ombra.net Open in urlscan Pro
3.229.206.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ombra.net/
Effective URL:
https://ombra.net/
Submission: On July 25 via api (July 25th 2021, 11:34:26 pm UTC) from KR

Summary HTTP 111 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 111 HTTP transactions. The main IP is 3.229.206.229, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ombra.net.
TLS certificate: Issued by R3 on July 13th 2021. Valid for: 3 months.

This is the only time ombra.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	3.229.206.229 3.229.206.229	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	148.66.138.190 148.66.138.190	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
111	15

42 3.229.206.229 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-206-229.compute-1.amazonaws.com

ombra.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
venicexplorer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.66.138.190 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

www.veneziadoc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.72 (Bottrop, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	venicexplorer.net venicexplorer.net	1 MB
37	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	243 KB
13	ampproject.org cdn.ampproject.org	241 KB
6	doubleclick.net googleads.g.doubleclick.net	45 KB
4	ombra.net 1 redirects ombra.net	56 KB
3	google.com adservice.google.com www.google.com	1 KB
2	exactag.com m.exactag.com	2 KB
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com ssl.google-analytics.com	7 KB
2	veneziadoc.net www.veneziadoc.net	58 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	655 B
111	12

	Domain	Requested by
38	venicexplorer.net	ombra.net
27	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
10	pagead2.googlesyndication.com	ombra.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ombra.net	1 redirects ombra.net
2	m.exactag.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.veneziadoc.net	ombra.net
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ssl.google-analytics.com	ombra.net
1	www.google-analytics.com	ombra.net
111	15

This site contains links to these domains. Also see Links.

Domain
prod.venicexplorer.com
venicexplorer.net
hotels.venicexplorer.net
venice-ads.venicexplorer.net
restaurants.venicexplorer.net
shops.venicexplorer.net
bars.venicexplorer.net
maps.venicexplorer.net
www.veneziadoc.net
wallpaper.venicexplorer.net
cultura.venicexplorer.net
charas-project.net
almanacco.venicexplorer.net
www.tibowdesign.com
www.aseguso.com
www.serenissima-weddings.com
www.venezialog.net
hotdot.biz

Subject Issuer	Validity	Valid
hotels-in-venice.info R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
veneziadoc.tibowindia.com veneziadoc.tibowindia.com	`2021-02-25` - `2022-02-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://ombra.net/
Frame ID: 8F845D1EDD5D2D8C5E5F685C4128906C
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627256043&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043504&bpp=12&bdt=63&idt=108&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=6213896033543&frm=20&pv=2&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=76ReB6H7cy&p=https%3A//ombra.net&dtd=128
Frame ID: B03FCF4239CBB49A7A887FEA62682A83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627256043&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043531&bpp=5&bdt=90&idt=107&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fipvdj7mlm&p=https%3A//ombra.net&dtd=109
Frame ID: 6C421716209F4B54B7D6110E08FA93BB
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 93636C3B08AFC596C4C2EF286C6EE4BD
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: D0593FDC5EA7093C66E5722756B1AC3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&adk=1812271804&adf=3025194257&lmt=1627256046&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fombra.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256046875&bpp=1&bdt=3435&idt=2&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35dc86809fa2f322-227392b08bc8006d%3AT%3D1627256043%3ART%3D1627256043%3AS%3DALNI_MZkTjN_I1ma9jeK_CgR-45QlVE2ng&prev_fmts=120x600_as%2C300x250_as&nras=1&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&psts=AGkb-H9-wDru1qYxnS4jWRRZ9pmKp5S22eLgNZHS6zNgCytNUZSU9QWqVjoLy5Gl_vz-nFRcdx0pC_nlf8g&pvsid=3986478090909448&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=19
Frame ID: 09FFC9C9E4272A75FEFF64C3755E9B8C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A5B6DB7F3ADD55B9E88C58DD7062971C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2C7DC9F93960F3FB961D1F45E9DD196
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ombra.net/ HTTP 301
https://ombra.net/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

111
Requests

97 %
HTTPS

71 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

2121 kB
Transfer

3562 kB
Size

7
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://prod.venicexplorer.com/
Title:

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/index.php?hlangs=en

Search URL Search Domain Scan URL

URL: https://hotels.venicexplorer.net/index.php?hlangs=en
Title: Venice Hotels

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/tradizione/tradizione.php?hlangs=en
Title: Venice History

Search URL Search Domain Scan URL

URL: https://venice-ads.venicexplorer.net/index.php?modulo=calendar_viewsection&lang=en&places_id=1&lang=en
Title: Venice Events

Search URL Search Domain Scan URL

URL: https://restaurants.venicexplorer.net/index.php?hlangs=en
Title: Venice Restaurants

Search URL Search Domain Scan URL

URL: https://shops.venicexplorer.net/index.php?hlangs=en
Title: Venice Shops

Search URL Search Domain Scan URL

URL: https://bars.venicexplorer.net/index.php?hlangs=en
Title: Venice Bars

Search URL Search Domain Scan URL

URL: https://maps.venicexplorer.net/maps.php?hlangs=en
Title: Venice Map

Search URL Search Domain Scan URL

URL: https://maps.venicexplorer.net/venice-mapquest/index.php?hlangs=en&luogo_id=&src_module=civici_gps
Title: Venice Civic Number

Search URL Search Domain Scan URL

URL: https://maps.venicexplorer.net/venice-mapquest/index.php?hlangs=en&luogo_id=&src_module=strade_gps
Title: Venice Street Guide

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/servizi/trasporti/toc.php?hlangs=en
Title: Venice Transport

Search URL Search Domain Scan URL

URL: https://maps.venicexplorer.net/venice-mapquest/index.php?hlangs=en&luogo_id=&src_module=turni_farmacie
Title: Venice Pharmacy

Search URL Search Domain Scan URL

URL: https://maps.venicexplorer.net/venice-mapquest/index.php?hlangs=en&luogo_id=&src_module=esercizi
Title: Other Searches

Search URL Search Domain Scan URL

URL: https://www.veneziadoc.net/index.php?hlangs=en
Title: VeneziaDoc

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/observer/index.php
Title: Venice ObServer

Search URL Search Domain Scan URL

URL: https://www.veneziadoc.net/venezialog/index.php
Title: Venice Forum

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/artit/mnr/index.html
Title: Art & Music

Search URL Search Domain Scan URL

URL: https://wallpaper.venicexplorer.net/index.php?hlangs=en
Title: Wallpapers & Photos

Search URL Search Domain Scan URL

URL: https://cultura.venicexplorer.net/index.php?hlangs=en
Title: Venice Culture

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/linkpage/index.php?hlangs=en
Title: VeniceXplorer Links

Search URL Search Domain Scan URL

URL: https://charas-project.net/
Title: Charas Project

Search URL Search Domain Scan URL

URL: https://almanacco.venicexplorer.net/
Title: VeniceHistoryAlmanac day by dayin Venice

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/indexfast.php?hlangs=en

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/map_download/index.php?hlangs=en
Title:

Search URL Search Domain Scan URL

URL: http://almanacco.venicexplorer.net/index.php?hlangs=en&modulo=dates&anno=0&giorno=25&mese=7
Title: VENICE, 25 07 1282: Ordinata la chiusura a chiave del ponte di Rialto durante la notte. --->>

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/venice_weather.php?hlangs=en
Title: Venice weather and tide forecast

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/tradizione/barche.php?hlangs=en
Title: Lagoon Boats

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/tradizione/cucina-veneziana/index.php?hlangs=en
Title: Venetian Cuisine Recipes

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/carnevale-di-venezia/index.php?hlangs=en
Title: The Venice Carnival

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1661

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1654

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1652

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/venice-guide/index.php?hlangs=en
Title: Venice Guide to Main Places of Interest

Search URL Search Domain Scan URL

URL: http://www.tibowdesign.com/LandingVX.php?hlangs=en

Search URL Search Domain Scan URL

URL: http://www.veneziadoc.net/Venezia-Documenti/Madonnina-Esposti-Venezia.pdf
Title: Photopoetry by William Vitali on the Espostiï¿½s Madonna in Venice

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/tradizione/venezia-malvagia.php?hlangs=en
Title: The Defence of Venice by Rev. Reuben Parsons, 1893

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/images/traffico-navi/index.php?hlangs=en
Title: Illustrated page about ship traffic impact on the Port of Venice

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/tradizione/Festa-Madonna-Salute/index.php?hlangs=en
Title: Illustrated page: the Madona de la Salute

Search URL Search Domain Scan URL

URL: http://wallpaper.venicexplorer.net/index.php?hlangs=en
Title: IMAGE BANK

Search URL Search Domain Scan URL

URL: http://wallpaper.venicexplorer.net/wall.php?hlangs=en&cat=venezia
Title: Venice Images

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/venice-images/index.php
Title: VENICE IMAGESa pictorial photo gallery

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/artit/wall/download.php?img=&cat=&aut=&subj=

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1665
Title: bicoura

Search URL Search Domain Scan URL

URL: http://www.aseguso.com/

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/tradizione/barche.htm
Title: her boats

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/phpbb/index.php
Title: forums

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/phpbb/posting.php?mode=reply&t=2
Title: guest book

Search URL Search Domain Scan URL

URL: http://www.serenissima-weddings.com/
Title: Weddings in Venice, Italy. Organization of civil wedding in Venice and the Veneto, religious weddings, beautiful symbolic wedding ceremonies in Venitian gondola and palaces, marriage proposals, parties etc.

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1649

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1648

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1647

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1646

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1645

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1644

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1643

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1642

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php
Title: ObServer

Search URL Search Domain Scan URL

URL: https://www.veneziadoc.net/index_1.php
Title: VeneziaDoc

Search URL Search Domain Scan URL

URL: http://www.veneziadoc.net/Storia-di-Venezia/sommario-storia-venezia.php
Title: Collection of essays and sources to enlighten the History of the Republic of Venice

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/tradizione/tradizione.php?hlangs=en
Title: Collection of Traditional tales and Curiosities about Venice

Search URL Search Domain Scan URL

URL: http://www.venezialog.net/
Title: WordPress Venetian Blog

Search URL Search Domain Scan URL

URL: https://venicexplorer.net/observer/images/maree-venezia-2009/index.php?hlangs=en
Title: has been published in ObServer

Search URL Search Domain Scan URL

URL: http://www.veneziadoc.net/ourvenice/Venezia_gessificazione/docs/venice-tide-2009_screen.pdf

Search URL Search Domain Scan URL

URL: http://www.veneziadoc.net/ourvenice/Venezia_gessificazione/docs/venice-tide-2009_print.pdf
Title: Printable Version 8,3 mb

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/observer/index.php?modulo=view_article&articolo_id=1529
Title: Storia Morale di Venezia Ebook 100 pagine per comprendere il presente di Venezia

Search URL Search Domain Scan URL

URL: http://www.veneziadoc.net/ourvenice/Venezia_gessificazione/docs/venice-rescue-plan.pdf

Search URL Search Domain Scan URL

URL: http://www.veneziadoc.net/ourvenice/Venezia_gessificazione/docs/opuscolo-orologio-screen.pdf

Search URL Search Domain Scan URL

URL: http://www.veneziadoc.net/ourvenice/Venezia_gessificazione/docs/opuscolo-orologio-print.pdf
Title: Printable Version6,9 mb

Search URL Search Domain Scan URL

URL: http://www.veneziadoc.net/ourvenice/Wang_movie.php?hlangs=en
Title: Interview of WangBo Tao from China Central Television with Umberto Sartori about sulphation and the Venice Public Health Committee

Search URL Search Domain Scan URL

URL: http://hotdot.biz/privacy.php?hlangs=it
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://venicexplorer.net/
Title: venicexplorer.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ombra.net/ HTTP 301
https://ombra.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

111 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ombra.net/
Redirect Chain

http://ombra.net/
https://ombra.net/

52 KB
11 KB

642ms
416ms

Document
text/html

3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx / PHP/5.6.40

Resource Hash

17cd3e71ec18467247201bb1b0511155e8141725b18289bd44c46e3d6e2eec3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ombra.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 10704
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Server: nginx
Date: Sun, 25 Jul 2021 23:34:02 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ombra.net/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK veniceXplorer-advertisement-FINAL.gif
venicexplorer.net/graphics/ 1 MB
1 MB 2924ms
2200ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/veniceXplorer-advertisement-FINAL.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2b486ba3ae86981e895ed4efff98bf514e777855908935d60e093add70e92831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Sun, 09 May 2021 23:51:12 GMT
Server: nginx
ETag: W/"149e39-5c1ee55ff7555"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK close.png
venicexplorer.net/graphics/ 18 KB
18 KB 916ms
115ms Image
image/png 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/close.png

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

200004da5f23d68b91afa306a8cb75d0acfb96843f4f85887e9c8ab8aa914790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 May 2021 11:49:11 GMT
Server: nginx
ETag: W/"463f-5c20c7b84e570"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ombra110.gif
venicexplorer.net/graphics/ 2 KB
3 KB 2843ms
2047ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/ombra110.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6aed91bc3fe363917c20172ada28b8b82661425448cd470b2fbeaade298ba050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:06 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"8e0-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fante_da_mar.gif
venicexplorer.net/graphics/ 3 KB
3 KB 926ms
112ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/fante_da_mar.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

450548c294cc983ee4e3e977990c49ef77a394f7e79fbb6b649018391c3fb19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"b34-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 97 KB
35 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb5d0db4a0e486d673deb8cdb8db8f27e3060f969f7cdd204e0923b0a71c5705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 23:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35374
x-xss-protection: 0
server: cafe
etag: 10446470180555236043
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 23:34:03 GMT

GET
H/1.1 200
OK expflagblk.gif
venicexplorer.net/graphics/ 5 KB
6 KB 935ms
114ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/expflagblk.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f85c28d88553d51870430707e647442e46b1ce4c7f11e99a112d372b02d77a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"1544-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Venezia-flash-ico.gif
venicexplorer.net/graphics/icons/ 2 KB
2 KB 1022ms
109ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/icons/Venezia-flash-ico.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a3ecb97544ccb44fb7452d864111dfd68e7cef43199a2fa5b98b7908258817b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"7b4-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_it.gif
venicexplorer.net/graphics/flags/ 90 B
468 B 299ms
112ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_it.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b690b3d35ce8f81432a157676ae131de0303ce175a651132b0968045a679b4e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"5a-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_gb.gif
venicexplorer.net/graphics/flags/ 114 B
492 B 381ms
108ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_gb.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a06180fb9a5e601584734aa3a1271706147a37cb8697ec2ed8291ea40b5ebe5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"72-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_de.gif
venicexplorer.net/graphics/flags/ 76 B
454 B 399ms
112ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_de.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7be2638e7ce718a8c93bd3291a1bd4c9eafac76dfbdcf4b10af38de6f543643d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"4c-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_fr.gif
venicexplorer.net/graphics/flags/ 90 B
468 B 287ms
112ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_fr.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7e21b98fe8d870cd8e1bbdf4cd1d89ce166d741bc6206a15a238b2bc2f3e7b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"5a-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_hr.gif
venicexplorer.net/graphics/flags/ 103 B
481 B 284ms
112ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_hr.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9052292049e7e31831a874f945df5dc21db5c41d9a4a03b5c52a2237bcabcf25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"67-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_es.gif
venicexplorer.net/graphics/flags/ 96 B
474 B 411ms
111ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_es.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

033fff1b7f4a78b7768d440a6f70199693b0aed118973daac3b9f930b823508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"60-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_cn.gif
venicexplorer.net/graphics/flags/ 64 B
442 B 398ms
108ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_cn.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c076be7ea667da6b951e92af3a78137a5ae5c7de8d55d8a503a14fb239d741f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"40-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_hk.gif
venicexplorer.net/graphics/flags/ 906 B
825 B 490ms
108ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_hk.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3cf1497c74bbd8bdfc2a6075ed9f98fc1c64de227049bac40d63a3bd0d558f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"38a-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_jp.gif
venicexplorer.net/graphics/flags/ 79 B
457 B 381ms
109ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_jp.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bbd74a98ed1c879bfb6ec3f278e8d665f90e938aa8224a0cca484632a9d27c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"4f-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_bn.gif
venicexplorer.net/graphics/flags/ 907 B
977 B 289ms
114ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_bn.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e975ebeee1b07b9ada5f9a893f6245bfbda7248c1fdea28b44a5b0a7a3f27ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"38b-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cw_ve.gif
venicexplorer.net/graphics/flags/ 174 B
552 B 395ms
111ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/flags/cw_ve.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8fcb22108c77c1701ecd0388362c592a7e352eb35f75917fcc69ff3dc926136a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"ae-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1379864387_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
3 KB 502ms
113ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1379864387_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3edb2816c31ea361376b22c49fd66c3f66b17b9bb7c63e59e9a0d032c327aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"b42-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1330868212_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
3 KB 514ms
113ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1330868212_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6d94482014c8932e79da1cf46c2522a8d124a52ad5fe551cea46ec273e9b6386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"a0f-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1320235726_T.jpg
venicexplorer.net/observer/upload_images/ 2 KB
2 KB 497ms
109ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1320235726_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

65486f0d6a4d58d5839bfbdd95a7b482df055c71b18fe0f828f523649c622a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"6b0-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK TiBowVX-en.gif
ombra.net/graphics/banners/ 43 KB
43 KB 126ms
123ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ombra.net/graphics/banners/TiBowVX-en.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

00a83a129d4f23b516c29164ce306e44456e5356edb73ee895504341f7928a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ombra.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://ombra.net/
Connection: keep-alive
Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"abd2-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
venicexplorer.net/artit/wall/foto/serverdir// 0
0 566ms
109ms Image
text/html 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venicexplorer.net/artit/wall/foto/serverdir//
Requested by: Host: ombra.net
URL: https://ombra.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-206-229.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 1591899093_T.jpg
venicexplorer.net/observer/upload_images/ 2 KB
3 KB 689ms
112ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1591899093_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9da55217f32bf8ad4cd86962e78b270fa2cb5e02a2a2d9d78fff6d70855ae02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Jun 2020 18:11:33 GMT
Server: nginx
ETag: W/"937-5a7d2e3f4df40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK archimede_seguso_125en.gif
venicexplorer.net/graphics/banners/ 9 KB
10 KB 552ms
112ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/banners/archimede_seguso_125en.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

285be81bd3483f6abb1daaa8490e47b36f6b4c9e46f20a7c5bf673d428e0223a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"25e1-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1310612396_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 555ms
111ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1310612396_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

10ed43de33a1f55a4030d8153902a8c8fd634c24c169eb47698a66df978f3764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"da0-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1310004415_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 663ms
109ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1310004415_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22d5f818cf25ef0e8668e6fe36f46d8a625151a6d8fae2ca2645b4ec7c24856c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d70-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1309334881_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 575ms
113ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1309334881_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b125d9907777481a0c209af91a87bad75fb81a672c5712429f261bc9a0ce3a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d8b-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1308720401_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 682ms
112ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1308720401_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22d5f818cf25ef0e8668e6fe36f46d8a625151a6d8fae2ca2645b4ec7c24856c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d70-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1308008835_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 587ms
112ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1308008835_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b125d9907777481a0c209af91a87bad75fb81a672c5712429f261bc9a0ce3a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d8b-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1307274145_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 570ms
112ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1307274145_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22d5f818cf25ef0e8668e6fe36f46d8a625151a6d8fae2ca2645b4ec7c24856c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d70-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1306454584_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
4 KB 664ms
108ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1306454584_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b125d9907777481a0c209af91a87bad75fb81a672c5712429f261bc9a0ce3a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:58 GMT
Server: nginx
ETag: W/"d8b-557f8174d4880"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1306043709_T.jpg
venicexplorer.net/observer/upload_images/ 3 KB
3 KB 116ms
111ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/observer/upload_images/1306043709_T.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

54abed1de14de52fcb5435fc5eabd200ecaf46972708fc45d237bfb84e584dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:59 GMT
Server: nginx
ETag: W/"ab9-557f8175c8ac0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 VeneziaLog-logo.jpg
www.veneziadoc.net/Graphic/ 32 KB
32 KB 812ms
262ms Image
image/jpeg 148.66.138.190
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.veneziadoc.net/Graphic/VeneziaLog-logo.jpg
Requested by: Host: ombra.net
URL: https://ombra.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.190 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 5278fdb353821284a1d10295cd3c0682a5e81bb4df2ce4401ad909d1d48d6f20

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 23:34:04 GMT
last-modified: Thu, 25 Feb 2021 04:02:53 GMT
server: Apache
accept-ranges: bytes
etag: "73c04f4-7e41-5bc2139d75009"
content-length: 32321
content-type: image/jpeg

GET
H2 200 maree-cop-en.jpg
www.veneziadoc.net/ourvenice/graphics/ 26 KB
26 KB 804ms
262ms Image
image/jpeg 148.66.138.190
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.veneziadoc.net/ourvenice/graphics/maree-cop-en.jpg
Requested by: Host: ombra.net
URL: https://ombra.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.190 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: fec2ffc602ee5bf9e5132ff977234588ea02e81c59e093fa402f5a1c8f6503f7

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 23:34:04 GMT
last-modified: Thu, 25 Feb 2021 15:02:22 GMT
server: Apache
accept-ranges: bytes
etag: "73c08c9-687e-5bc2a70514ad4"
content-length: 26750
content-type: image/jpeg

GET
H/1.1 200
OK storia-morale-venezia.jpg
venicexplorer.net/graphics/ 25 KB
15 KB 206ms
205ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/storia-morale-venezia.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b13b4cc6eacbad93926be7237270303663b91019ac94fee671a2b126456b26f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"6406-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK opuscolo-cop.jpg
venicexplorer.net/graphics/ 24 KB
11 KB 117ms
117ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/opuscolo-cop.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

47c740101bfcb918940f8d05f62af523c17cc0527d9f32f5706fe51ebdd5eb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"5e4c-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK orologio-mori.jpg
venicexplorer.net/graphics/ 23 KB
13 KB 114ms
114ms Image
image/jpeg 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/orologio-mori.jpg

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a62acc5a85b46fd23fe8e24c8c480d16d79aaead5b1b9ba61a8567fcb0e4bfb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:04 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"5aff-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK venezia_accademia_tr.gif
ombra.net/graphics/ 1 KB
2 KB 301ms
112ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ombra.net/graphics/venezia_accademia_tr.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

413c89cd884b9bf86a36527958103a75ad4d722a547e1246fa6ebc1c71c4fb0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ombra.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://ombra.net/
Connection: keep-alive
Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"4fe-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 urchin.js Show response
www.google-analytics.com/ 22 KB
7 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 01:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 79603
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Sun, 08 Aug 2021 01:27:20 GMT

GET
H/1.1 200
OK navmap3.gif
venicexplorer.net/graphics/ 198 B
576 B 342ms
108ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/navmap3.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

de6889accf5d1391c235c1694525bbfe0aa6988dd757626a651fff72973f7157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"c6-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK navmap-3-v.gif
venicexplorer.net/graphics/ 238 B
616 B 342ms
111ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/navmap-3-v.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9c9910cfd17799bb16300d4064b50f4dfeee96b79f974c4c3a16efa3917c039e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:32 GMT
Server: nginx
ETag: W/"ee-557f815c08e00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 250 KB
93 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-1040989709317155&plah=ombra.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 23:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95151
x-xss-protection: 0
server: cafe
etag: 4826816153601596757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 23:34:03 GMT

GET
H/1.1 200
OK ntwrk_blnk_night.gif
venicexplorer.net/graphics/ 301 B
681 B 507ms
111ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/ntwrk_blnk_night.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

db5db21f3084c268ddab39adf4a24db548c1b7b20e3b72c122bbe0f6d305cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"12d-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK venezia_blu_tr.gif
venicexplorer.net/graphics/ 2 KB
2 KB 493ms
111ms Image
image/gif 3.229.206.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicexplorer.net/graphics/venezia_blu_tr.gif

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

3.229.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-206-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e8d0c61081c2830f503fdd39a557b8a4cbbad6459d6ef3672f2851c8e2f95dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 25 Jul 2021 23:34:03 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2017 12:58:31 GMT
Server: nginx
ETag: W/"87f-557f815b14bc0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
414 B 25ms
6ms Image
image/gif 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1375900987&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Venice&utmhn=ombra.net&utmhid=394652212&utmr=-&utmp=/&utmac=UA-607925-3&utmcc=__utma%3D17388839.1375900987.1627256044.1627256044.1627256044.1%3B%2B__utmz%3D17388839.1627256044.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 04:31:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68534
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 117ms
58ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ombra.net&callback=_gfp_s_&client=pub-1040989709317155

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-1040989709317155&plah=ombra.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0448e6e2f10a45abdf79cf8c161b3546d7d1cb58e9a31b069d811c1f135e8472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 23:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ombra.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 23:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ombra.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 23:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B03F 245 KB
21 KB 430ms
410ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627256043&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043504&bpp=12&bdt=63&idt=108&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=6213896033543&frm=20&pv=2&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=76ReB6H7cy&p=https%3A//ombra.net&dtd=128

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cb0ba61776c1f82bc4968e014988645fa83623828a0cb0ea3db562bc183cec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627256043&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043504&bpp=12&bdt=63&idt=108&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=6213896033543&frm=20&pv=2&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=76ReB6H7cy&p=https%3A//ombra.net&dtd=128
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 25 Jul 2021 23:34:04 GMT
server: cafe
content-length: 20398
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 23:49:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 23:34:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 23:34:03 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039897272555"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Sun, 25 Jul 2021 23:34:03 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C42 167 KB
19 KB 554ms
541ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627256043&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043531&bpp=5&bdt=90&idt=107&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fipvdj7mlm&p=https%3A//ombra.net&dtd=109

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f296edc5f7650740672ae17ad973ca179be8d947b78b9764b19ce2ba3b6bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627256043&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043531&bpp=5&bdt=90&idt=107&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fipvdj7mlm&p=https%3A//ombra.net&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 25 Jul 2021 23:34:04 GMT
server: cafe
content-length: 19287
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 23:49:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 25 Jul 2021 23:34:04 GMT
cache-control: private

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame 9363 188 KB
55 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627256043&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043504&bpp=12&bdt=63&idt=108&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=6213896033543&frm=20&pv=2&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=76ReB6H7cy&p=https%3A//ombra.net&dtd=128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9363 13 KB
5 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9363 87 KB
27 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9363 71 KB
16 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 541505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16734
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b05480813bd9b7e9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9363 4 KB
2 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 9363 40 KB
13 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
DATA 200
OK truncated
/ Frame 9363 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c13688f519a33fd5a4f3d1152b8da0b1a4ed2bcc47d23d8c4d94ec8a6ac20e2e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 txt1.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 1 KB
1 KB 35ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/txt1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d770f67339711ab85aa0c6768c825e58c6a772b831db31507a67f0844a916bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:01:28 GMT
x-content-type-options: nosniff
age: 523956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:01:28 GMT

GET
H2 200 txt2.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 1 KB
1 KB 34ms
12ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/txt2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43b25f104e87708adfbf2453f40db643d75008736158d893a0ec84264c7b45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 09:47:11 GMT
x-content-type-options: nosniff
age: 481613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1037
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 09:47:11 GMT

GET
H2 200 txt3.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 1 KB
1 KB 33ms
12ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/txt3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6c15f3846c92e0a5450d7230512206ee7d3b34868f6ebf0faba82f3463f614f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 03:41:33 GMT
x-content-type-options: nosniff
age: 503551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1025
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:41:33 GMT

GET
H2 200 puls.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 259 B
350 B 34ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/puls.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80936d79a0930407c23166df7555392a95caa1bc7d830f6cb51f408905134de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:03:35 GMT
x-content-type-options: nosniff
age: 502229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 04:03:35 GMT

GET
H2 200 txt4.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 971 B
1 KB 33ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/txt4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37b6f7bb7b837cc860e2360882620cf5ccde96facd6858b39164ed3676ae45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 03:42:06 GMT
x-content-type-options: nosniff
age: 503518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 971
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:42:06 GMT

GET
H3-29 200 txt5.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 875 B
900 B 32ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/txt5.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d3f8a770b4cf97cc25e59e904a88da369899cabfe36b8b139c5880a954318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 05:28:10 GMT
x-content-type-options: nosniff
age: 497154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:28:10 GMT

GET
H3-29 200 txt6.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 1 KB
1 KB 30ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/txt6.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d99497aca4af7b3b738e9e0e8aae596a21fa19c1cde6f9850195e2d223d29da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 11:16:44 GMT
x-content-type-options: nosniff
age: 476240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1174
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 11:16:44 GMT

GET
H2 200 preisButt.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 5 KB
5 KB 24ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/preisButt.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54bc309e62290950de8229695b40a08a04e355ef78a432f6e712a2c4e7e734d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:01:28 GMT
x-content-type-options: nosniff
age: 523956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4956
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:01:28 GMT

GET
H2 200 ll.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 959 B
1 KB 25ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ll.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f46fa02437228f6dc85a6c49ea52df3b5309291523f2c60edcd24ae89bb6d329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:29:43 GMT
x-content-type-options: nosniff
age: 507861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 959
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 02:29:43 GMT

GET
H3-29 200 CTA.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 1 KB
1 KB 31ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/CTA.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c7069bc2e40a3ba73bb93b7444d516ea0a475971410c5d574d990e139bdf90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 09:37:20 GMT
x-content-type-options: nosniff
age: 482204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 09:37:20 GMT

GET
H2 200 DBx.png
tpc.googlesyndication.com/sadbundle/16290661872706973176/images/ Frame 9363 1 KB
1 KB 25ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16290661872706973176/images/DBx.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b8fe827bd5aec88aa7edc7a82a5e73033fbbd63ac659fe1e9efb0f064c849a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 05:11:57 GMT
x-content-type-options: nosniff
age: 498127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:48:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 05:11:57 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9363 2 KB
3 KB 23ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 28771
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 26 Jul 2021 15:34:33 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9363 295 B
399 B 24ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 39391
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 26 Jul 2021 12:37:33 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 9363 43 B
1 KB 104ms
30ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586214&cb=3484224263

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Bottrop, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 25 Jul 2021 11:34:04 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 25 Jul 2021 23:34:03 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9363 0
21 B 56ms
43ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPwGN6_T9YP7JKLzd7_UPwOK0sAn8kaHIY966qcbsDdLun7WMDhABIPu_sydglQKgAYuuwOQDyAEJqQI14cShLMCzPqgDAcgDCKoErAFP0Bn652TlmUbRj7Hdtf8FD34dfvjX4TuoMUb-8d9WUaE7CS8sI7NXti0cEcz9Fs2e4xLHjsP-EGL-avQS8D5gYaTB_wTPLXyIbJ-BMfPwDPmu8AAkbRqbxW_7yk8ewiWwMAu_-Am-hrLjyCxJa-gjfXftDkR_pphZv5XvXNuPv2xwfGwqfwrcbOobqbRXRbKDbBnO5tv6bFJ8a5F4D8QNrP_7RHYktQBNkZW_wASMz8jTrAOSBQQIBBgBkgUECAUYBKAGLoAH3dG_G6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCN5B_SCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItMTA0MDk4OTcwOTMxNzE1NQ&sigh=l9BBswIgSeE&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627256043&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043504&bpp=12&bdt=63&idt=108&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=6213896033543&frm=20&pv=2&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=76ReB6H7cy&p=https%3A//ombra.net&dtd=128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Jul 2021 23:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 25 Jul 2021 23:34:04 GMT

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012107130206000/ 20 KB
7 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28495ace17fc14af0604185a61e934a94809763e771cbd3d9eb25e3aa46b560a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 541506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "231829aeddfa638c"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:58 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107130206000/ Frame 6C42 188 KB
54 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627256043&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043531&bpp=5&bdt=90&idt=107&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fipvdj7mlm&p=https%3A//ombra.net&dtd=109

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55160
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b724d3ee8cec1601"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 6C42 13 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4795
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "392d0f0d5f27c169"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 6C42 87 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27843
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f120bcb28bbafed0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 6C42 71 KB
16 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-animation-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 541505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16734
x-xss-protection: 0
server: sffe
date: Mon, 19 Jul 2021 17:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b05480813bd9b7e9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 17:08:59 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 6C42 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1658
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6fba3cabb8cd86f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:24:59 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 6C42 40 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 295744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12840
x-xss-protection: 0
server: sffe
date: Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d4edf2414c2591f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 13:25:00 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6C42 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 28771
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 26 Jul 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6C42 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 39391
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 26 Jul 2021 12:37:33 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 6C42 43 B
1 KB 96ms
30ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=11829094681&extCr=115065628556-527621586220&cb=2480483778

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Bottrop, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 25 Jul 2021 11:34:04 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 25 Jul 2021 23:34:03 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6C42 0
17 B 43ms
42ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI5QN6_T9YIrWKLGH7_UPk5-l6AX8kaHIY56zqcbsDcmL5pbOARABIPu_sydglQKgAYuuwOQDyAEJqQI14cShLMCzPqgDAcgDCKoEuAFP0EIpPC85leAOJwnwE1qU2n7Cw3MydDrH-mZS86GBhOi7lgy22RQjpylv5srCxDk-FWfW4ZXZR86MSL2sQEyc50UwosS6-XiRh6eFndM4gyYgon6TTTe9wb2YdYrShmKIpK_fUpM1vJtZ3No_MoDdrZQ3t2dpkTNXWvyIECJXc8pKrAgdhT-uAcZ5sV5GrxArVxAKmE5mAz9OZfqArILr1MCM0mmZ12NZzVm1hmie3_roK_uc_btXwASMz8jTrAOSBQQIBBgBkgUECAUYBKAGLoAH3dG_G6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDQtRDSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItMTA0MDk4OTcwOTMxNzE1NQ&sigh=AgfDfWTCoDU&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627256043&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043531&bpp=5&bdt=90&idt=107&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fipvdj7mlm&p=https%3A//ombra.net&dtd=109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 25 Jul 2021 23:34:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6C42 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91c44efc263b86d3f90e69d67f977a007eef0ac244155940a4e5ed51f08d06c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 txt1.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 2 KB
2 KB 11ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt1.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b159722b91f7663d33ce1f0e95de72389955edfa5a12cfe6c94b6705468ae805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 22:00:29 GMT
x-content-type-options: nosniff
age: 437615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1896
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 22:00:29 GMT

GET
H3-29 200 txt2.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 1 KB
1 KB 11ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93aea7e3c21a5bc34e432149592dfbe6a432f4039a8f93bdb6b43db00b8d40c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 06:48:18 GMT
x-content-type-options: nosniff
age: 492346
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1434
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 06:48:18 GMT

GET
H3-29 200 puls.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 236 B
261 B 11ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/puls.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ca6dd97b62c2f6e9263710d88f9ccb54612bdccd98c08ead481a0347e9a4e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:25:18 GMT
x-content-type-options: nosniff
age: 472126
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:25:18 GMT

GET
H3-29 200 txt3.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 1009 B
1 KB 12ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e3eac1b2c0f5c2d934241ee44a85b4a1a1f3c7c85e05381e2c4b622fe5501d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 11:56:49 GMT
x-content-type-options: nosniff
age: 473835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 11:56:49 GMT

GET
H3-29 200 txt4.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 863 B
888 B 12ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt4.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5189658b1f2daae71ab3b070b6e0b54f412ed79e468c14a1d16c92824a3b2af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:28:19 GMT
x-content-type-options: nosniff
age: 479145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 10:28:19 GMT

GET
H3-29 200 txt5.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 1 KB
1 KB 11ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/txt5.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f50cd1f9a7d3ab95391225b3a8d36eca059105990afdada14ca150953df3f6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:25:18 GMT
x-content-type-options: nosniff
age: 472126
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1373
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:25:18 GMT

GET
H3-29 200 preisButt.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 3 KB
3 KB 11ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/preisButt.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a1c951a818174eaaaf001a306bad640b788f504b3b55a86970c8c49220bdb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:17:09 GMT
x-content-type-options: nosniff
age: 472615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3292
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:17:09 GMT

GET
H3-29 200 ll.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 622 B
647 B 12ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ll.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f69adcb2ca28e3e811ad5b88d7b6d86a68d736c715bca3d4953f0566d1447321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:01:41 GMT
x-content-type-options: nosniff
age: 523943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 622
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:01:41 GMT

GET
H3-29 200 CTA.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 761 B
786 B 12ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/CTA.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8db9f853525deceda9c0749a25a9f2639355d88231b31d6e2b9cc22c206ff41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:01:41 GMT
x-content-type-options: nosniff
age: 523943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 761
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 22:01:41 GMT

GET
H3-29 200 DBx.png
tpc.googlesyndication.com/sadbundle/5793012853004892767/images/ Frame 6C42 946 B
972 B 12ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/5793012853004892767/images/DBx.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7dcbf991e3140883fbb0cea57b778db313c0ee8f57205404257ac98e1aa1444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:54:15 GMT
x-content-type-options: nosniff
age: 470389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 946
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 14:56:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:54:15 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9363 42 B
64 B 72ms
71ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_Dnps-9tvG1DS8UOfubHlwmMKL5Pv9wvJ6Idaf-t68hlkV3RbJU49h46E92FA5qaNufq__bHIVsCOlWwdhYrdOax5HmX0uIBczLh3twlg6zegY-6iWUHfOgUMBQ&sai=AMfl-YRCb55iEwf7vD84kQkEwylIRh1qlACLIfDmJyG99MBxeXvTsHZAWmgxvpcMS9Bd4efU_vfJGgv1-nMe&sig=Cg0ArKJSzDxN_0pG6HsWEAE&id=ampim&o=15,667&d=120,450&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=112&tls=1112&g=100&h=100&tt=1113&r=v&avms=ampa&adk=3382206806

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 23:34:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6C42 42 B
64 B 40ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvh0KuaEVH7s_SF4YxpP7_5VWSU1clYbfTePWtVxx0V9QiWAnxw3cxNnphPbDNx2erJF1QWXSm_LmCUHLP1Mmu9vtdZif6MdSH-EHov0WkkxalrsM6iT7AnHL7HoQ&sai=AMfl-YSvquDCp6x45pioTCQDDGUMu5Nr7inEHJejUx-eKSxE_Bokmmt-3v0cyzpCbpO_uGwMCsHx34_IxGT9&sig=Cg0ArKJSzPcs7CyX12A4EAE&id=ampim&o=430,222&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=89&tls=1090&g=100&h=100&tt=1090&r=v&avms=ampa&adk=543701114

Requested by

Host: ombra.net
URL: https://ombra.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 23:34:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66cdff38cb08f85a490fd345492e61d87b68d490d2dbf6f512e527effbb59d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 23:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49252
x-xss-protection: 0
server: cafe
etag: 16470596267318169622
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 25 Jul 2021 23:34:06 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f8ff232b4daccf59ef2cca58e3fb333027cf2c44411dd46a7643021b0826bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 23:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8516
x-xss-protection: 0

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame D059 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210720/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl_GDvUb8TvV573JqBhP_ZWGE4sp2snCKX4vwA2-mph8uw3nLEtkOTvSgWvB2M; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 25 Jul 2021 01:46:23 GMT
expires: Sun, 08 Aug 2021 01:46:23 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 78463
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fombra.net%2F&tn=DIV&id=overlay-div&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 23:34:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fombra.net%2F&tn=DIV&id=overlay-div&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 23:34:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ombra.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 23:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ombra.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Jul 2021 23:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09FF 2 KB
425 B 74ms
73ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&adk=1812271804&adf=3025194257&lmt=1627256046&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fombra.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256046875&bpp=1&bdt=3435&idt=2&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35dc86809fa2f322-227392b08bc8006d%3AT%3D1627256043%3ART%3D1627256043%3AS%3DALNI_MZkTjN_I1ma9jeK_CgR-45QlVE2ng&prev_fmts=120x600_as%2C300x250_as&nras=1&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&psts=AGkb-H9-wDru1qYxnS4jWRRZ9pmKp5S22eLgNZHS6zNgCytNUZSU9QWqVjoLy5Gl_vz-nFRcdx0pC_nlf8g&pvsid=3986478090909448&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=19

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00e34d050b72c99d6df84c846205c65a5b228d5982200a29c470c6a22a393d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1040989709317155&output=html&adk=1812271804&adf=3025194257&lmt=1627256046&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fombra.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256046875&bpp=1&bdt=3435&idt=2&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3D35dc86809fa2f322-227392b08bc8006d%3AT%3D1627256043%3ART%3D1627256043%3AS%3DALNI_MZkTjN_I1ma9jeK_CgR-45QlVE2ng&prev_fmts=120x600_as%2C300x250_as&nras=1&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&psts=AGkb-H9-wDru1qYxnS4jWRRZ9pmKp5S22eLgNZHS6zNgCytNUZSU9QWqVjoLy5Gl_vz-nFRcdx0pC_nlf8g&pvsid=3986478090909448&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl_GDvUb8TvV573JqBhP_ZWGE4sp2snCKX4vwA2-mph8uw3nLEtkOTvSgWvB2M; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 25 Jul 2021 23:34:06 GMT
server: cafe
content-length: 405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 23:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 25 Jul 2021 23:34:06 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A5B6 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 25 Jul 2021 23:02:23 GMT
expires: Mon, 25 Jul 2022 23:02:23 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F2C7 783 B
813 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

60e2285c771aa1ce7ed3874767534abd97a37c81af89fcdf814f2e66875cb6bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VTsMgGRz3h2Vp2BWgV/waw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ombra.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ombra.net/

Response headers

expires: Sun, 25 Jul 2021 23:34:06 GMT
date: Sun, 25 Jul 2021 23:34:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VTsMgGRz3h2Vp2BWgV/waw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A5B6 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 14:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 14:07:18 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=3986478090909448&bg=!ERKlElbNAAbnC78O5ws7ACkAdvg8WtB8jf5Kb7qUIB7k_zjHYswh3wjxuouropudHIl78j6FSrvGhgIAAABRUgAAAAhoAQcKAMZb1nCQvtlpubIwNMIoZ-sqInvhaukA0QM7GPsVsy3ESrn3oKN4Bdlna7ek2yHZhHE5E8qeQbLCp642kJZW34VM76dtvfU3LyJqKLg2Ga8GOIvWf7LuVVeH3qe1DLmbID6CMYJHS8NuDCQG4zaU1nE9WqRpaiXY7S3Xb03chlT1LwrrYhZyFrcs4kHTQfUeqwLlVFGUv2NxWqDDfZfFWLv0hsls3GZifOTBVF8WxH2id1tL1k0BN3XzOE0l7GGyYtebnBCHQQSZAnHtQWVNRByZw0mgsnkfK4AyGEsrg2fWvVlKQoFhRdLi6aZrtWkvQ5di_R6cNogkqe68T26nyR5xkIB0oO9RKOgdojDHDCeMG1LGdd6nPxZibNbcUb2FuczZNghikOvFCJYGoXvo9OEZ1vpY6nIB6951FVbu1Km9c8yYiZYIGdv7yNNT2cuiRQQzJ83MWsGLlVk0ejegrJf2I-XbvmukXNbYiSNwMDxTVrVqnzE-KUdbeuCrHZMCgJ9wRLWpkoN1RkjmGkeZfP83WKdwqiwGVqob1hZcIEK0GE5HmEYcZl6_9P01OuBbNuEDlOkfJ6Rqbq8-SEc8udNRVYcnZpIRN14LU3INWT7KnSwpOIWDSHgLOWbCPiB9mKc8A7g01zsl3b27t20miKMdM83fL-yLI7OeaOKAVPiHM6g4fbmhQhTyWpxxOuaRaLtTRD3ZvhVkUizyMs9EELsu3BECBoR96wQcBLzQMbaxV0eVfNiOgCxMS1sgHppEMlQIMAZcLHogGeJTJbeMc4jenJyrdmEGDQOSH5RhY6CbGoVERy7-3TrjMe1rkURC5SKsuA_6eOjWZceGWNDCdCVxsWmRj7iDaa77lN5NZQ3lilMtA1WTCj2v5-aGwjEcSkMKjvPf6XTRD51oXA-AzAwgrq_qXTJcBvStk1-qoa_hPE7PoliLwktbw59gGOb-o2xmbMgVsMYDO0FKCn6SVulvErJKI5WDyFzB_IK1z0ybQTSjl5hqexCApfmXcaWiHdKqKRfJn8eMJ1_Uw1-WZToK3bNrqjUJDBA5EZFyebb1ANl-KH1cxQqMKVX1UXsYGYjELOnQaZbyG5um

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ombra.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Jul 2021 23:34:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:00:56	Name: test_cookie Value: CheckForPermission
.ombra.net/	1970-01-20 13:32:08	Name: __utma Value: 17388839.1375900987.1627256044.1627256044.1627256044.1
.ombra.net/	1970-01-20 00:23:44	Name: __utmz Value: 17388839.1627256044.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.ombra.net/	1969-12-31 23:59:59	Name: __utmc Value: 17388839
.doubleclick.net/	1970-01-20 05:22:32	Name: IDE Value: AHWqTUl_GDvUb8TvV573JqBhP_ZWGE4sp2snCKX4vwA2-mph8uw3nLEtkOTvSgWvB2M
.ombra.net/	1970-01-20 05:22:32	Name: __gads Value: ID=35dc86809fa2f322-227392b08bc8006d:T=1627256043:RT=1627256043:S=ALNI_MZkTjN_I1ma9jeK_CgR-45QlVE2ng
.ombra.net/	1970-01-19 20:00:57	Name: __utmb Value: 17388839

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=600&adk=3382206806&adf=1650399913&w=120&lmt=1627256043&ad_type=text_image&format=120x600_as&color_bg=FAFAFA&color_border=FAFAFA&color_link=0000FF&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043504&bpp=12&bdt=63&idt=108&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=6213896033543&frm=20&pv=2&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=76ReB6H7cy&p=https%3A//ombra.net&dtd=128
console-api	info	URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107130206000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1040989709317155&output=html&h=250&adk=543701114&adf=3042083620&w=300&lmt=1627256043&ad_type=text_image&format=300x250_as&color_bg=fafafa&color_border=fafafa&color_link=0000ff&color_text=000033&color_url=0000FF&url=https%3A%2F%2Fombra.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627256043531&bpp=5&bdt=90&idt=107&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_fmts=120x600_as&correlator=6213896033543&frm=20&pv=1&ga_vid=1375900987.1627256044&ga_sid=1627256044&ga_hid=394652212&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=430&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C20211866&oid=3&pvsid=3986478090909448&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fipvdj7mlm&p=https%3A//ombra.net&dtd=109

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
googleads.g.doubleclick.net
m.exactag.com
ombra.net
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.google-analytics.com
tpc.googlesyndication.com
venicexplorer.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.veneziadoc.net
pagead2.googlesyndication.com
142.250.184.226
148.66.138.190
2a00:1450:4001:801::2002
2a00:1450:4001:802::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
3.229.206.229
85.14.248.72
00a83a129d4f23b516c29164ce306e44456e5356edb73ee895504341f7928a77
033fff1b7f4a78b7768d440a6f70199693b0aed118973daac3b9f930b823508f
0448e6e2f10a45abdf79cf8c161b3546d7d1cb58e9a31b069d811c1f135e8472
10ed43de33a1f55a4030d8153902a8c8fd634c24c169eb47698a66df978f3764
17cd3e71ec18467247201bb1b0511155e8141725b18289bd44c46e3d6e2eec3c
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
1cb0ba61776c1f82bc4968e014988645fa83623828a0cb0ea3db562bc183cec9
200004da5f23d68b91afa306a8cb75d0acfb96843f4f85887e9c8ab8aa914790
22d5f818cf25ef0e8668e6fe36f46d8a625151a6d8fae2ca2645b4ec7c24856c
22f296edc5f7650740672ae17ad973ca179be8d947b78b9764b19ce2ba3b6bba
26b8fe827bd5aec88aa7edc7a82a5e73033fbbd63ac659fe1e9efb0f064c849a
28495ace17fc14af0604185a61e934a94809763e771cbd3d9eb25e3aa46b560a
285be81bd3483f6abb1daaa8490e47b36f6b4c9e46f20a7c5bf673d428e0223a
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
2b486ba3ae86981e895ed4efff98bf514e777855908935d60e093add70e92831
2d770f67339711ab85aa0c6768c825e58c6a772b831db31507a67f0844a916bf
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3cf1497c74bbd8bdfc2a6075ed9f98fc1c64de227049bac40d63a3bd0d558f23
3d99497aca4af7b3b738e9e0e8aae596a21fa19c1cde6f9850195e2d223d29da
413c89cd884b9bf86a36527958103a75ad4d722a547e1246fa6ebc1c71c4fb0f
450548c294cc983ee4e3e977990c49ef77a394f7e79fbb6b649018391c3fb19c
47c740101bfcb918940f8d05f62af523c17cc0527d9f32f5706fe51ebdd5eb36
4ca6dd97b62c2f6e9263710d88f9ccb54612bdccd98c08ead481a0347e9a4e1f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
5189658b1f2daae71ab3b070b6e0b54f412ed79e468c14a1d16c92824a3b2af7
5278fdb353821284a1d10295cd3c0682a5e81bb4df2ce4401ad909d1d48d6f20
54abed1de14de52fcb5435fc5eabd200ecaf46972708fc45d237bfb84e584dc9
54bc309e62290950de8229695b40a08a04e355ef78a432f6e712a2c4e7e734d1
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5f8ff232b4daccf59ef2cca58e3fb333027cf2c44411dd46a7643021b0826bc6
60e2285c771aa1ce7ed3874767534abd97a37c81af89fcdf814f2e66875cb6bf
65486f0d6a4d58d5839bfbdd95a7b482df055c71b18fe0f828f523649c622a2b
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
66cdff38cb08f85a490fd345492e61d87b68d490d2dbf6f512e527effbb59d49
6aed91bc3fe363917c20172ada28b8b82661425448cd470b2fbeaade298ba050
6d94482014c8932e79da1cf46c2522a8d124a52ad5fe551cea46ec273e9b6386
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
7be2638e7ce718a8c93bd3291a1bd4c9eafac76dfbdcf4b10af38de6f543643d
7e21b98fe8d870cd8e1bbdf4cd1d89ce166d741bc6206a15a238b2bc2f3e7b7f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80936d79a0930407c23166df7555392a95caa1bc7d830f6cb51f408905134de8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a1c951a818174eaaaf001a306bad640b788f504b3b55a86970c8c49220bdb1e
8fcb22108c77c1701ecd0388362c592a7e352eb35f75917fcc69ff3dc926136a
9052292049e7e31831a874f945df5dc21db5c41d9a4a03b5c52a2237bcabcf25
91c44efc263b86d3f90e69d67f977a007eef0ac244155940a4e5ed51f08d06c3
91c7069bc2e40a3ba73bb93b7444d516ea0a475971410c5d574d990e139bdf90
93aea7e3c21a5bc34e432149592dfbe6a432f4039a8f93bdb6b43db00b8d40c9
946d3f8a770b4cf97cc25e59e904a88da369899cabfe36b8b139c5880a954318
9c9910cfd17799bb16300d4064b50f4dfeee96b79f974c4c3a16efa3917c039e
9da55217f32bf8ad4cd86962e78b270fa2cb5e02a2a2d9d78fff6d70855ae02a
a00e34d050b72c99d6df84c846205c65a5b228d5982200a29c470c6a22a393d5
a06180fb9a5e601584734aa3a1271706147a37cb8697ec2ed8291ea40b5ebe5d
a37b6f7bb7b837cc860e2360882620cf5ccde96facd6858b39164ed3676ae45b
a3ecb97544ccb44fb7452d864111dfd68e7cef43199a2fa5b98b7908258817b8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a62acc5a85b46fd23fe8e24c8c480d16d79aaead5b1b9ba61a8567fcb0e4bfb5
a6c15f3846c92e0a5450d7230512206ee7d3b34868f6ebf0faba82f3463f614f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b125d9907777481a0c209af91a87bad75fb81a672c5712429f261bc9a0ce3a79
b13b4cc6eacbad93926be7237270303663b91019ac94fee671a2b126456b26f7
b159722b91f7663d33ce1f0e95de72389955edfa5a12cfe6c94b6705468ae805
b690b3d35ce8f81432a157676ae131de0303ce175a651132b0968045a679b4e6
bbd74a98ed1c879bfb6ec3f278e8d665f90e938aa8224a0cca484632a9d27c26
c076be7ea667da6b951e92af3a78137a5ae5c7de8d55d8a503a14fb239d741f6
c13688f519a33fd5a4f3d1152b8da0b1a4ed2bcc47d23d8c4d94ec8a6ac20e2e
c7e3eac1b2c0f5c2d934241ee44a85b4a1a1f3c7c85e05381e2c4b622fe5501d
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
c8db9f853525deceda9c0749a25a9f2639355d88231b31d6e2b9cc22c206ff41
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d43b25f104e87708adfbf2453f40db643d75008736158d893a0ec84264c7b45a
d7dcbf991e3140883fbb0cea57b778db313c0ee8f57205404257ac98e1aa1444
db5db21f3084c268ddab39adf4a24db548c1b7b20e3b72c122bbe0f6d305cfae
de6889accf5d1391c235c1694525bbfe0aa6988dd757626a651fff72973f7157
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3edb2816c31ea361376b22c49fd66c3f66b17b9bb7c63e59e9a0d032c327aee
e8d0c61081c2830f503fdd39a557b8a4cbbad6459d6ef3672f2851c8e2f95dd6
e975ebeee1b07b9ada5f9a893f6245bfbda7248c1fdea28b44a5b0a7a3f27ac8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc
f46fa02437228f6dc85a6c49ea52df3b5309291523f2c60edcd24ae89bb6d329
f50cd1f9a7d3ab95391225b3a8d36eca059105990afdada14ca150953df3f6c4
f69adcb2ca28e3e811ad5b88d7b6d86a68d736c715bca3d4953f0566d1447321
f85c28d88553d51870430707e647442e46b1ce4c7f11e99a112d372b02d77a50
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
fb5d0db4a0e486d673deb8cdb8db8f27e3060f969f7cdd204e0923b0a71c5705
fec2ffc602ee5bf9e5132ff977234588ea02e81c59e093fa402f5a1c8f6503f7

ombra.net Open in urlscan Pro 3.229.206.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

97 %HTTPS

71 %IPv6

12 Domains

15 Subdomains

15 IPs

3 Countries

2121 kBTransfer

3562 kBSize

7 Cookies

72 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ombra.net Open in urlscan Pro
3.229.206.229 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

97 %
HTTPS

71 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

2121 kB
Transfer

3562 kB
Size

7
Cookies

111 HTTP transactions
2 data transactions