5886764b09728cf871c106f194663ff0043f49f2df8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';script-src * data: blob: 'unsafe-inline' 'unsafe-eval';connect-src * data: blob:;img-src * data: blob: 'unsafe-inline';frame-src * data: blob:;style-src * data: blob: 'unsafe-inline';font-src * data: blob: 'unsafe-inline'

Request headers

Host: soothingnature.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Thu, 11 Mar 2021 21:57:15 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Legth: 28576
Expires: Thu, 11 Mar 2021 21:57:45 GMT
Cache-Control: max-age=30 public
Pragma: public
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';script-src * data: blob: 'unsafe-inline' 'unsafe-eval';connect-src * data: blob:;img-src * data: blob: 'unsafe-inline';frame-src * data: blob:;style-src * data: blob: 'unsafe-inline';font-src * data: blob: 'unsafe-inline'
X-Proxy-Cache: EXPIRED

GET
H/1.1 200 1146 Show response
revenueflex.com/rest/siteconfig/ 309 B
877 B 125ms
39ms Script
text/plain 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/rest/siteconfig/1146?pg=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&cache_buster=0.7882787660070658
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 40f5aa2973b4c98992a7b0d6dcf83c278e725f1bebbed36eda290cc4d4d75616

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
X-Mobile-Device: 0
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,HEAD,OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Expires: Thu, 11 Mar 2021 21:57:46 GMT
Cache-Control: max-age=30
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length: 309
X-Proxy-Cache: EXPIRED

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 85ms
31ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

7fc370fea60a7ea1641e2bed0546b15bb05a54e76827f0213eb146e006009051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "809 / 786 of 1000 / last-modified: 1615492285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19685
x-xss-protection: 0
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H/1.1 200
OK prebid.js Show response
revenueflex.com/d/ons/ 280 KB
89 KB 100ms
29ms Script
application/javascript 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/ons/prebid.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4b68ac5bebfad97e8eeb6faa468a74da58d90a0055d7226170090ad94651e367

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 19:57:32 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "604924ac-1639f"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 91039
Expires: Thu, 11 Mar 2021 22:07:16 GMT

GET
H/1.1 200
OK 21b3251820e2a3b961c2b49757af0272ce7a950f.js Show response
revenueflex.com/d/2/1/b/ 103 KB
34 KB 109ms
29ms Script
application/javascript 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 90cda15548b9090de55518997b49c6e4f4998cd7464b1b73aeb5c18649ed23c9

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
Content-Encoding: gzip
X-Mobile-Device: 0
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60
Connection: keep-alive
Expires: Thu, 11 Mar 2021 21:58:16 GMT

GET
H/1.1 200 ipinfo Show response
cdn.webeyo.com/ 199 B
503 B 67ms
44ms Script
text/plain 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.webeyo.com/ipinfo
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ea3522d9333b2cdd527954ada1896f8e6360e51f6ec1ba582765cb24d9232291

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: text/plain;charset=ISO-8859-1
Expires: Thu, 11 Mar 2021 22:57:16 GMT
Cache-Control: max-age=3600, public
Connection: keep-alive
Content-Length: 199
X-Proxy-Cache: MISS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155207744-1

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd7fb78dca3c6a5786452b9c5ac0d3db9a0eac1e73caa95bb0ec55f9b900d945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39779
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H/1.1 200 style.css
soothingnature.xyz/v4/desktop/ 29 KB
29 KB 40ms
29ms Stylesheet
text/css 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://soothingnature.xyz/v4/desktop/style.css
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 39fcb4a98d2e61d57bb930252d1037341cf4b1795b19f87c7731fb64bd8913a7

Request headers

Referer: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:15 GMT
Server: nginx/1.16.1
Content-Type: text/css
Expires: Thu, 11 Mar 2021 22:07:15 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 29206
X-Proxy-Cache: HIT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 29ms
26ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6I6TxUFphcdhv5GjRrZaVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "623116f45e9f09f5d58245285ae27df0"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-6I6TxUFphcdhv5GjRrZaVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H/1.1 200
OK 6243_logo.png
soothingnature.xyz/contentimages/0site_imgs_data/2/4/3/ 2 KB
3 KB 45ms
29ms Image
image/png 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/contentimages/0site_imgs_data/2/4/3/6243_logo.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 27b763b49fef2eed192f42812ac3719530206dc5baf4b0da3522a409b9663fdc

Request headers

Referer: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Last-Modified: Thu, 07 Jan 2021 10:08:38 GMT
Server: nginx/1.16.1
ETag: "5ff6dda6-8c6"
Content-Type: image/png
Expires: Thu, 11 Mar 2021 22:07:16 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2246
X-Proxy-Cache: HIT

GET
H/1.1 200
OK 116b908a4a5a0f35e61a0c6fc57e4dff9665e303925d6f6fb5c601de803fe302.jpg
cdn.webeyo.com/c/1/1/2/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/ 43 KB
43 KB 59ms
45ms Image
image/jpeg 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/1/1/2/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/116b908a4a5a0f35e61a0c6fc57e4dff9665e303925d6f6fb5c601de803fe302.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 116b908a4a5a0f35e61a0c6fc57e4dff9665e303925d6f6fb5c601de803fe302

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Last-Modified: Tue, 09 Mar 2021 19:29:35 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6047cc9f-aadf"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 11 Mar 2021 21:58:16 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43743
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK when-nature-takes-over-an-abandoned-house-tn-small.jpg
cdn.webeyo.com/c/1/5/7/when-nature-takes-over-an-abandoned-house/ 40 KB
40 KB 58ms
45ms Image
image/jpeg 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/1/5/7/when-nature-takes-over-an-abandoned-house/when-nature-takes-over-an-abandoned-house-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3325c89837d4cdb9d91443e8e6ccddc4d15ecb7e5861870c93e9f03620cde865

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Last-Modified: Thu, 11 Mar 2021 21:32:24 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "604a8c68-9ea6"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 11 Mar 2021 21:58:16 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40614
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK holyrood-abbey-this-12th-century-tn-small.jpg
cdn.webeyo.com/c/1/5/2/holyrood-abbey-this-12th-century/ 38 KB
39 KB 58ms
45ms Image
image/jpeg 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/1/5/2/holyrood-abbey-this-12th-century/holyrood-abbey-this-12th-century-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c4f59f99d03c73402b4cb57ac7dc1145281efb17ab2905bb04e0ba82287a6d8e

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Last-Modified: Thu, 11 Mar 2021 21:16:56 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "604a88c8-99fd"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 11 Mar 2021 21:58:16 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39421
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK the-lost-gardens-of-heligan-tn-small.jpg
cdn.webeyo.com/c/1/5/0/the-lost-gardens-of-heligan/ 46 KB
47 KB 58ms
45ms Image
image/jpeg 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/1/5/0/the-lost-gardens-of-heligan/the-lost-gardens-of-heligan-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3e133b6d1abfc3e20cb161214a191fbec56c9aa3ec0b67192a0a229c847cef5a

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Last-Modified: Thu, 11 Mar 2021 21:08:27 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "604a86cb-b840"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 11 Mar 2021 21:58:16 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47168
X-Proxy-Cache: REVALIDATED

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 47ms
32ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164836676-23

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe5b077266064c583e1416d6c07aae2541ece9774826ca5c0359bab12d883ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39733
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
717 B 21ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700,800,500,300

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

405412293499abe57f1ba4dcf415f89d19dfa0ff3cfff77f390fb9c9c1d06664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 21:47:50 GMT
server: ESF
date: Thu, 11 Mar 2021 21:57:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H/1.1 200 owl.carousel.js Show response
soothingnature.xyz/v4/desktop/js/ 52 KB
52 KB 31ms
29ms Script
text/plain 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://soothingnature.xyz/v4/desktop/js/owl.carousel.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d

Request headers

Referer: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.16.1
Content-Type: text/plain; charset=UTF-8
Expires: Thu, 11 Mar 2021 22:07:16 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 52797
X-Proxy-Cache: HIT

GET
H/1.1 200 custom.js Show response
soothingnature.xyz/v4/desktop/js/ 3 KB
3 KB 33ms
31ms Script
text/plain 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://soothingnature.xyz/v4/desktop/js/custom.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 4f24994cf474ab631f0048cd64efa084cc8e53b9bbd0c97d67f66389e7f0f806

Request headers

Referer: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.16.1
Content-Type: text/plain; charset=UTF-8
Expires: Thu, 11 Mar 2021 22:07:16 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 3247
X-Proxy-Cache: HIT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_EN/
Redirect Chain

http://connect.facebook.net/en_EN/sdk.js
https://connect.facebook.net/en_EN/sdk.js

3 KB
2 KB

24ms
12ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

987669319ec0c90d673d63e70e73c289cfa5559cd4c9b8f4676dcda06b93ba10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TlGZpON1ySttycenGIIKUA==
cross-origin-resource-policy: cross-origin
expires: Thu, 11 Mar 2021 22:09:05 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: 6BOH73BKmPZB1XEFjiic6vH611jaXhFGROKzYhjp/4HkbehN18KB5EymLB3E26jsIcwCCNsbbGP9unUa79ApqA==
x-fb-trip-id: 2050670934
x-fb-content-md5: 4fa54a3210950f2b596d3a244f9f2bcf
date: Thu, 11 Mar 2021 21:57:16 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "320b4c0e7f27a3dd203e540e2ca01da0"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_EN/sdk.js#xfbml=1&version=v2.0
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 44ms
30ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
Content-Encoding: gzip
X-Cache: MISS, HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 29026
X-Served-By: cache-bwi5133-BWI, cache-fra19172-FRA
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
TW-CDN: FT

GET
H/1.1 200 searchbg.png
soothingnature.xyz/v4/desktop/images/ 212 B
485 B 59ms
44ms Image
image/png 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/searchbg.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 9e797b9e6fd24e5a7da5feec0388488fc247be90c6f81c9a50ee96771554c5ac

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Thu, 11 Mar 2021 22:07:16 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 212
X-Proxy-Cache: HIT

GET
H/1.1 200 search.png
soothingnature.xyz/v4/desktop/images/ 493 B
766 B 59ms
45ms Image
image/png 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/search.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 7e1150dbc4124a8d6dfa07c66f475f2fa4064a33c888474c73427bc3b49e09d8

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Thu, 11 Mar 2021 22:07:16 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 493
X-Proxy-Cache: HIT

GET
H/1.1 200 home.png
soothingnature.xyz/v4/desktop/images/ 619 B
892 B 59ms
44ms Image
image/png 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/home.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: b395ec4964eaea12636df05446d2b869fc711b7cf7cd630cd7bce422c954aaaf

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Thu, 11 Mar 2021 22:07:16 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 619
X-Proxy-Cache: HIT

GET
H/1.1 200 dots.png
soothingnature.xyz/v4/desktop/images/ 282 B
555 B 59ms
44ms Image
image/png 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/dots.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 752384965c9820183a08c77c9a12567f7be4eaa4f898646f37db0c21cbce67ef

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Thu, 11 Mar 2021 22:07:16 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 282
X-Proxy-Cache: HIT

GET
H/1.1 200 arrowright.png
soothingnature.xyz/v4/desktop/images/ 1 KB
2 KB 43ms
33ms Image
image/png 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/arrowright.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 84c9b7fb37ffcb48f3013d74e9873a134c75422d94cd1195fb5968a3b8fc4683

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Thu, 11 Mar 2021 22:07:16 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 1308
X-Proxy-Cache: HIT

GET
H/1.1 200 cdnh Show response
cdn.webeyo.com/ 1 B
160 B 111ms
33ms Script
text/javascript 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webeyo.com/cdnh?id=3590112&url=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 1
Content-Type: text/javascript

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700,800,500,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:26:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 271826
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:26:50 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v19/ 30 KB
30 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700,800,500,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eab423f0008a1b0fb56d3a0112959570b9dee431055f89b4e24c5a734d88a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 10:24:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:15:18 GMT
server: sffe
age: 473558
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30432
x-xss-protection: 0
expires: Sun, 06 Mar 2022 10:24:38 GMT

GET
H3-Q050 200 pubads_impl_2021030801.js Show response
securepubads.g.doubleclick.net/gpt/ 283 KB
100 KB 75ms
45ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

4967624b996e927f25c959c7d920f99f8544c7b2b17b1b55683d304250aa8de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 09:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101868
x-xss-protection: 0
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155207744-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6881
date: Thu, 11 Mar 2021 20:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 11 Mar 2021 22:02:35 GMT

GET
H3-Q050

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c

99 KB
39 KB

19ms
18ms

Script
application/javascript

2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf0fe03c87f2f93b4d7951b15deb5e0ff7bfc2f026bbb2608070670a16a201ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39746
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Mar 2021 21:57:16 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=17ddcf56a5fabf3cad141e1e543cae35&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_EN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

afe9ce5d3021003cdd2e6a7ae73a9d8c379f6ef4539a32f91c04689a88d6664c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://soothingnature.xyz
Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wiVIqA8pqFQXMjj8KHOoIw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60547
x-fb-rlafr: 0
x-fb-debug: 50bVvJ+4GbZC5uYcV8h79EanTAw3483QLmFsUDuzixFCR9+P34YlUZoUDpTcofAy7yPBX8dOvjTz/QDLqOEi0w==
x-fb-trip-id: 917726464
x-fb-content-md5: cea2a49162c2a5dac41df118eb8f2133
x-frame-options: DENY
date: Thu, 11 Mar 2021 21:57:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4cb94f1baa62b404c1e44b186e10c5a2"
timing-allow-origin: *
expires: Fri, 11 Mar 2022 21:39:00 GMT

GET
H2 200 widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame DC4B 320 KB
104 KB 78ms
30ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fsoothingnature.xyz
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fsoothingnature.xyz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://soothingnature.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://soothingnature.xyz/

Response headers

last-modified: Wed, 03 Mar 2021 18:56:54 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 11 Mar 2021 21:57:16 GMT
x-served-by: cache-bwi5133-BWI, cache-fra19178-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105690

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
127 B 46ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=594521020&t=pageview&_s=1&dl=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&ul=en-us&de=UTF-8&dt=Shipwreck%20of%20the%20Eduard%20Bohlen%2C%20Skeleton%20Coast%2C%20Namibia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1049485196&gjid=1584658054&cid=715064784.1615499836&tid=UA-155207744-1&_gid=1474766282.1615499836&_r=1&gtm=2ou330&z=1829206683

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://soothingnature.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
26 B 41ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=594521020&t=pageview&_s=1&dl=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&ul=en-us&de=UTF-8&dt=Shipwreck%20of%20the%20Eduard%20Bohlen%2C%20Skeleton%20Coast%2C%20Namibia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=1839526576&gjid=683758638&cid=715064784.1615499836&tid=UA-164836676-23&_gid=1474766282.1615499836&_r=1&gtm=2ou330&z=859504160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://soothingnature.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 28ms
20ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=594521020&t=event&_s=2&dl=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&ul=en-us&de=UTF-8&dt=Shipwreck%20of%20the%20Eduard%20Bohlen%2C%20Skeleton%20Coast%2C%20Namibia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=soothingnature.xyz&_u=IEBAAUABAAAAAC~&jid=&gjid=&cid=715064784.1615499836&tid=UA-155207744-1&_gid=1474766282.1615499836&gtm=2ou330&z=1676963155

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 19:06:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10232
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 1146 Show response
revenueflex.com/rest/pagehit/ 1 B
586 B 108ms
30ms XHR
text/plain 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/rest/pagehit/1146?pg=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&cache_buster=415353
Requested by: Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
Server: nginx/1.14.0 (Ubuntu)
Allow: OPTIONS, GET, HEAD, POST
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,HEAD,OPTIONS, GET,POST,PUT,DELETE,HEAD,OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers, *
Content-Length: 1

GET
H/1.1 200
OK adstyles.css
revenueflex.com/d/ons/ 5 KB
1 KB 29ms
29ms Stylesheet
text/css 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/ons/adstyles.css
Requested by: Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9220439615e1c2ad633b1f760f50826d858acf491cbddebca9409fa2641be0d0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 19:57:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "604924ab-400"
Content-Type: text/css
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 1024
Expires: Thu, 11 Mar 2021 22:07:16 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DF15 58 KB
19 KB 31ms
30ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

6fe45a531ea63f33b80acc5201a2719740af6dbb789fbd7248e6c0c540881b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "809 / 373 of 1000 / last-modified: 1615492377"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19706
x-xss-protection: 0
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H/1.1 200
OK 21b3251820e2a3b961c2b49757af0272ce7a950f.js Show response
revenueflex.com/d/2/1/b/ Frame DF15 103 KB
34 KB 30ms
29ms Script
application/javascript 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Requested by: Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 90cda15548b9090de55518997b49c6e4f4998cd7464b1b73aeb5c18649ed23c9

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
Content-Encoding: gzip
X-Mobile-Device: 0
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60
Connection: keep-alive
Expires: Thu, 11 Mar 2021 21:58:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-155207744-1&cid=715064784.1615499836&jid=1049485196&gjid=1584658054&_gid=1474766282.1615499836&_u=IEBAAUAAAAAAAC~&z=1738359310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Mar 2021 21:57:16 GMT
content-type: text/plain
access-control-allow-origin: http://soothingnature.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-155207744-1&cid=715064784.1615499836&jid=1049485196&_u=IEBAAUAAAAAAAC~&z=1375981271

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-155207744-1&cid=715064784.1615499836&jid=1049485196&_u=IEBAAUAAAAAAAC~&z=1375981271

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 39ms
38ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=4045769604238516&vrg=2021030801&nw_id=65969644&nslots=28&eid=31060385%2C31060010%2C31060211%2C21069710&pub_url=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&start_time=1615499836273&end_time=1615499836282&num_slots_filtered=0

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 40ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 40ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
799 B 34ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=soothingnature.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=soothingnature.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 870ms
868ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4045769604238516&correlator=401979730152671&output=ldjh&impl=fif&eid=31060385%2C31060010%2C31060211%2C21069710&vrg=2021030801&ptt=17&sc=0&sfv=1-0-37&ecs=20210311&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=webeyo_ad_info%3D_PF_T23_M0_Umasthead_%26adsense_test%3D1%26adreact_domain%3Dsoothingnature.xyz%26lazy_load%3Dd0%26cmsadunitname%3Dmasthead&cookie_enabled=1&bc=23&abxe=1&lmt=1615499836&dt=1615499836295&dlt=1615499835955&idt=309&frm=20&biw=1600&bih=1200&oid=3&adxs=217&adys=132&adks=3552192187&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&vis=1&scr_x=0&scr_y=0&psz=1166x-1&msz=1166x-1&ga_vid=715064784.1615499836&ga_sid=1615499836&ga_hid=594521020&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

53289e1a71214b69ca525027cd3da05240adedc67b33a836c12084fe8db687de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11465
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://soothingnature.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f8a72fbfbceabcfe4532f5a25ecff0b3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 95ms
38ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f8a72fbfbceabcfe4532f5a25ecff0b3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 1211ms
1209ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4045769604238516&correlator=401979730152671&output=ldjh&impl=fif&eid=31060385%2C31060010%2C31060211%2C21069710&vrg=2021030801&ptt=17&sc=0&sfv=1-0-37&ecs=20210311&iu_parts=65969644%2Cgenericc&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=webeyo_ad_info%3D_PF_T23_M0_Ur7283_%26adsense_test%3D1%26adreact_domain%3Dsoothingnature.xyz%26lazy_load%3Dd0%26cmsadunitname%3Dr7283&cookie_enabled=1&bc=23&abxe=1&lmt=1615499836&dt=1615499836299&dlt=1615499835955&idt=309&frm=20&biw=1600&bih=1200&oid=3&adxs=247&adys=1418&adks=1420768973&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&vis=1&scr_x=0&scr_y=0&psz=790x90&msz=790x90&ga_vid=715064784.1615499836&ga_sid=1615499836&ga_hid=594521020&ga_fc=false&fws=0&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

61a9bdf7f3dfd41e90c1562cc87692d45863c91e418410d4b746061bb699e8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11547
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://soothingnature.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 520ms
519ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4045769604238516&correlator=401979730152671&output=ldjh&impl=fif&eid=31060385%2C31060010%2C31060211%2C21069710&vrg=2021030801&ptt=17&sc=0&sfv=1-0-37&ecs=20210311&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x600%7C240x400&prev_scp=webeyo_ad_info%3D_PF_T23_M0_Urgalerisag_%26adsense_test%3D1%26adreact_domain%3Dsoothingnature.xyz%26lazy_load%3Dd0%26cmsadunitname%3Drgalerisag&cookie_enabled=1&bc=23&abxe=1&lmt=1615499836&dt=1615499836301&dlt=1615499835955&idt=309&frm=20&biw=1600&bih=1200&oid=3&adxs=1053&adys=512&adks=3764156134&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=715064784.1615499836&ga_sid=1615499836&ga_hid=594521020&ga_fc=false&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1c09839d31f2ec4425b62593c5190e931a8d35c79bd434d1c8b1f0d6504a30c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11196
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://soothingnature.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021030901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DF15 283 KB
100 KB 31ms
30ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

51f6db1b46a265c22e6383ef24c9e7451e34feec809286a6ab221f4b61890c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 09:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102089
x-xss-protection: 0
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H/1.1 200
OK adstyles.css
revenueflex.com/d/ons/ Frame DF15 5 KB
1 KB 30ms
30ms Stylesheet
text/css 54.38.29.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/ons/adstyles.css
Requested by: Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-54-38-29.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9220439615e1c2ad633b1f760f50826d858acf491cbddebca9409fa2641be0d0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 19:57:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "604924ab-400"
Content-Type: text/css
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 1024
Expires: Thu, 11 Mar 2021 22:07:16 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame DC4B 183 B
411 B 178ms
133ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e67ca9f32b6919c9b6bdadc44f7e117e4182da76

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fsoothingnature.xyz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 112
date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 21:57:16 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 06e82094a972247fb8024f41aad297aa
strict-transport-security: max-age=631138519
content-length: 152

GET
H2 200 button.75a79c54dcfc115f36a5bc654a4d6c25.js Show response
platform.twitter.com/js/ 7 KB
2 KB 22ms
21ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.75a79c54dcfc115f36a5bc654a4d6c25.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 97d03f0364ee71256d492e6abad11ff53f0bf177b6476ac4645ea1b045f1f743

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:56:42 GMT
etag: "ba8d4b9e84a41a5e804e7520c9979b13+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2297
tw-cdn: FT
x-served-by: cache-bwi5132-BWI, cache-fra19178-FRA

GET
H3-Q050 200 integrator.js Show response
adservice.google.nl/adsid/ Frame DF15 107 B
777 B 45ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=soothingnature.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DF15 107 B
531 B 46ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=soothingnature.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DF15 50 KB
11 KB 460ms
460ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2615483695586642&correlator=3368853732971117&output=ldjh&impl=fifs&eid=31060385%2C31060423%2C31060366&vrg=2021030901&ptt=17&sc=0&sfv=1-0-37&ecs=20210311&iu_parts=65969644%2Cdalt3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200&prev_scp=revflex_site_group%3D1&eri=1&cookie_enabled=1&cdm=soothingnature.xyz&bc=23&abxe=1&lmt=1615499836&dt=1615499836421&dlt=1615499836222&idt=180&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1300&adys=950&adks=797010950&ucis=djmnnz4t839h&ifi=1&ifk=357521492&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&ref=http%3A%2F%2Fsoothingnature.xyz%2F&top=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=715064784.1615499836&ga_sid=1615499836&ga_hid=1657211753&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

01d73d4fb74d8cb06e529ef9c4906273bf3bca9a2fe08f9fb89d151c96424caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11716
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://soothingnature.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
313d67892522dea6bbeb96445f570ff0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DF15 0
0 79ms
39ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://313d67892522dea6bbeb96445f570ff0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DF15 0
0 37ms
20ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html Show response
platform.twitter.com/widgets/ Frame 8C3A 32 KB
12 KB 23ms
23ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f85348f16f773be0593f6964a88ae226c85683d2fd9802c859ce1bf0fda027c1

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://soothingnature.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://soothingnature.xyz/

Response headers

last-modified: Wed, 03 Mar 2021 18:56:48 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "261ad3b11e174efa13458f601d8c2ebb+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 11 Mar 2021 21:57:16 GMT
x-served-by: cache-bwi5125-BWI, cache-fra19178-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 12296

GET
DATA 200
OK truncated
/ Frame 8C3A 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

feedback.php Show response
www.facebook.com/plugins/ Frame 04DF
Redirect Chain

https://www.facebook.com/v2.0/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xy...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26or...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26or...

165 KB
35 KB

104ms
103ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=17ddcf56a5fabf3cad141e1e543cae35&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

493befd53016ea88790904d416ede42c0faa38034db61a195bcbde681ffa8ffd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://soothingnature.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: VJgi7bqwhBvDXeRYQ0m0Nlz56iau1S+gYm4PVi5tcOC82KbTSdjyCFTp42OHAyL2cL2+p3QNu5dkmhuDdUeYHw==
date: Thu, 11 Mar 2021 21:57:16 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: nDQ2b45zVUR0KDEYjAWtaa0fu4Qyh9jvE6zEiXwBslYKxxWFikpvsUqShsHehnaLeppP3/b4fSDiH7fNg9QEmw==
content-length: 0
date: Thu, 11 Mar 2021 21:57:16 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 share_button.php Show response
www.facebook.com/v2.0/plugins/ Frame 537F 42 KB
14 KB 111ms
100ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7431da776398%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&layout=button_count&locale=en_US&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=17ddcf56a5fabf3cad141e1e543cae35&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f50a88e11634a8d9388a5de4c8afed67644ee4e2186e3e67ef1425bf5ea21d7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7431da776398%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&layout=button_count&locale=en_US&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://soothingnature.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://soothingnature.xyz/

Response headers

x-fb-rlafr: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=15552000; preload
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: cS8uCODjQgLoBNeY9+WRTPhbyv/dFgPRk2N6rg56E5jXZJq7fvVUFwcZnV14OJU65xE+hPRpUL2/seZh3eY35w==
date: Thu, 11 Mar 2021 21:57:16 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 131ms
131ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1615499836602%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Thu, 11 Mar 2021 21:57:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 06e82094a972247fb8024f41aad297aa
x-transaction: 008dcb5c00f1450a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame 537F 388 B
657 B 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7431da776398%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&layout=button_count&locale=en_US&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7431da776398%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&layout=button_count&locale=en_US&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: bPzdsAlGElsl92MINsKh3ejFJIjagwG/P8dpHQwMTSpO/N1keAZmIJEDs/kjME/m6zkaXmLAtvcJhmyX1AXRRw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Fri, 26 Feb 2021 03:39:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 388
x-fb-rlafr: 0
expires: Sat, 26 Feb 2022 03:39:03 GMT

GET
H2 200 W4rdMMsEfY2.js Show response
www.facebook.com/rsrc.php/v3iEpO4/y_/l/en_US/ Frame 537F 479 KB
124 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/y_/l/en_US/W4rdMMsEfY2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

996c38dfd50343733c3d483cfb5cff15e6b62bd6afee993cde8491dfbd0edb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7431da776398%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&layout=button_count&locale=en_US&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: yTI0K+aFmDqxHi3jnUB/8hSuXlhcwmfQ+rx2RFDJxq6gWEeTayY2k7G2M/0FB3CA5/tN0ZXU7dyKm+1yfLrSKw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: fqMCshnHSAgJv7RANyFpUg==
date: Thu, 11 Mar 2021 00:45:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126438
x-fb-rlafr: 0
expires: Fri, 11 Mar 2022 00:45:10 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 537F 67 B
934 B 35ms
35ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1615499836617&t_start=1615499836617&t_domcontent=1615499836635&t_layout=1615499836673&t_onload=1615499836673&t_paint=1615499836673&t_creport=1615499836673&t_tti=1615499836635&lid=6938518962763387208-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v2.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7431da776398%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&container_width=300&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1%3Ffbclid%3DIwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw&layout=button_count&locale=en_US&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: tlbj7dTkn0f0pAPe4y4XMth+LM8vnD/+KUrsw/Y31sm9niJjQ0Yvjfmj4krgGmNjbx5J7wd7VxuNews6XvwFSQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 11 Mar 2021 21:57:16 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wRx0LruB18w.css
www.facebook.com/rsrc.php/v3/yb/l/0,cross/ Frame 04DF 2 KB
948 B 8ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yb/l/0,cross/wRx0LruB18w.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb7e35de497f5e9f191cd0f2ce4c3b8de9cbf6520a4d847d3601b82b2d5596dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: U2P9wfGWyLGIgO1uYGYncbbBGw9fdoQ1m1KObLBkS5nsRxDaIiHg73HKDLmAvBzgmWQX87v797o23zRNzVSOZg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 0GhLCEA6NVbqTI63kPGVwA==
date: Thu, 11 Mar 2021 20:45:28 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 718
x-fb-rlafr: 0
expires: Fri, 11 Mar 2022 20:45:28 GMT

GET
H2 200 EOQcvxk5t_a.css
www.facebook.com/rsrc.php/v3/yp/l/0,cross/ Frame 04DF 128 KB
21 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/EOQcvxk5t_a.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad4e5ff5ef04d11a6a244e3c224128e41676a5a218df0735cbae7eb1043dc9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 08:44:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: //gKXQ1IeYWFFwrMl2bD6A==
cross-origin-resource-policy: cross-origin
content-length: 20973
x-fb-rlafr: 0
x-fb-debug: XxAVVFsV/u2zi9Exct+/3cQnPchEgwYr0OZoPal4X9Ui6/zHsjjowaMuX4aUvmH6zFiwFhlA/gLrKSFnCJnhiw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 06 Mar 2022 08:44:52 GMT

GET
H2 200 COFZ7ITuwSz.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame 04DF 268 KB
71 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: idk45SwC3PoZ+9UibWBLtZiUKMexZFK8JdJu0c8q7FQ9lGlGoOed53D/tnGI8QxbbVdHXPfU20ko6gOG21mluQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: RdaRlLRvra/nUVf/g2gp9w==
date: Thu, 11 Mar 2021 00:44:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72280
x-fb-rlafr: 0
expires: Fri, 11 Mar 2022 00:44:51 GMT

GET
H2 200 FBJGIgt_yWB.js Show response
www.facebook.com/rsrc.php/v3i7M54/yv/l/en_US/ Frame 04DF 165 KB
46 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i7M54/yv/l/en_US/FBJGIgt_yWB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cedb3907578c701df3af4719fca3d463b317c193e493d1a292771ecc44322ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 23:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LU5kYAS2Sqgt468MgIYysA==
cross-origin-resource-policy: cross-origin
content-length: 46738
x-fb-rlafr: 0
x-fb-debug: aXCKek9XmcML4lyAyC+2tDjADS6BfGumGLXYmA7Q82AlpGEz4sprSjPxQX4eWHJcr3oc1Ao26IWffUnrjYeYow==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 10 Mar 2022 23:00:43 GMT

GET
H2 200 H1WHlCaRj96.js Show response
www.facebook.com/rsrc.php/v3iAQZ4/y8/l/en_US/ Frame 04DF 1 MB
349 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iAQZ4/y8/l/en_US/H1WHlCaRj96.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8042e8b3c2ad74be9e630b505c4be83f2381d5857f8bac2b162371f460df4584

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 20:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: E6K1nrjksZAPhxZnZpAqaA==
cross-origin-resource-policy: cross-origin
content-length: 356783
x-fb-rlafr: 0
x-fb-debug: S1HFnxKlPN/txfVGONpGACHE5+S507RCtDu/JS2zEL6SWH20Qm5/KvGwpnInyh9I8oyYdcPv6owmUxNeAIMSJg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 11 Mar 2022 20:45:48 GMT

GET
H2 200 5VR2dH_XHWT.js Show response
www.facebook.com/rsrc.php/v3/yN/r/ Frame 04DF 26 KB
8 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/r/5VR2dH_XHWT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bd64028a852a8e241b42780a7e47853b89f9d3e6b26a9cb765472dd618f3152

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: OhP1YjDIi5Z0Y7ygyFUcVEFRZwOxuhQ4ELaUGb2wMfhgjgISy9aKOMBo6rnXSJYJuKHZT4zg9hvmUQ9aviUvzA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: KGnC4WKDmGEmi5eIigLTgQ==
date: Tue, 02 Mar 2021 21:09:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8294
x-fb-rlafr: 0
expires: Wed, 02 Mar 2022 21:09:04 GMT

GET
H2 200 10S8fVwNKKA.png
www.facebook.com/rsrc.php/v3/yI/r/ Frame 04DF 52 KB
52 KB 7ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yI/r/10S8fVwNKKA.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/EOQcvxk5t_a.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f21cc4285df8ecb724605ce4a6928b89404fc611db75b2ff881f57ef92964afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/EOQcvxk5t_a.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 5YMw6Jk60d5QLDeZQXBLSIhDqtHIKajtK1+QY3I1FQH1W7rwIezugYoIgPCc8+bNverI1Q3Jcdz8jfa90WJnPg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: V5SyOHpIwnhDdkJPL2vc+A==
date: Wed, 03 Mar 2021 14:13:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 53301
x-fb-rlafr: 0
expires: Thu, 03 Mar 2022 14:13:23 GMT

GET
H2 200 odA9sNLrE86.jpg
www.facebook.com/rsrc.php/v1/yi/r/ Frame 04DF 1 KB
1 KB 6ms
5ms Image
image/jpeg 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: nD8fgsvfWclUjYXL+k9uzKtoeCNqqklfSLmPXx0oj7CciTdwGfIXuT+YLI76jXsjit24pguldbymGBrArCr3QA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
date: Tue, 02 Mar 2021 21:10:23 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1131
x-fb-rlafr: 0
expires: Wed, 02 Mar 2022 21:10:23 GMT

GET
H2 200 UsNrl8Qr1jX.js Show response
www.facebook.com/rsrc.php/v3iPwL4/yG/l/en_US/ Frame 04DF 28 KB
9 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iPwL4/yG/l/en_US/UsNrl8Qr1jX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/COFZ7ITuwSz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec9854c13dcfe382d5bfec2cffc993e76957715ebca2da182ff40f48f3b66e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df463112a9843b%26domain%3Dsoothingnature.xyz%26origin%3Dhttp%253A%252F%252Fsoothingnature.xyz%252Ff178e46de6859f4%26relation%3Dparent.parent&color_scheme=light&container_width=790&height=100&href=http%3A%2F%2Fsoothingnature.xyz%2Fshipwreck-of-the-eduard-bohlen-skeleton-coast-namibia%2F1&locale=en_US&numposts=5&sdk=joey&version=v2.0&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: EyZnqS81lioMX2SOn2KiVyrFttvrEkocFfubE+yDTTF5DFeyrQ8j2Qj8ZSDRlTxzkkVdc9WnR2iO1uCQH0PUhw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 3U3idDcrDIUW62LZnYvQfA==
date: Fri, 05 Mar 2021 20:04:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8509
x-fb-rlafr: 0
expires: Sat, 05 Mar 2022 20:04:07 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 5912 185 KB
53 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 5912 12 KB
5 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 5912 87 KB
27 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 5912 3 KB
1 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 5912 40 KB
13 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5912 6 KB
1 KB 35ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf36c2a91f108e0eb00d5d2f09de162b72da38a46bca7e80eb13f53aabac4d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 19:57:48 GMT
server: ESF
date: Thu, 11 Mar 2021 21:57:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5912 4 KB
639 B 35ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 20:00:15 GMT
server: ESF
date: Thu, 11 Mar 2021 21:57:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
DATA 200
OK truncated
/ Frame 5912 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96f34ba001f3b0cf6952d34d42ba65af05985ff17d72bd86c419ae139d74a7b4

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6231559735430240212/ Frame 5912 31 KB
31 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6231559735430240212/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qlsi5_0WVLxZWagFxLkDCnebCXaXw

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f979879c9b455084a15934eb8c1fe0ffd2266e94d1e5b07510652c86ca8fbe5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 10:43:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31392
x-xss-protection: 0
expires: Fri, 11 Mar 2022 21:57:16 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5912 0
0 57ms
57ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4IKGPJJKYN3hFJW_3gO1woe4CPDbndBhnZ-Jhq0NwI23ARABIKyC1iNgkYSThfwXoAGn4MT8A8gBBqkCkTVa4jwJtD7gAgCoAwHIAwqqBJACT9Ac2LJkElDcwiz7poGQns-VKz2zpbfeTgs6xQD5_JUpXGpBSM7sagnq95M4UURLxZ4HeI6E8xFjLfWqXxbYV3EJ5t4-Zut3JF19TlbOqlT80CptNSMYdIQeSczH1SlxPDJK661KMUceR8l_wacMs2RgIR3bDOKe-1Vr1shGDYInd-qHvyJ6sloQ9Pd6zkAdqLFsQ_Z02y2sqqbilyc0OHcmE11CPPcfIwbGUU2zuuKbbUv6zVNJ28sSthrs6OLqB1TbLbrKozvusOA2fgjwUAUrccFuSRbQmZwoa_trjRaWhkj2yGqUpgal8iEuElpccMz1DMmg55HAnYQfvo76k1wqVnCI4jn_mnyOSipqHRPABJ663c-tAeAEAZIFBAgEGAGSBQQIBRgEoAY3gAfhvPwHqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMfZJdIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNTU1Mzk5ODYwMjEyNjM4MYAKA8gLAdgTDLIXGgoYCAASFHB1Yi03MTA0NTQzODAxNTAwOTY4&sigh=_dfhWPlEKQ4&template_id=492&tpd=AGWhJms-bua6nzK5YqvoSelsglZIFa-YcuCH_4Y2whcuG4pfzQ
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5912 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 48859
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5912 295 B
389 B 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81145
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 11 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 48ms
34ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d97cf34572c387b7dabd395101ef0c8fca4eabd9a8f35a5806560f1ceb0ac10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6498
x-xss-protection: 0

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame EFFA 185 KB
53 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame EFFA 12 KB
4 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame EFFA 87 KB
27 KB 40ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame EFFA 3 KB
1 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame EFFA 40 KB
13 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108727
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame EFFA 6 KB
690 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf36c2a91f108e0eb00d5d2f09de162b72da38a46bca7e80eb13f53aabac4d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 21:57:04 GMT
server: ESF
date: Thu, 11 Mar 2021 21:57:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EFFA 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 48859
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EFFA 295 B
320 B 10ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81145
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 11 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14900681249049512210/ Frame EFFA 22 KB
22 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14900681249049512210/downsize_200k_v1?w=400&h=209

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb37f11a0fd421aefbde1ca6f2649dce95e4d3395559a07ed5bef578220c928a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 21:55:22 GMT
x-content-type-options: nosniff
age: 172914
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22639
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 16:27:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 21:55:22 GMT

GET
DATA 200
OK truncated
/ Frame EFFA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EFFA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d1d49e4e90ada5aa7aa20eba93eac6951c03e8207aeb9ae4332e82f2af8433c

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DF15 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e089d43d8479a676e8ef5be4b69086a6df178f596e29cf043e0b96702205cca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6516
x-xss-protection: 0

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5912 16 KB
16 KB 42ms
26ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 271777
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5912 15 KB
16 KB 34ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 270329
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EFFA 16 KB
16 KB 31ms
21ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 271777
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EFFA 15 KB
16 KB 33ms
23ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:41:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 83726
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:41:50 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EFFA 15 KB
15 KB 29ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 270329
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DF15 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030901.js?31060423

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Mar 2021 21:57:16 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5912
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date: Thu, 11 Mar 2021 21:57:16 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6231559735430240212/ Frame 5912 31 KB
31 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f979879c9b455084a15934eb8c1fe0ffd2266e94d1e5b07510652c86ca8fbe5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 21:57:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 10:43:12 GMT
server: sffe
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31392
x-xss-protection: 0
expires: Fri, 11 Mar 2022 21:57:16 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5912 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 48859
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5912 295 B
320 B 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81145
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 11 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7CA3 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://soothingnature.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://soothingnature.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Mar 2021 20:40:55 GMT
expires: Fri, 11 Mar 2022 20:40:55 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4582
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 257C 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://soothingnature.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://soothingnature.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Mar 2021 20:40:55 GMT
expires: Fri, 11 Mar 2022 20:40:55 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4582
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EFFA 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 48860
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EFFA 295 B
325 B 6ms
5ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81146
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 11 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CA3 14 KB
6 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 16:59:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 17860
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Fri, 11 Mar 2022 16:59:37 GMT

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 257C 14 KB
6 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 16:59:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 17860
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Fri, 11 Mar 2022 16:59:37 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EFFA 0
0 57ms
57ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9goqPJJKYK2WHIeE3wPg8r34BfDbndBhnZ-Jhq0NwI23ARABIKyC1iNgkYSThfwXoAGn4MT8A8gBCakCkTVa4jwJtD7gAgCoAwHIAwqqBI0CT9DRaAcd0P1rfXr43Ps2e0Zh15D41O-2uiFrwZB6Vcrnw-E3nYrdPJI26r66OsdzDr24wpYrDTXhMesh3NbNzyFB13so-zSyNObvDGiAEfSG2SxTOHoYVuoMasTEw0xtszwHYtOP_kfEnyg9eerKmaf5kfMTppTw1-N2PygLKQlWkdXFtUfxbC-Wzh0DzLhNdYnTSTDYGlyyNqmTSdB7G-imK3hjpIL9DsCcbULTXtul6Zdj3277jwkr7ONkACnomWL_25P-ee4FlW1GE7fY7GPWnVb0C9gomHunYPK_ZY-36AWfaFKcBnVD2gGe4JfdBQKxWpMc0HsFn4VHO__VAWHwHBGe4VjDN6HOoyLABJ663c-tAeAEAZIFBAgEGAGSBQQIBRgEoAYugAfhvPwHqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIi5D9IICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNTU1Mzk5ODYwMjEyNjM4MYAKA8gLAdgTDLIXGgoYCAASFHB1Yi03MTA0NTQzODAxNTAwOTY4&sigh=w2vgFHanpnE&template_id=5000&tpd=AGWhJmvbMVYCCJPDrrENmnmysKxv6qJhT38W-cbwxmh0yVnH0Q&cbvp=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022101070013000/ Frame DD6A 185 KB
53 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

833fa1d44717aa72f2fee9076562b2a65357a12b69ed89e214b62c55b4f3b377

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 45492
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53759
x-xss-protection: 0
server: sffe
date: Thu, 11 Mar 2021 09:19:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "387c030e363cdc14"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Mar 2022 09:19:05 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022101070013000/v0/ Frame DD6A 12 KB
5 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 202605
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Tue, 09 Mar 2021 13:40:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 13:40:32 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022101070013000/v0/ Frame DD6A 87 KB
27 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 130506
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 09:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:42:11 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022101070013000/v0/ Frame DD6A 3 KB
1 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196884
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Tue, 09 Mar 2021 15:15:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Mar 2022 15:15:53 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022101070013000/v0/ Frame DD6A 40 KB
13 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 130506
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 09:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 09:42:11 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DD6A 2 KB
2 KB 14ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 48860
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DD6A 295 B
320 B 14ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81146
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 11 Mar 2021 23:24:51 GMT

GET
DATA 200
OK truncated
/ Frame DD6A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 495a137355084bca8aaa6127ac1edd1eadcd55242f10dd8909b9e9f652649fb8

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 17269399664645144145
tpc.googlesyndication.com/daca_images/simgad/ Frame DD6A 30 KB
30 KB 12ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17269399664645144145

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baa716e3959a0c9070ea164fa9c182fe968a3e87da6b20fa5f811e6f7ffce330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 08:22:37 GMT
x-content-type-options: nosniff
age: 480880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30788
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 14:12:33 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Mar 2022 08:22:37 GMT

GET
H3-Q050

200

B23768030.267046128;dc_pre=CMiVve-dqe8CFQiJdwodkBgJOQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=1324624836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame DD6A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=1324624836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CMiVve-dqe8CFQiJdwodkBgJOQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=1324624836;dc_lat=;dc_rdid=;tag...

42 B
515 B

83ms
54ms

Image
image/gif

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CMiVve-dqe8CFQiJdwodkBgJOQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=1324624836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046128;dc_pre=CMiVve-dqe8CFQiJdwodkBgJOQ;dc_trk_aid=461813794;dc_trk_cid=106332843;ord=1324624836;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DD6A 0
0 60ms
59ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv13hPJJKYI_SMJSY3gOi2YaoBZmMtOJhwOOCh6QLoZDBiJEOEAEgrILWI2CRhJOF_BegAe_1jtsDyAEC4AIAqAMByAMIqgSPAk_QRk924IrsrVRcNnZeNqInBDMimXOX7yh2kMwkuVZUiZzvanOtaU3WrnVOPwHlM1sxAwuw91TLDuaHCzLr__hDCloCnqGjqCpgKX8BnQ4yvf24YaSxPQUsVzdGa9cDPn6PPIm60BPRBtuJtpsT3DqTLNlazrMW5hzZizgXBDeeKFrYGClroOdKq0aPWE0IEtWp574mbrpv3NE55dKkMRaUJeLY2xoZ9hfWAzupll8OR3RK61EiG8-HpClS39FLBzjps-1CfxKzV_JgX4pBASQRkmlDX3W_a7NLFzi6C63tattQoIBIJmrygar2iJS6uBWwgENlelqaHPBkhqzzfgyX19F1iizM3eihs2QdE8TABPn__tm5AuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeetpspqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELCzJNIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNTU1Mzk5ODYwMjEyNjM4MYAKA8gLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi03MTA0NTQzODAxNTAwOTY4&sigh=DKmFOcqhP74&tpd=AGWhJmsQBL9LWwZExRdpGjbF4n-A1rIujY_ZoCUskxq3WpFbnQ
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DD6A
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

45ms
28ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date: Thu, 11 Mar 2021 21:57:17 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF15 0
224 B 40ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030901&jk=2615483695586642&bg=!HR6lHl3NAAUO7zDoDjsAKQB2-Dxa6vicrZawSrbZKIk4mvH-u4autCdERe-ctzARO_2E6OETxkAbAgAAAIdSAAAAGGgBB5kCPluVMYwOUiYKDzVbn2PTV30XLp7kbOOqU6Y0Y9zvaPTQW5g4UtFNhrzypeCNdkrLYJpBluMaLRyxaY_mcFQYVTbvluymMD_7oPDpmegBp4nGOnefsqfuotC13OZCMsr5TfMjNmsPaE_M7Bl6DWOsPfi3oGlOe5hZ8AlEUMQ7e-IJ-VSpat-VSzlPSMAyIdLGQ6J9ClWTTfyVX30pzlpaT6hY3UbZWWfkx7szm8ZtJhYYBmqTCtJUXHg20PqIYhlqsfd21mOBh8a35b8OHg5e0KLHg5BqvNPttxXe7VRXn79wWgQT5iKhCMULOl38BWNQL4raOQilIn9ienjablFlkfw9DlvGWb8zMJIOhjVazrz4_uqgZVg442T6GIs1-LVFDKWXq55jhBRg2RTrD7Q1LOT48xWu827LcS7NGZCI9jUWY-_AXBMcMwOOTEGuuvoLjDxPhK6cdJvgTAufsXmPex9VhVPUaveq4fIfYlP9jkDqwWgbsH5yyAOat8KqtdxXoZ_Byk_FamkC_VhYVxDBUTlHyow4d7sVq3up0cru_EE4L6P6L9Cuuiz_f3Nw3t5dklPZape4Hddi6mc_x2m193RGmRIRu55mclKU7gjlHEhrehlTSIUfRpF8IIqYaTcFjcZxx_BK6ApRSuF0amuQ8ulJ7a6Fosuo2FW5hGW_o3j9Zt0YQuFFRga6LPNp_KaCOmIVbDEzKW2wu1bzS6RlmD5KgoxMaoKB51a7Z1REF8Xi6rIVpvlffW3VeFn2WTU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030801&jk=4045769604238516&bg=!pKelp-TNAAUO7zDoDjsAKQB2-Dxav2R-7CWYsuzzcwOJ4y6ic9RTdE2948JhU7ivpxIrbuv9AzFvAgAAAJNSAAAAEmgBBwoA8PuBV6eylAx7lycnI-Xm7Z-M5wxMPPgDgAxAvbdo6aik6LNR1Mx7eM_75fEg0ne-LUWVoH2uAezQskO44jWShLo5FAtPBr56bpPc05bzdJcUmb-Lr-jc5TCTFtaPmTFpYxzAlpCYxFS5uXLAnMSLRBWjP64Vv2qwWHFRipD4VIeIF1rU1HMjqiELEygYfDXdoFd9RZOl7qQebAAZ54b8bm5fTlTvFAZycmDHyAQ1YLcaRtnMnG7dXCJ90Y-i5NlnPDHEVs43pnAEYmWsofmF5Sif97uqPuxcNwQdNU6kGngHAY-BR_zV7X8jOzn43q19XpkCOeMN5dTldwyVS2k8HvJO4Cm3sdOCkt4m6ydnAMcS5_hVU6HIQLNpuCIdhs9qKhVkAwwdkMJBwU4waIlWCU3U9WRGKVUMNbJK_f-dMcDwt7OxgixIEveabTnfTBYBpyBIPFAxfXP2OkoFjwrBBEG3J0jq7kJ7dEYZ_2GX_T3W-9RIR993-yn0VL9JTQlhYY2gpcb0RH32xALADqp-cIuS2CFdLqIvTdYZPc0DgPZNCjDsbFML6JonTe0cvWmHNYj9261ixNwnmfCEj_w0pMvs2qox-4ktlBsbsgdCdkbB4krkU2xd4LmyteKUaZqAodUPGZHuMy_T1lhFJpOxUT_ICZcAR3QQj-i_FDr7xepR60rng34dzjybVwC0iXjrL7NIgTpCFR0Tm-jEdNMLPOFx0T9S1xFBAoqZ6rvxd1rWAGItNmNvJYRCeiXuQubPdgnYm_bCvJgRWfwjGWN-0Xez5SJziQuQJsaigqCZp1CLOi8zrI7cObRzFcaG7Bk_Eeh1tDZdC8f8BWG5Vxq_JwmBheHmEhwo3PsovtlzQRLZjQ5XsLrvl0_x5oGKEPE0l53Su2H4_v1yR_fMdwLOMtrLX4FBE8uzt9xBMQgTHdyigNNKXiHmXPiU_1xAe5AD0TEMtKC-XGs7k7Gw32WEEnddjfmnMkh-e7MsiGxBLm01n3L-wjCc_sE_zQyqEQJ9hRhd0QtHcd_-4SjbVktjoYNySgmUzwsJDTTOHABW6bqLB556xuMtuKL47YKm

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 838A 185 KB
53 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108728
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 838A 12 KB
4 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108728
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 838A 87 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108728
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 838A 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108728
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 838A 40 KB
13 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 108728
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 15:45:09 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 838A 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 48860
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 838A 295 B
320 B 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 10 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 81146
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 11 Mar 2021 23:24:51 GMT

GET
DATA 200
OK truncated
/ Frame 838A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41dfbef7de08d848e86e69457d20689afbb1908769b44f8277cbd6be8f178783

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 11580760774358661212
tpc.googlesyndication.com/simgad/ Frame 838A 19 KB
19 KB 12ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11580760774358661212?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qllrqK9WguSw9AtHhavnj0AYmOy0Q

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2012782acacdd581e1bf90c4ea7457003b2adfeb03f420e7fdc6d7eec6ec9767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 09:01:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Apr 2020 23:54:26 GMT
server: sffe
age: 564967
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19205
x-xss-protection: 0
expires: Sat, 05 Mar 2022 09:01:10 GMT

GET
H3-Q050

200

B23768030.267046038;dc_pre=CIG4zu-dqe8CFcw14AodLygPPQ;dc_trk_aid=461813830;dc_trk_cid=106332843;ord=250625561;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame 838A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046038;dc_trk_aid=461813830;dc_trk_cid=106332843;ord=250625561;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046038;dc_pre=CIG4zu-dqe8CFcw14AodLygPPQ;dc_trk_aid=461813830;dc_trk_cid=106332843;ord=250625561;dc_lat=;dc_rdid=;tag_...

42 B
65 B

40ms
40ms

Image
image/gif

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046038;dc_pre=CIG4zu-dqe8CFcw14AodLygPPQ;dc_trk_aid=461813830;dc_trk_cid=106332843;ord=250625561;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23768030.267046038;dc_pre=CIG4zu-dqe8CFcw14AodLygPPQ;dc_trk_aid=461813830;dc_trk_cid=106332843;ord=250625561;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 838A 0
0 58ms
57ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkrbUPZJKYMP3CISlrASb66PADPWRtOJh2KGDh6QLn6m8uaUdEAEgrILWI2CRhJOF_BegAe_1jtsDyAEC4AIAqAMByAMIqgSLAk_Q3kIERCKzPI9afKhikHMXT3PMZwGfEsqioZ6tJ3XzOjV877rzk5wAtWPfFcpiAIJz9IMzliMRTia-rTbfcZYej1NMQImA0u6QWIugKdDkVfapGc7XA9264jZ4vln_5h4jrHONwgOC-VzH8YX3fALgJK2X2ETyMz1vvwkkECgENVfdQnl2zPNjnasdxotlpzQRi1KZLzsogykQKVCB17rlcySPZXLdxhZQK2SE7ii6l38Mze5l-pa2QxE5FwBDyY2rbqFLnvot74mJclgATD-K5PXUxEdwul8M56aXBXqDOQSQPmaw4Ht-qsTPwYGJePSixHQHiG9myDc2YQi03-OcmIYtz9_m2Q6mSsAEk8m34eAB4AQBkgUECAQYAZIFBAgFGASgBgKAB562mymoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQpf8H0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi01NTUzOTk4NjAyMTI2MzgxgAoDyAsB2BMMshcaChgIABIUcHViLTcxMDQ1NDM4MDE1MDA5Njg&sigh=MdoFOutnH3s&tpd=AGWhJmsszhjJYp3TrAcKWv4lym5wfKQ6x2ev62q_7PId9zZ95g
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 838A
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date: Thu, 11 Mar 2021 21:57:17 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5912 42 B
94 B 49ms
48ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH8PEFP2cr8e-oGr0ERd6ERE9cQaQyIhYugwJDn1omX-oLIHXjXoabiVSnKLoKu2zgtjJ36Da9Nh6j8i9tsXxTvVfH7LLGxL6D9gt8j7by6x-692X0DN8HRhC2QyRCyDOiaStDId_0C77e0FabD-7LcQ&sai=AMfl-YRbfX5vkM_fsWuqMW-NHAcABMSjgtMDnSUzAhizmfkcyEoBjNA5JC1s0hbnP4CLHYiENXJGJJ6D9i8q6T76B_ceoHwSPGpizJkmNb_tYfa6hJ7LrUhybkdtXig0Iym2&sig=Cg0ArKJSzKwn_DA5E4HLEAE&cid=CAASPeRoo_QajhhMKkHL7CweMWM1B9B07vOhR9ZJrisekA__3im-BTbsPTz-sfPZpT2py9Joe3yq8ZOK8zwKGJI&id=ampim&o=1053,515&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=130&tls=1130&g=100&h=100&tt=1130&r=v&avms=ampa&adk=3764156134

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EFFA 42 B
66 B 51ms
51ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvWCBztL5zaiVFkzBt1EoNWGDqKEPnhziODDhPfPdh9meUGwmX9YvjClmPNnID89KBRLoY9r8nw7QpwRtoCM_6gVxh7H0uOaHMxvZ5MRM-5F1RUdA860TgHbGvYBNbVv0tC2I5tjPIH5tVtS6tZyS_5A&sai=AMfl-YRLOIuXEzqdVrlE0pHbNSoutOQUxRzIWbhu5CgBghrSX4mLK8KIQowDcVN-sEy9IMYskC3y8qDhrAe4WTSQIQB27kd84RyD-jTMZ2XP7lkLu0xkJ6jd2pVm7mtsUYqA&sig=Cg0ArKJSzDFG13SGs51bEAE&cid=CAASPeRoMt1EX9csdeuCdYCEblsJ6SioS9iXrA_I_kN2aEXKGD4-E68_sRXxeLjMcjWfaWfcko0oA4bbt2pQY8k&id=ampim&o=1300,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=125&tls=1125&g=100&h=100&tt=1126&r=v&avms=ampa&adk=797010950

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DD6A 42 B
66 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuH8jfnhbJXTKdjxK5fcMWd658XZH-xCISJNdbsmfnJJPDPek-eCJ9AjaIYCdIzSpjqRLl3-dD9FdvutbCQUu_pucw9UBhW1XUidPLEYdaI_4IqZJDP9nmORPQ0nQ&sai=AMfl-YRkFbOfgyfi7OAPZ5vqMe8gzu9AgAyD3F_yizVU9zu_1T3hHzmWeC_OMRXbpyfrFuvlwajw0R92uPFRPLLkBfm0ozDBZEkRztu7Vmtxt9kiwfaCzoF7hFU0uhKx4fIY&sig=Cg0ArKJSzFPLlRA9TaUPEAE&cid=CAASPeRoY26G72NJUSpcZZPMFi-7zHa9Mljz_ZNT6UK8jy6tZ6E7Yj1Dv83naP04RbA2G5c5GXWJqNfu3W_c00w&id=ampim&o=315,132&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=102&tls=1102&g=100&h=100&tt=1103&r=v&avms=ampa&adk=3552192187

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 21:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.soothingnature.xyz/	1970-01-19 16:44:59	Name: _gat_gtag_UA_155207744_1 Value: 1
.soothingnature.xyz/	1970-01-19 16:46:26	Name: _gid Value: GA1.2.1474766282.1615499836
.soothingnature.xyz/	1970-01-19 16:44:59	Name: _gat_gtag_UA_164836676_23 Value: 1
.soothingnature.xyz/	1970-01-20 10:16:11	Name: _ga Value: GA1.2.715064784.1615499836

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw(Line 195) Message: IP INFORMATION: Country is NL, continent is EU
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
console-api	info	URL: https://cdn.ampproject.org/rtv/022101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 http://soothingnature.xyz/shipwreck-of-the-eduard-bohlen-skeleton-coast-namibia/1?fbclid=IwAR1wgQ5F_PO3z9QAGvsen-FdUIhogKPqCJF-at59O6NrCsWEbzUPICqbCmw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';script-src * data: blob: 'unsafe-inline' 'unsafe-eval';connect-src * data: blob:;img-src * data: blob: 'unsafe-inline';frame-src * data: blob:;style-src * data: blob: 'unsafe-inline';font-src * data: blob: 'unsafe-inline'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

313d67892522dea6bbeb96445f570ff0.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.nl
apis.google.com
cdn.ampproject.org
cdn.webeyo.com
connect.facebook.net
f8a72fbfbceabcfe4532f5a25ecff0b3.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
platform.twitter.com
revenueflex.com
securepubads.g.doubleclick.net
soothingnature.xyz
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.8
142.250.185.230
142.250.186.130
151.101.12.157
2a00:1450:4001:800::2001
2a00:1450:4001:801::2001
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:803::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.38.29.222
54.38.29.224
01d73d4fb74d8cb06e529ef9c4906273bf3bca9a2fe08f9fb89d151c96424caa
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
116b908a4a5a0f35e61a0c6fc57e4dff9665e303925d6f6fb5c601de803fe302
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1c09839d31f2ec4425b62593c5190e931a8d35c79bd434d1c8b1f0d6504a30c2
2012782acacdd581e1bf90c4ea7457003b2adfeb03f420e7fdc6d7eec6ec9767
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
27b763b49fef2eed192f42812ac3719530206dc5baf4b0da3522a409b9663fdc
29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2d1a347ee49da4f14098d5886764b09728cf871c106f194663ff0043f49f2df8
3325c89837d4cdb9d91443e8e6ccddc4d15ecb7e5861870c93e9f03620cde865
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39fcb4a98d2e61d57bb930252d1037341cf4b1795b19f87c7731fb64bd8913a7
3bd64028a852a8e241b42780a7e47853b89f9d3e6b26a9cb765472dd618f3152
3e133b6d1abfc3e20cb161214a191fbec56c9aa3ec0b67192a0a229c847cef5a
3f50a88e11634a8d9388a5de4c8afed67644ee4e2186e3e67ef1425bf5ea21d7
405412293499abe57f1ba4dcf415f89d19dfa0ff3cfff77f390fb9c9c1d06664
40f5aa2973b4c98992a7b0d6dcf83c278e725f1bebbed36eda290cc4d4d75616
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
41dfbef7de08d848e86e69457d20689afbb1908769b44f8277cbd6be8f178783
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
493befd53016ea88790904d416ede42c0faa38034db61a195bcbde681ffa8ffd
495a137355084bca8aaa6127ac1edd1eadcd55242f10dd8909b9e9f652649fb8
4967624b996e927f25c959c7d920f99f8544c7b2b17b1b55683d304250aa8de3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b68ac5bebfad97e8eeb6faa468a74da58d90a0055d7226170090ad94651e367
4f24994cf474ab631f0048cd64efa084cc8e53b9bbd0c97d67f66389e7f0f806
51f6db1b46a265c22e6383ef24c9e7451e34feec809286a6ab221f4b61890c8d
53289e1a71214b69ca525027cd3da05240adedc67b33a836c12084fe8db687de
597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748
5d1d49e4e90ada5aa7aa20eba93eac6951c03e8207aeb9ae4332e82f2af8433c
5df547860d495d1b54ba7a44059e8413f4010a6dd111b6a0d40803665852ed70
61a9bdf7f3dfd41e90c1562cc87692d45863c91e418410d4b746061bb699e8d3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fe45a531ea63f33b80acc5201a2719740af6dbb789fbd7248e6c0c540881b46
752384965c9820183a08c77c9a12567f7be4eaa4f898646f37db0c21cbce67ef
7e1150dbc4124a8d6dfa07c66f475f2fa4064a33c888474c73427bc3b49e09d8
7eab423f0008a1b0fb56d3a0112959570b9dee431055f89b4e24c5a734d88a06
7fc370fea60a7ea1641e2bed0546b15bb05a54e76827f0213eb146e006009051
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8042e8b3c2ad74be9e630b505c4be83f2381d5857f8bac2b162371f460df4584
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833fa1d44717aa72f2fee9076562b2a65357a12b69ed89e214b62c55b4f3b377
84c9b7fb37ffcb48f3013d74e9873a134c75422d94cd1195fb5968a3b8fc4683
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90cda15548b9090de55518997b49c6e4f4998cd7464b1b73aeb5c18649ed23c9
9220439615e1c2ad633b1f760f50826d858acf491cbddebca9409fa2641be0d0
9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d
96f34ba001f3b0cf6952d34d42ba65af05985ff17d72bd86c419ae139d74a7b4
97d03f0364ee71256d492e6abad11ff53f0bf177b6476ac4645ea1b045f1f743
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
987669319ec0c90d673d63e70e73c289cfa5559cd4c9b8f4676dcda06b93ba10
996c38dfd50343733c3d483cfb5cff15e6b62bd6afee993cde8491dfbd0edb05
9e797b9e6fd24e5a7da5feec0388488fc247be90c6f81c9a50ee96771554c5ac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad4e5ff5ef04d11a6a244e3c224128e41676a5a218df0735cbae7eb1043dc9d8
afe9ce5d3021003cdd2e6a7ae73a9d8c379f6ef4539a32f91c04689a88d6664c
b395ec4964eaea12636df05446d2b869fc711b7cf7cd630cd7bce422c954aaaf
baa716e3959a0c9070ea164fa9c182fe968a3e87da6b20fa5f811e6f7ffce330
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf0fe03c87f2f93b4d7951b15deb5e0ff7bfc2f026bbb2608070670a16a201ca
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c4f59f99d03c73402b4cb57ac7dc1145281efb17ab2905bb04e0ba82287a6d8e
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
cb7e35de497f5e9f191cd0f2ce4c3b8de9cbf6520a4d847d3601b82b2d5596dc
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cedb3907578c701df3af4719fca3d463b317c193e493d1a292771ecc44322ed2
cf36c2a91f108e0eb00d5d2f09de162b72da38a46bca7e80eb13f53aabac4d70
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d97cf34572c387b7dabd395101ef0c8fca4eabd9a8f35a5806560f1ceb0ac10e
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dd7fb78dca3c6a5786452b9c5ac0d3db9a0eac1e73caa95bb0ec55f9b900d945
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e089d43d8479a676e8ef5be4b69086a6df178f596e29cf043e0b96702205cca5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3522d9333b2cdd527954ada1896f8e6360e51f6ec1ba582765cb24d9232291
ec9854c13dcfe382d5bfec2cffc993e76957715ebca2da182ff40f48f3b66e29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21cc4285df8ecb724605ce4a6928b89404fc611db75b2ff881f57ef92964afb
f85348f16f773be0593f6964a88ae226c85683d2fd9802c859ce1bf0fda027c1
f979879c9b455084a15934eb8c1fe0ffd2266e94d1e5b07510652c86ca8fbe5e
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fb37f11a0fd421aefbde1ca6f2649dce95e4d3395559a07ed5bef578220c928a
fe5b077266064c583e1416d6c07aae2541ece9774826ca5c0359bab12d883ef9

soothingnature.xyz Open in urlscan Pro 54.38.29.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

146 Requests

89 %HTTPS

77 %IPv6

16 Domains

25 Subdomains

27 IPs

4 Countries

2582 kBTransfer

7328 kBSize

4 Cookies

1 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

soothingnature.xyz Open in urlscan Pro
54.38.29.222 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

89 %
HTTPS

77 %
IPv6

16
Domains

25
Subdomains

27
IPs

4
Countries

2582 kB
Transfer

7328 kB
Size

4
Cookies

146 HTTP transactions
6 data transactions