urlscan.io logo urlscan.io
SecurityTrails logo

omi.app Open in urlscan Pro
2001:4860:4802:32::15  Public Scan

Go To Rescan Add Verdict Report
URL: https://omi.app/covid-19
Submission Tags: falconsandbox
Submission: On March 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 91 HTTP transactions. The main IP is 2001:4860:4802:32::15, located in United States and belongs to GOOGLE, US. The main domain is omi.app.
TLS certificate: Issued by GTS CA 1D4 on March 6th 2022. Valid for: 3 months.
This is the only time omi.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)
omi.app
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
20    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    52.222.137.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-73.ams50.r.cloudfront.net
cdn.conekta.io
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.222.137.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-106.ams50.r.cloudfront.net
widget.intercom.io
3    52.222.137.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-52.ams50.r.cloudfront.net
js.intercomcdn.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    54.148.115.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
ssl.kaptcha.com
6    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
345 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
94 KB
13 omi.app
omi.app
1 MB
7 kaptcha.com
ssl.kaptcha.com — Cisco Umbrella Rank: 10045
24 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
41 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
4 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
3 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2009
126 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
72 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
914 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
14 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1998
253 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
642 B
1 conekta.io
cdn.conekta.io — Cisco Umbrella Rank: 250590
104 KB
91 17
Domain Requested by
20 pagead2.googlesyndication.com omi.app
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
www.googletagservices.com
13 omi.app omi.app
12 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
7 ssl.kaptcha.com cdn.conekta.io
omi.app
ssl.kaptcha.com
6 www.gstatic.com googleads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
omi.app
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 fonts.googleapis.com omi.app
googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 js.intercomcdn.com omi.app
widget.intercom.io
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.google-analytics.com omi.app
www.google-analytics.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 widget.intercom.io 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.conekta.io omi.app
91 23

This site contains no links.

Subject Issuer Validity Valid
omi.app
GTS CA 1D4		 2022-03-06 -
2022-06-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
conekta.io
Amazon		 2021-09-08 -
2022-10-07		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
ssl.kaptcha.com
Thawte RSA CA 2018		 2021-11-01 -
2022-11-27		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://omi.app/covid-19
Frame ID: 308A53B833B27CDF181BACE1A43BF2DA
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: 6E9C504DBDAE858BB60A0E6233AF22FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4176986958163816&output=html&adk=1812271804&adf=3025194257&lmt=1647555397&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fomi.app%2Fcovid-19&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647555397725&bpp=2&bdt=266&idt=133&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5999857239423&frm=20&pv=2&ga_vid=556219275.1647555398&ga_sid=1647555398&ga_hid=225701107&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530889%2C42531397%2C44750773%2C31065550%2C31062931&oid=2&pvsid=4214588430618569&pem=311&tmod=2098915429&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=150
Frame ID: 66C5E525FF01F5C85C1A83D240B47FA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Frame ID: EAE9BFE2522B10EBCFC755B74BCDDB3A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Frame ID: 96267C48F78E427F5F39048009375599
Requests: 14 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Frame ID: BF41493E2949402F465D8D5430E549D6
Requests: 6 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e17106a4.js
Frame ID: 43E993019383CEE1F6FC4EBF42F7D221
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO1pYgDEK-ju40DGNOWuL8BMAE&v=APEucNXBlusB1i0G1bDhyXXoEQ_Cs49f4DaB9Caylx1R5vWXJIf6XRKWJmZ5XBgJhSaUbaN63dtJByi4_vCVKcBnPTShKMqg2jovH41evU4HL4oK1_ql9vBnMtPBq1yM63wMAoSbSB-zW-_mF-gZnNGFdVvwtN_4MpURVdoVgfppimZPRDN_lSE
Frame ID: 395A37D25C6760A31A66BA2856FE40FE
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/eb03ae4a64bc28140afe8fd5a16bbea0.js?tag=client_fast_engine_2019
Frame ID: 4F467EB90B35848AC49F0DF39B0BE42D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A0898FB9753878D102608D79B2B1FB87
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Frame ID: F98F3E586FD5A203D68474EC0ED1DA12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12E59BFF822DD86B94005021244858C5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5745412E815A556E29640A0DDA8FBA04
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OMI

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.conekta\.\w+/js/(?:v([\d.]+)|)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

91
Requests

95 %
HTTPS

59 %
IPv6

17
Domains

23
Subdomains

22
IPs

4
Countries

2334 kB
Transfer

7464 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://widget.intercom.io/widget/i20vy66b HTTP 302
  • https://js.intercomcdn.com/shim.latest.js
Request Chain 46
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEeCmJcZ8ZsDUjGL6LsPstI&google_cver=1
Request Chain 47
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjOzRm-CjkYYukjGpSYa1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP9pWd41Ih3iOOlb8dfXUsk&google_cver=1
Request Chain 48
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBtObo6FUYGD65zSRsqy0Cg&google_cver=1
Request Chain 49
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MDczOTk3NDc1OTg1MjIzMA%3D%3D

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request covid-19
omi.app/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
92033d4e57186a6b76c9cfba6777cbca9bdb569bb056889110d306740e4feab4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 17 Mar 2022 22:16:37 GMT
expires
Thu, 17 Mar 2022 22:26:37 GMT
cache-control
public, max-age=600
etag
"5Ze1fg"
x-cloud-trace-context
0644502571d21ad19bba778a264ac88b
content-type
text/html
content-encoding
gzip
server
Google Frontend
css
fonts.googleapis.com/ 		10 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,400italic
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf108825d0b436058bdb992b20b670da7741b1ec672f2f13a18b89561a4a71c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 21:18:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 22:16:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 22:16:37 GMT
icon
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 22:16:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 22:16:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 22:16:37 GMT
vendor-8f8200e5c541d7e7fda9358b88817df8.css
omi.app/assets/ 		74 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omi.app/assets/vendor-8f8200e5c541d7e7fda9358b88817df8.css
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
886332abb1d9ac205e4970c214f19ab3a113f455f7bac95c41e10978d24c3449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:37 GMT
content-encoding
gzip
server
Google Frontend
etag
"5Ze1fg"
content-type
text/css
x-cloud-trace-context
77c2efba475a6f51b0eb5a7ee6f89793
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:37 GMT
main-9659f8bae1b2ab51ef780a629d26a504.css
omi.app/assets/@apps/ 		444 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omi.app/assets/@apps/main-9659f8bae1b2ab51ef780a629d26a504.css
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9d8674a7e2fe0a76d89597205b4b03885f98788a669c30155b39e8da50934267

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:37 GMT
content-encoding
gzip
server
Google Frontend
etag
"5Ze1fg"
content-type
text/css
x-cloud-trace-context
77c2efba475a6f51b0eb5a7ee6f89793
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fc4295b7eb2771e3a6e272d81f732f5f131029029871ce9ec18dfb3874d9e4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54648
x-xss-protection
0
server
cafe
etag
766581102707658523
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Mar 2022 22:16:37 GMT
conekta.js
cdn.conekta.io/js/latest/ 		104 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.conekta.io/js/latest/conekta.js
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-73.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9ab115372791fd65190bb554dda1e4272e3ec3c57f89ab3b87a636b7ee199c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
KYn2dYXEuCnaPMl3W5qcoy9QCoMx7yla
via
1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
last-modified
Thu, 14 Oct 2021 01:10:56 GMT
server
AmazonS3
age
8668
etag
"85c75e701b71cfb0ae2e487c1d71d6c5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 17 Mar 2022 19:52:10 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
106070
x-amz-cf-id
Af3jNPQbF2P1ktE0LoCOtcTHp06nc7qzn2fAsA5azJtVU439ZNbJYA==
vendor-1cc5aa65cef971452da7a62942602449.js
omi.app/assets/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://omi.app/assets/vendor-1cc5aa65cef971452da7a62942602449.js
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e0edfd39fc2f3bb33cc34d6a66e30f481e9724979413a27a023a4f8e059dd407

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:37 GMT
content-encoding
gzip
server
Google Frontend
etag
"5Ze1fg"
content-type
application/javascript
x-cloud-trace-context
77c2efba475a6f51b0eb5a7ee6f89793
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:37 GMT
main-5be4792f2a5a56e809583aca240d51ef.js
omi.app/assets/@apps/ 		286 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omi.app/assets/@apps/main-5be4792f2a5a56e809583aca240d51ef.js
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8b5d56eba8e277e6676341bf7fd5fd3dac576450bc88e8faaecc6117040f377b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:37 GMT
content-encoding
gzip
server
Google Frontend
etag
"5Ze1fg"
content-type
application/javascript
x-cloud-trace-context
77c2efba475a6f51b0eb5a7ee6f89793
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:37 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 		294 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108579
x-xss-protection
0
server
cafe
etag
4861168965344539476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 17 Mar 2022 22:16:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame 6E9C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Thu, 17 Mar 2022 21:08:05 GMT
expires
Thu, 31 Mar 2022 21:08:05 GMT
cache-control
public, max-age=1209600
age
4112
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		211 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=omi.app&callback=_gfp_s_&client=ca-pub-4176986958163816
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4d1dee9005bd4281c1f303cb3db45fdb3f2e719abca12a7812cad47a27bbf92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=omi.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 22:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=omi.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 22:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 66C5 		179 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4176986958163816&output=html&adk=1812271804&adf=3025194257&lmt=1647555397&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fomi.app%2Fcovid-19&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647555397725&bpp=2&bdt=266&idt=133&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5999857239423&frm=20&pv=2&ga_vid=556219275.1647555398&ga_sid=1647555398&ga_hid=225701107&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42530889%2C42531397%2C44750773%2C31065550%2C31062931&oid=2&pvsid=4214588430618569&pem=311&tmod=2098915429&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be6f75a2748183dbea7be60403de8357de22987b565327ee738586416ea7e7fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 17 Mar 2022 22:16:38 GMT
server
cafe
content-length
52562
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 22:16:38 GMT
cache-control
private
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2508
date
Thu, 17 Mar 2022 21:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 17 Mar 2022 23:34:50 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=225701107&t=pageview&_s=1&dl=https%3A%2F%2Fomi.app%2Fcovid-19&ul=en-us&de=UTF-8&dt=OMI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=804816575&gjid=1916265241&cid=556219275.1647555398&tid=UA-101964182-1&_gid=1370846284.1647555398&_r=1&_slc=1&z=991915318
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://omi.app/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://omi.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-101964182-1&cid=556219275.1647555398&jid=804816575&gjid=1916265241&_gid=1370846284.1647555398&_u=IAhAAEAAAAAAAC~&z=1394574621
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://omi.app/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 17 Mar 2022 22:16:38 GMT
content-type
text/plain
access-control-allow-origin
https://omi.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4213007144c37c15898f6529d459f5ad73a6f9c8edb5cb2ad92a8323e722fc9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54936
x-xss-protection
0
server
cafe
etag
3295694844936372420
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Mar 2022 22:16:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-4176986958163816&eid=44759875%2C44759926%2C44759837%2C42530889%2C42531397%2C44750773%2C31065550%2C31062931
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-4176986958163816&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20220123_093458&sat=1643126663272&afm=0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=4&fd=(0%2C0%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1200&abl=false&rr=n&su=omi.app&pvc=4214588430618569&r=0.1&eid=44759875%2C44759926%2C44759837%2C42530889%2C42531397%2C44750773%2C31065550%2C31062931
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_opt&c=0&wpc=ca-pub-4176986958163816&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20220123_093458&sat=1643126663272&afm=0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=4&fd=(0%2C0%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1200&abl=false&rr=0&su=omi.app&ab=0&oab=0&sab=0&ls=0&op=0&fad=0&fmd=0&vad=0&vmd=0&pad=0&pmd=0&pvc=4214588430618569&r=0.1&eid=44759875%2C44759926%2C44759837%2C42530889%2C42531397%2C44750773%2C31065550%2C31062931
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/i20vy66b
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Server
52.222.137.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-52.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93d2b20c1c3c85715da3880622c6ba09e33fa7b5480dd1d946c8ea90db43a8e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 22:12:26 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 15:52:05 GMT
server
AmazonS3
age
253
etag
"2c9940ea5d78d2a79d7cb172218cdf46"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
6086
x-amz-cf-id
KvG_gsZGDoxv-Q4tx28Nm78_5I28CkDULTAkTjzjsNtmz7JI_ED9bQ==

Redirect headers

date
Tue, 15 Mar 2022 17:42:15 GMT
via
1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
server
AmazonS3
age
189264
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
AMS50-C1
content-length
0
x-amz-cf-id
6zdMbHhHWUtoFANRFN7yU_4MXQ0CIyOX4PPZKUHSTe0AcS4lYULQxw==
ko_fi_donation_icon-d12d33dc74bb7df594baeaf3b3f4d036.png
omi.app/assets/images/Icons/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omi.app/assets/images/Icons/ko_fi_donation_icon-d12d33dc74bb7df594baeaf3b3f4d036.png
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
71a7d025326d249c9216b13252cdedbdc97dfd97ac708e6b79c5d1b40fdc6426

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:38 GMT
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:38 GMT
server
Google Frontend
etag
"5Ze1fg"
x-cloud-trace-context
92ce228c54512e5238c6ba15d025c5ac
content-type
image/png
omi_patient_logo-c41219b4463c6c0e0a819ec4e0888d81.png
omi.app/assets/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omi.app/assets/images/omi_patient_logo-c41219b4463c6c0e0a819ec4e0888d81.png
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
700173c53e838ff0f06b697cd53d11142a36abc311200960ccf165ab2457e350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:38 GMT
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:38 GMT
server
Google Frontend
etag
"5Ze1fg"
x-cloud-trace-context
92ce228c54512e5238c6ba15d025c5ac
content-type
image/png
osiris_logo-078284456c2bf90747be6db96efa76fd.png
omi.app/assets/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omi.app/assets/images/osiris_logo-078284456c2bf90747be6db96efa76fd.png
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
729939dff7cb49ad38d3b6cd5b933826f8401456644bb25e5d9a708bc0f7e6ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:38 GMT
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:38 GMT
server
Google Frontend
etag
"5Ze1fg"
x-cloud-trace-context
da62051bf485b22aa83e9164681335a2
content-type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://omi.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 09:48:03 GMT
x-content-type-options
nosniff
age
563315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Mar 2023 09:48:03 GMT
SohoGothicPro-Bold.otf
omi.app/assets/fonts/SohoGothicPro/ 		88 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omi.app/assets/fonts/SohoGothicPro/SohoGothicPro-Bold.otf
Requested by
Host: omi.app
URL: https://omi.app/assets/@apps/main-9659f8bae1b2ab51ef780a629d26a504.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d4528ddfc94c3e9eddf33c51c56238ee2c7f07abb87b4c56362d3676962029d0

Request headers

Referer
https://omi.app/assets/@apps/main-9659f8bae1b2ab51ef780a629d26a504.css
Origin
https://omi.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:38 GMT
content-encoding
gzip
server
Google Frontend
etag
"5Ze1fg"
content-type
font/otf
x-cloud-trace-context
92ce228c54512e5238c6ba15d025c5ac
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-4176986958163816&eid=44759875%2C44759926%2C44759837%2C42530889%2C42531397%2C44750773%2C31065550%2C31062931
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=omi.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 22:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=omi.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 22:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/ Frame EAE9 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 16 Mar 2022 23:04:53 GMT
expires
Wed, 30 Mar 2022 23:04:53 GMT
cache-control
public, max-age=1209600
etag
4044455266028820542
content-type
text/html; charset=UTF-8
age
83505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/ Frame 9626 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 16 Mar 2022 23:04:53 GMT
expires
Wed, 30 Mar 2022 23:04:53 GMT
cache-control
public, max-age=1209600
etag
4044455266028820542
content-type
text/html; charset=UTF-8
age
83505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
logo.htm
ssl.kaptcha.com/ Frame BF41 		22 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Requested by
Host: cdn.conekta.io
URL: https://cdn.conekta.io/js/latest/conekta.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
83fc71b25a29d00bcf4d9e74fa4af04bce0fd5c3c66995b00b4465a143e066b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache no-store must-revalidate private
Content-Type
text/html
Expires
0
Pragma
no-cache
X-Correlation-Id
16bde5cd-4c0b-42f9-9793-cefb51edd9fd
Date
Thu, 17 Mar 2022 22:16:39 GMT
Transfer-Encoding
chunked
logo.gif
ssl.kaptcha.com/ 		35 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.kaptcha.com/logo.gif?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
X-Correlation-Id
2b953050-d0de-49f6-9962-86617efbc53a
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, private
Content-Length
35
Expires
0
frame-modern.e17106a4.js
js.intercomcdn.com/ Frame 43E9 		299 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.e17106a4.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/i20vy66b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-52.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fd513cb87c1edba562bb984fa4a9b4d7558c4587b66ad626a09af7d28bc1b54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 21:52:19 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 15:50:55 GMT
server
AmazonS3
age
1460
etag
"460bd0fd57f9dd3855732952b41154fe"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
81637
x-amz-cf-id
m1RXmBrkEmxCchwQTjd-akAUEuweciUk9OVW0-A48y99savgYUw5ng==
vendor-modern.c8d75f61.js
js.intercomcdn.com/ Frame 43E9 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.c8d75f61.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/i20vy66b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-52.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64b33d2bce2b547cbe611c20e06c57f505d659cab83fed932955447d30aca592

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 17 Mar 2022 20:37:52 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 14:36:28 GMT
server
AmazonS3
age
5927
etag
"c3eb33b0cce01528a298748d72233c50"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
content-length
39569
x-amz-cf-id
uhrNW_zFspmZgvGbCVV7IKOKX5gU9UQ3cBLz1DxdfjJ-zGWnCvU9lg==
css2
fonts.googleapis.com/ Frame EAE9 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 20:59:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 22:16:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 22:16:38 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EAE9 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:09:47 GMT
x-content-type-options
nosniff
age
7611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 17 Mar 2023 20:09:47 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EAE9 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 20:15:53 GMT
x-content-type-options
nosniff
age
7245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 17 Mar 2023 20:15:53 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame EAE9 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4cc8248c65b1d5277d920cd0aaadaf2d0b0aeb2c31c3078171127866ad304b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8355
x-xss-protection
0
server
cafe
etag
4666862433802105431
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:16:34 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 395A 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO1pYgDEK-ju40DGNOWuL8BMAE&v=APEucNXBlusB1i0G1bDhyXXoEQ_Cs49f4DaB9Caylx1R5vWXJIf6XRKWJmZ5XBgJhSaUbaN63dtJByi4_vCVKcBnPTShKMqg2jovH41evU4HL4oK1_ql9vBnMtPBq1yM63wMAoSbSB-zW-_mF-gZnNGFdVvwtN_4MpURVdoVgfppimZPRDN_lSE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 17 Mar 2022 22:16:38 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Mar 2022 22:16:38 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9626 		55 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeFTD9gBs63EjnTntx8amhDbbsSxpZvZmlXy-9StFKbQ4KrhlOJQM3EXBqF2cyDmfdZ-ivcLcbZLoU3NdGAa-MldIm6A&cry=1&dbm_d=AKAmf-DXD24EjApyvM_vtmvLF0jyWOIVAtbRJIbJ03kTrfSwoouPcKZ-kU2W5rwmo1oPPyR9V1Q_br2SlxyjMjDZf7EwLREuNnkcCBWA1XYZL9_87bhQ264UfCDjjpGrg3X1ndTwrN8JPSMmk-8DGn6ezpcgvAji8GzcD2JZbc59kvswwt-_PW7pxOVp7OoDezc7B9JbIoMKxt-Z0lzvOW-8cYH1tICURAeaNOy4kJHzKD2g7oTC8fT__KlTCNeXDt1pfXZE9l5bs-I0WNjen78ySEawp2_O_s3wkgtCBtC_ejK38z4InWBjmWmEAj3_1YLIbVB0GSgi7Hx1_PcxGHo4Sm29moIzCcrwtofKwMll0TTLhEu3QfTnIh_NDeCR7Dlwd_GR4s_87FpGCz-5nXlJBJCNJQKi5g_5T562ABoRyWipzbuE_Ob83R2tYOvLb6-QUdJvCsyShsJucv7HdKpyNgBc1mzlgAlgSZkDEOYkscysXe18CnkU-kthiybyYH9AKr5nwinyeZ3DhZkiV3ahm90YNpAAEmQDtEfw37oiY6ZtSaMqcLC7eA6dSKIsXRtBEfUuhBb69sTkVlPEsOE90Su_9ix2lTwOjhbRNZpYs_OOVp_k54ZFPB2eztyjDgNEFIj5ZHG-PnCIlwD72vwNcsHsBpA8tFxdovHvjgIGu94Nb_1xzIj2iBj4edLb_NeggQNdKBpeGqGE1zQYCehwnjN2oxZwAhDKUCvYLhCYWJR0BehUBSRC-qeoL5qI2r-xb_FK2h-JEptta27tfXItL0mue-T6rBXrhn-sfE2MVwRPuV01JqN5KqsZt-st4S84j_8_RN4zyi8PvDs4E5W0mct2yUCd0UOPztpP0Qm87zRJ8zLt_leCyRJ0XG641q1l1Q-7xB3lLVZIR-D-vkbxiOEHiabOVmFAo2Lkqj0Wi1dnDHmHKNzCM4JI5IuKRqu-qAE3vP7LujZ71Jrl4Mrl5MheVv31p12_JXEUTiLk9VkVtxllDGKz-EnQiPpcap6S0QeWgMLdE05YmalotiqZsb38RVIJW2PdLWrApwGcBfKNOYZPXI5FF3Zey_CDUnaB8h6omWaPuRwfBNRtoutig37NkbC4ZBeP_iZaABYGijg4rG2EpFlhcDMWxhzzEf0MY9NbacE7b3UDwMs6LJFS3qF4RSMSm7mblFTvwpGDKPS3_gHXrIazwFlTRGFiKP3Fyeiyu4x_7KwUALnXYhQ_6KXhRNsyMSzJ-p8W-p04VJ3oDmtIfzOccLqa_DNiqrpo9SCGllrQFnlPpy4NrqP9DmhzHhBUtx6ArO2VkaRT4dmyaRRQiayukPH2270djC3PYbWia-gVci9ymI9ijsQJw8uADCS9UvNOIOvWlmQDrAwU_yuMyxixGBa7UYsmrsdZzUOAcvbwX44GmAZ_Kgg7MZaUQ302r41040RFlW_oIlvycFEt68PWU9nIFixELrpfFJjiUFnFyziHtnzangAfX8891DEegAJDAnkSXOqfOM1JPkMfhPPy-yAfsu6_BfZmqq2btox2NZMwXxIqjvCXskafzcAr7KjqqUEnxpZrv3zR1i8UYWyDHEKYuBwYm43tP719UXJ0IjlqAjAopXx13rgfPwul4e0xlKcyEe7WgW68q9eccNgNGY48JbQ8JGk7xMCn78iWtCvd9LxBH-NYAtoASwONHtbreJkfTgLUN3LmjqGCsX7F4mhKpuOK8NrstL5vQ_GWu8N4T9vB8wq3m5Y6ztyTtUNdnHCQyUj9bOjk8jZjMm5mS4mpDh0Bk5TYlO6NYirdOwbVUFzhd9BVI3F6xsFeH5vaS_CpuaRiE9ZQ8V_qK8qOg_Yv-YltMw7wnJcEUkvGcPa51uzCwE_ODgZHvB6Yd-4bSGtnPRGK5LOjUd43yd3tHRY4GcfM5-BG2P0zSFgNmV79hPH6YrcjN2f1hkTvgQq81nFJAx0LSAqaQimmhdbCNrv3f4jRAcHa-2hAMzjOlLKT5yKCSBxCG62kwvBeRV7qQWCxB_uyJVc2ru-1WLNnE0fqy4Mg2uQbhPv2dwjFC_HmuALmp63YDZGKhSSjg8GgAbkch2iRuMrgreLeVguHKmUyZcI7IFAvHsjzQaR_ucdq8O98V30YXKVakpYr-aS4o3n9OkcyFD5625r-ecAiSbDzoGYJpozpmHjylXXMPdPnVpzIi90PuC46RrC6ufhnFopnDVSHKwrr6BYR1Gb2yTatYEN60nw0I-ZvZNr4H71EWas_4ksI30LKaWf_lZeUwEPtpQnkrlYyZ1Nr60O38QG18C55qKQSLXsyTW8rv5-XEpaKhR51-bnrioFiBwlBvDFb5GUi0dMzNW2DCn8jLDhPmR5JA2A85on10SI1zw6PQTj3TGpYWGNIeMgNKbPe5dBB9qdsOqXashfib4zTcK_Gq25_kC6-7PI1FP_eg-XaaBxDv18YXo6LrSwFOtasTUpMguWSAg08oqe6vTZBOacvrQbQjkPT4gDkIgKgwwkoPW7uMf0eV8S-hWD4Vh6aiUWJuFmll_hdBPPVTdJKDmhtGKf7NuJl-8CNz7i-ayFz0yGaJOshlhy9CfwGloGpQZ_754-rOZNQCb7V3_783iNsyQTUt435IuGP1Ks5_iR_wct1Xyd-K2eftCGuBz89OOPWEnxauq16CPsVYe6nFEuBwOcMEq6p1sDt53S4gEznJ5qaqajOEQZqHkb5ZHHTsOj_XwohVFsUh8DxaSk7rIVZ3ZcePiGnzOQCxcjiakQSs8uRIFqpYQIuuQEnd1c8gVrkxbfCcoqmlUuxhgNQpK4Sr_hkZxaIgBcMpgwEZWVSGw3ZR6aEAWdkkt22D7CrjOFYeVYsmi01PBfBY8wTbJK617hcwvhzoEwSyBFw66bmLg3MaDkOqGaoRhBs4QjocBBI1YG7yFKrHMZK36eez2_ON14R0sGLeTsVWU_L&cid=CAASBORoEmk&rfl=1%2Chttps%253A%252F%252Fomi.app%252F%240
Requested by
Host: omi.app
URL: https://omi.app/covid-19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b6fad06ec82cd4f500e0251f0363246474834512e2c98c79ad55f65ad14d1fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26860
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9626 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpnDYOrMx1UspI87fAD2ofYmCawhmP6abgrXSiW6noD0mzdVKkFnOtbE4-ktCCmm-YwaDSWP4bBjkE4d1LLVPfpUlXjFELQ_S8iXOmo4xo5X_R_xQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 9626 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:12:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9626 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 22:16:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 9626 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:12:31 GMT
rum
dsum-sec.casalemedia.com/ Frame 395A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEeCmJcZ8ZsDUjGL6LsPstI&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEeCmJcZ8ZsDUjGL6LsPstI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO1pYgDEK-ju40DGNOWuL8BMAE&v=APEucNXBlusB1i0G1bDhyXXoEQ_Cs49f4DaB9Caylx1R5vWXJIf6XRKWJmZ5XBgJhSaUbaN63dtJByi4_vCVKcBnPTShKMqg2jovH41evU4HL4oK1_ql9vBnMtPBq1yM63wMAoSbSB-zW-_mF-gZnNGFdVvwtN_4MpURVdoVgfppimZPRDN_lSE
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Mar 2022 22:16:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEeCmJcZ8ZsDUjGL6LsPstI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 395A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjOzRm-CjkYYukjGpSYa1AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP9pWd41Ih3iOOlb8dfXUsk&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP9pWd41Ih3iOOlb8dfXUsk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO1pYgDEK-ju40DGNOWuL8BMAE&v=APEucNXBlusB1i0G1bDhyXXoEQ_Cs49f4DaB9Caylx1R5vWXJIf6XRKWJmZ5XBgJhSaUbaN63dtJByi4_vCVKcBnPTShKMqg2jovH41evU4HL4oK1_ql9vBnMtPBq1yM63wMAoSbSB-zW-_mF-gZnNGFdVvwtN_4MpURVdoVgfppimZPRDN_lSE
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Mar 2022 22:16:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP9pWd41Ih3iOOlb8dfXUsk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 395A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBtObo6FUYGD65zSRsqy0Cg&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBtObo6FUYGD65zSRsqy0Cg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO1pYgDEK-ju40DGNOWuL8BMAE&v=APEucNXBlusB1i0G1bDhyXXoEQ_Cs49f4DaB9Caylx1R5vWXJIf6XRKWJmZ5XBgJhSaUbaN63dtJByi4_vCVKcBnPTShKMqg2jovH41evU4HL4oK1_ql9vBnMtPBq1yM63wMAoSbSB-zW-_mF-gZnNGFdVvwtN_4MpURVdoVgfppimZPRDN_lSE
Protocol
HTTP/1.1
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
63c33f10-595b-4dee-8a41-00ae00d8f72d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBtObo6FUYGD65zSRsqy0Cg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 395A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MDczOTk3NDc1OTg1MjIzMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MDczOTk3NDc1OTg1MjIzMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO1pYgDEK-ju40DGNOWuL8BMAE&v=APEucNXBlusB1i0G1bDhyXXoEQ_Cs49f4DaB9Caylx1R5vWXJIf6XRKWJmZ5XBgJhSaUbaN63dtJByi4_vCVKcBnPTShKMqg2jovH41evU4HL4oK1_ql9vBnMtPBq1yM63wMAoSbSB-zW-_mF-gZnNGFdVvwtN_4MpURVdoVgfppimZPRDN_lSE
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3d610f87-aa3a-4474-88d3-dbf6b6f1b068
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MDczOTk3NDc1OTg1MjIzMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
eb03ae4a64bc28140afe8fd5a16bbea0.js
www.gstatic.com/mysidia/ Frame 4F46 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eb03ae4a64bc28140afe8fd5a16bbea0.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceb6019241751dffe336346c5c4540634a286aa657911b6766b77e6ee4da3620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3743
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 03:55:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 19:08:22 GMT
daef75a5e808c3b530434f7f22bcc99d.js
www.gstatic.com/mysidia/ Frame 4F46 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/daef75a5e808c3b530434f7f22bcc99d.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f83c0812d2ef30a334de87811cf685f2d21e23c4b6785926f987c4e164e7e3eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 00:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5924
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 03:55:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 00:23:05 GMT
css
fonts.googleapis.com/ Frame 4F46 		6 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 21:34:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 22:16:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 22:16:39 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 4F46 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:12:54 GMT
a44a0b8f447061e92ca19622c4392a02.js
www.gstatic.com/mysidia/ Frame 4F46 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 00:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2233
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 07:09:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 13 Jun 2022 00:14:50 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 4F46 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 21:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1811
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 21:46:28 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 4F46 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:12:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F46 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 22:16:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 4F46 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:12:31 GMT
7a99daadf072127ada89333d533e295f.js
www.gstatic.com/mysidia/ Frame 4F46 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11822
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 03:55:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 19:08:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 9626 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeFTD9gBs63EjnTntx8amhDbbsSxpZvZmlXy-9StFKbQ4KrhlOJQM3EXBqF2cyDmfdZ-ivcLcbZLoU3NdGAa-MldIm6A&cry=1&dbm_d=AKAmf-DXD24EjApyvM_vtmvLF0jyWOIVAtbRJIbJ03kTrfSwoouPcKZ-kU2W5rwmo1oPPyR9V1Q_br2SlxyjMjDZf7EwLREuNnkcCBWA1XYZL9_87bhQ264UfCDjjpGrg3X1ndTwrN8JPSMmk-8DGn6ezpcgvAji8GzcD2JZbc59kvswwt-_PW7pxOVp7OoDezc7B9JbIoMKxt-Z0lzvOW-8cYH1tICURAeaNOy4kJHzKD2g7oTC8fT__KlTCNeXDt1pfXZE9l5bs-I0WNjen78ySEawp2_O_s3wkgtCBtC_ejK38z4InWBjmWmEAj3_1YLIbVB0GSgi7Hx1_PcxGHo4Sm29moIzCcrwtofKwMll0TTLhEu3QfTnIh_NDeCR7Dlwd_GR4s_87FpGCz-5nXlJBJCNJQKi5g_5T562ABoRyWipzbuE_Ob83R2tYOvLb6-QUdJvCsyShsJucv7HdKpyNgBc1mzlgAlgSZkDEOYkscysXe18CnkU-kthiybyYH9AKr5nwinyeZ3DhZkiV3ahm90YNpAAEmQDtEfw37oiY6ZtSaMqcLC7eA6dSKIsXRtBEfUuhBb69sTkVlPEsOE90Su_9ix2lTwOjhbRNZpYs_OOVp_k54ZFPB2eztyjDgNEFIj5ZHG-PnCIlwD72vwNcsHsBpA8tFxdovHvjgIGu94Nb_1xzIj2iBj4edLb_NeggQNdKBpeGqGE1zQYCehwnjN2oxZwAhDKUCvYLhCYWJR0BehUBSRC-qeoL5qI2r-xb_FK2h-JEptta27tfXItL0mue-T6rBXrhn-sfE2MVwRPuV01JqN5KqsZt-st4S84j_8_RN4zyi8PvDs4E5W0mct2yUCd0UOPztpP0Qm87zRJ8zLt_leCyRJ0XG641q1l1Q-7xB3lLVZIR-D-vkbxiOEHiabOVmFAo2Lkqj0Wi1dnDHmHKNzCM4JI5IuKRqu-qAE3vP7LujZ71Jrl4Mrl5MheVv31p12_JXEUTiLk9VkVtxllDGKz-EnQiPpcap6S0QeWgMLdE05YmalotiqZsb38RVIJW2PdLWrApwGcBfKNOYZPXI5FF3Zey_CDUnaB8h6omWaPuRwfBNRtoutig37NkbC4ZBeP_iZaABYGijg4rG2EpFlhcDMWxhzzEf0MY9NbacE7b3UDwMs6LJFS3qF4RSMSm7mblFTvwpGDKPS3_gHXrIazwFlTRGFiKP3Fyeiyu4x_7KwUALnXYhQ_6KXhRNsyMSzJ-p8W-p04VJ3oDmtIfzOccLqa_DNiqrpo9SCGllrQFnlPpy4NrqP9DmhzHhBUtx6ArO2VkaRT4dmyaRRQiayukPH2270djC3PYbWia-gVci9ymI9ijsQJw8uADCS9UvNOIOvWlmQDrAwU_yuMyxixGBa7UYsmrsdZzUOAcvbwX44GmAZ_Kgg7MZaUQ302r41040RFlW_oIlvycFEt68PWU9nIFixELrpfFJjiUFnFyziHtnzangAfX8891DEegAJDAnkSXOqfOM1JPkMfhPPy-yAfsu6_BfZmqq2btox2NZMwXxIqjvCXskafzcAr7KjqqUEnxpZrv3zR1i8UYWyDHEKYuBwYm43tP719UXJ0IjlqAjAopXx13rgfPwul4e0xlKcyEe7WgW68q9eccNgNGY48JbQ8JGk7xMCn78iWtCvd9LxBH-NYAtoASwONHtbreJkfTgLUN3LmjqGCsX7F4mhKpuOK8NrstL5vQ_GWu8N4T9vB8wq3m5Y6ztyTtUNdnHCQyUj9bOjk8jZjMm5mS4mpDh0Bk5TYlO6NYirdOwbVUFzhd9BVI3F6xsFeH5vaS_CpuaRiE9ZQ8V_qK8qOg_Yv-YltMw7wnJcEUkvGcPa51uzCwE_ODgZHvB6Yd-4bSGtnPRGK5LOjUd43yd3tHRY4GcfM5-BG2P0zSFgNmV79hPH6YrcjN2f1hkTvgQq81nFJAx0LSAqaQimmhdbCNrv3f4jRAcHa-2hAMzjOlLKT5yKCSBxCG62kwvBeRV7qQWCxB_uyJVc2ru-1WLNnE0fqy4Mg2uQbhPv2dwjFC_HmuALmp63YDZGKhSSjg8GgAbkch2iRuMrgreLeVguHKmUyZcI7IFAvHsjzQaR_ucdq8O98V30YXKVakpYr-aS4o3n9OkcyFD5625r-ecAiSbDzoGYJpozpmHjylXXMPdPnVpzIi90PuC46RrC6ufhnFopnDVSHKwrr6BYR1Gb2yTatYEN60nw0I-ZvZNr4H71EWas_4ksI30LKaWf_lZeUwEPtpQnkrlYyZ1Nr60O38QG18C55qKQSLXsyTW8rv5-XEpaKhR51-bnrioFiBwlBvDFb5GUi0dMzNW2DCn8jLDhPmR5JA2A85on10SI1zw6PQTj3TGpYWGNIeMgNKbPe5dBB9qdsOqXashfib4zTcK_Gq25_kC6-7PI1FP_eg-XaaBxDv18YXo6LrSwFOtasTUpMguWSAg08oqe6vTZBOacvrQbQjkPT4gDkIgKgwwkoPW7uMf0eV8S-hWD4Vh6aiUWJuFmll_hdBPPVTdJKDmhtGKf7NuJl-8CNz7i-ayFz0yGaJOshlhy9CfwGloGpQZ_754-rOZNQCb7V3_783iNsyQTUt435IuGP1Ks5_iR_wct1Xyd-K2eftCGuBz89OOPWEnxauq16CPsVYe6nFEuBwOcMEq6p1sDt53S4gEznJ5qaqajOEQZqHkb5ZHHTsOj_XwohVFsUh8DxaSk7rIVZ3ZcePiGnzOQCxcjiakQSs8uRIFqpYQIuuQEnd1c8gVrkxbfCcoqmlUuxhgNQpK4Sr_hkZxaIgBcMpgwEZWVSGw3ZR6aEAWdkkt22D7CrjOFYeVYsmi01PBfBY8wTbJK617hcwvhzoEwSyBFw66bmLg3MaDkOqGaoRhBs4QjocBBI1YG7yFKrHMZK36eez2_ON14R0sGLeTsVWU_L&cid=CAASBORoEmk&rfl=1%2Chttps%253A%252F%252Fomi.app%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:08:45 GMT
11010258267405029345
s0.2mdn.net/simgad/ Frame 9626 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11010258267405029345
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeFTD9gBs63EjnTntx8amhDbbsSxpZvZmlXy-9StFKbQ4KrhlOJQM3EXBqF2cyDmfdZ-ivcLcbZLoU3NdGAa-MldIm6A&cry=1&dbm_d=AKAmf-DXD24EjApyvM_vtmvLF0jyWOIVAtbRJIbJ03kTrfSwoouPcKZ-kU2W5rwmo1oPPyR9V1Q_br2SlxyjMjDZf7EwLREuNnkcCBWA1XYZL9_87bhQ264UfCDjjpGrg3X1ndTwrN8JPSMmk-8DGn6ezpcgvAji8GzcD2JZbc59kvswwt-_PW7pxOVp7OoDezc7B9JbIoMKxt-Z0lzvOW-8cYH1tICURAeaNOy4kJHzKD2g7oTC8fT__KlTCNeXDt1pfXZE9l5bs-I0WNjen78ySEawp2_O_s3wkgtCBtC_ejK38z4InWBjmWmEAj3_1YLIbVB0GSgi7Hx1_PcxGHo4Sm29moIzCcrwtofKwMll0TTLhEu3QfTnIh_NDeCR7Dlwd_GR4s_87FpGCz-5nXlJBJCNJQKi5g_5T562ABoRyWipzbuE_Ob83R2tYOvLb6-QUdJvCsyShsJucv7HdKpyNgBc1mzlgAlgSZkDEOYkscysXe18CnkU-kthiybyYH9AKr5nwinyeZ3DhZkiV3ahm90YNpAAEmQDtEfw37oiY6ZtSaMqcLC7eA6dSKIsXRtBEfUuhBb69sTkVlPEsOE90Su_9ix2lTwOjhbRNZpYs_OOVp_k54ZFPB2eztyjDgNEFIj5ZHG-PnCIlwD72vwNcsHsBpA8tFxdovHvjgIGu94Nb_1xzIj2iBj4edLb_NeggQNdKBpeGqGE1zQYCehwnjN2oxZwAhDKUCvYLhCYWJR0BehUBSRC-qeoL5qI2r-xb_FK2h-JEptta27tfXItL0mue-T6rBXrhn-sfE2MVwRPuV01JqN5KqsZt-st4S84j_8_RN4zyi8PvDs4E5W0mct2yUCd0UOPztpP0Qm87zRJ8zLt_leCyRJ0XG641q1l1Q-7xB3lLVZIR-D-vkbxiOEHiabOVmFAo2Lkqj0Wi1dnDHmHKNzCM4JI5IuKRqu-qAE3vP7LujZ71Jrl4Mrl5MheVv31p12_JXEUTiLk9VkVtxllDGKz-EnQiPpcap6S0QeWgMLdE05YmalotiqZsb38RVIJW2PdLWrApwGcBfKNOYZPXI5FF3Zey_CDUnaB8h6omWaPuRwfBNRtoutig37NkbC4ZBeP_iZaABYGijg4rG2EpFlhcDMWxhzzEf0MY9NbacE7b3UDwMs6LJFS3qF4RSMSm7mblFTvwpGDKPS3_gHXrIazwFlTRGFiKP3Fyeiyu4x_7KwUALnXYhQ_6KXhRNsyMSzJ-p8W-p04VJ3oDmtIfzOccLqa_DNiqrpo9SCGllrQFnlPpy4NrqP9DmhzHhBUtx6ArO2VkaRT4dmyaRRQiayukPH2270djC3PYbWia-gVci9ymI9ijsQJw8uADCS9UvNOIOvWlmQDrAwU_yuMyxixGBa7UYsmrsdZzUOAcvbwX44GmAZ_Kgg7MZaUQ302r41040RFlW_oIlvycFEt68PWU9nIFixELrpfFJjiUFnFyziHtnzangAfX8891DEegAJDAnkSXOqfOM1JPkMfhPPy-yAfsu6_BfZmqq2btox2NZMwXxIqjvCXskafzcAr7KjqqUEnxpZrv3zR1i8UYWyDHEKYuBwYm43tP719UXJ0IjlqAjAopXx13rgfPwul4e0xlKcyEe7WgW68q9eccNgNGY48JbQ8JGk7xMCn78iWtCvd9LxBH-NYAtoASwONHtbreJkfTgLUN3LmjqGCsX7F4mhKpuOK8NrstL5vQ_GWu8N4T9vB8wq3m5Y6ztyTtUNdnHCQyUj9bOjk8jZjMm5mS4mpDh0Bk5TYlO6NYirdOwbVUFzhd9BVI3F6xsFeH5vaS_CpuaRiE9ZQ8V_qK8qOg_Yv-YltMw7wnJcEUkvGcPa51uzCwE_ODgZHvB6Yd-4bSGtnPRGK5LOjUd43yd3tHRY4GcfM5-BG2P0zSFgNmV79hPH6YrcjN2f1hkTvgQq81nFJAx0LSAqaQimmhdbCNrv3f4jRAcHa-2hAMzjOlLKT5yKCSBxCG62kwvBeRV7qQWCxB_uyJVc2ru-1WLNnE0fqy4Mg2uQbhPv2dwjFC_HmuALmp63YDZGKhSSjg8GgAbkch2iRuMrgreLeVguHKmUyZcI7IFAvHsjzQaR_ucdq8O98V30YXKVakpYr-aS4o3n9OkcyFD5625r-ecAiSbDzoGYJpozpmHjylXXMPdPnVpzIi90PuC46RrC6ufhnFopnDVSHKwrr6BYR1Gb2yTatYEN60nw0I-ZvZNr4H71EWas_4ksI30LKaWf_lZeUwEPtpQnkrlYyZ1Nr60O38QG18C55qKQSLXsyTW8rv5-XEpaKhR51-bnrioFiBwlBvDFb5GUi0dMzNW2DCn8jLDhPmR5JA2A85on10SI1zw6PQTj3TGpYWGNIeMgNKbPe5dBB9qdsOqXashfib4zTcK_Gq25_kC6-7PI1FP_eg-XaaBxDv18YXo6LrSwFOtasTUpMguWSAg08oqe6vTZBOacvrQbQjkPT4gDkIgKgwwkoPW7uMf0eV8S-hWD4Vh6aiUWJuFmll_hdBPPVTdJKDmhtGKf7NuJl-8CNz7i-ayFz0yGaJOshlhy9CfwGloGpQZ_754-rOZNQCb7V3_783iNsyQTUt435IuGP1Ks5_iR_wct1Xyd-K2eftCGuBz89OOPWEnxauq16CPsVYe6nFEuBwOcMEq6p1sDt53S4gEznJ5qaqajOEQZqHkb5ZHHTsOj_XwohVFsUh8DxaSk7rIVZ3ZcePiGnzOQCxcjiakQSs8uRIFqpYQIuuQEnd1c8gVrkxbfCcoqmlUuxhgNQpK4Sr_hkZxaIgBcMpgwEZWVSGw3ZR6aEAWdkkt22D7CrjOFYeVYsmi01PBfBY8wTbJK617hcwvhzoEwSyBFw66bmLg3MaDkOqGaoRhBs4QjocBBI1YG7yFKrHMZK36eez2_ON14R0sGLeTsVWU_L&cid=CAASBORoEmk&rfl=1%2Chttps%253A%252F%252Fomi.app%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a190b9dc49e32cf25b59bdc79b7a73fd839bc98271248409d16aba6d5ca0f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:35:01 GMT
x-content-type-options
nosniff
age
268898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 12:00:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 14 Mar 2023 19:35:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame 9626 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeFTD9gBs63EjnTntx8amhDbbsSxpZvZmlXy-9StFKbQ4KrhlOJQM3EXBqF2cyDmfdZ-ivcLcbZLoU3NdGAa-MldIm6A&cry=1&dbm_d=AKAmf-DXD24EjApyvM_vtmvLF0jyWOIVAtbRJIbJ03kTrfSwoouPcKZ-kU2W5rwmo1oPPyR9V1Q_br2SlxyjMjDZf7EwLREuNnkcCBWA1XYZL9_87bhQ264UfCDjjpGrg3X1ndTwrN8JPSMmk-8DGn6ezpcgvAji8GzcD2JZbc59kvswwt-_PW7pxOVp7OoDezc7B9JbIoMKxt-Z0lzvOW-8cYH1tICURAeaNOy4kJHzKD2g7oTC8fT__KlTCNeXDt1pfXZE9l5bs-I0WNjen78ySEawp2_O_s3wkgtCBtC_ejK38z4InWBjmWmEAj3_1YLIbVB0GSgi7Hx1_PcxGHo4Sm29moIzCcrwtofKwMll0TTLhEu3QfTnIh_NDeCR7Dlwd_GR4s_87FpGCz-5nXlJBJCNJQKi5g_5T562ABoRyWipzbuE_Ob83R2tYOvLb6-QUdJvCsyShsJucv7HdKpyNgBc1mzlgAlgSZkDEOYkscysXe18CnkU-kthiybyYH9AKr5nwinyeZ3DhZkiV3ahm90YNpAAEmQDtEfw37oiY6ZtSaMqcLC7eA6dSKIsXRtBEfUuhBb69sTkVlPEsOE90Su_9ix2lTwOjhbRNZpYs_OOVp_k54ZFPB2eztyjDgNEFIj5ZHG-PnCIlwD72vwNcsHsBpA8tFxdovHvjgIGu94Nb_1xzIj2iBj4edLb_NeggQNdKBpeGqGE1zQYCehwnjN2oxZwAhDKUCvYLhCYWJR0BehUBSRC-qeoL5qI2r-xb_FK2h-JEptta27tfXItL0mue-T6rBXrhn-sfE2MVwRPuV01JqN5KqsZt-st4S84j_8_RN4zyi8PvDs4E5W0mct2yUCd0UOPztpP0Qm87zRJ8zLt_leCyRJ0XG641q1l1Q-7xB3lLVZIR-D-vkbxiOEHiabOVmFAo2Lkqj0Wi1dnDHmHKNzCM4JI5IuKRqu-qAE3vP7LujZ71Jrl4Mrl5MheVv31p12_JXEUTiLk9VkVtxllDGKz-EnQiPpcap6S0QeWgMLdE05YmalotiqZsb38RVIJW2PdLWrApwGcBfKNOYZPXI5FF3Zey_CDUnaB8h6omWaPuRwfBNRtoutig37NkbC4ZBeP_iZaABYGijg4rG2EpFlhcDMWxhzzEf0MY9NbacE7b3UDwMs6LJFS3qF4RSMSm7mblFTvwpGDKPS3_gHXrIazwFlTRGFiKP3Fyeiyu4x_7KwUALnXYhQ_6KXhRNsyMSzJ-p8W-p04VJ3oDmtIfzOccLqa_DNiqrpo9SCGllrQFnlPpy4NrqP9DmhzHhBUtx6ArO2VkaRT4dmyaRRQiayukPH2270djC3PYbWia-gVci9ymI9ijsQJw8uADCS9UvNOIOvWlmQDrAwU_yuMyxixGBa7UYsmrsdZzUOAcvbwX44GmAZ_Kgg7MZaUQ302r41040RFlW_oIlvycFEt68PWU9nIFixELrpfFJjiUFnFyziHtnzangAfX8891DEegAJDAnkSXOqfOM1JPkMfhPPy-yAfsu6_BfZmqq2btox2NZMwXxIqjvCXskafzcAr7KjqqUEnxpZrv3zR1i8UYWyDHEKYuBwYm43tP719UXJ0IjlqAjAopXx13rgfPwul4e0xlKcyEe7WgW68q9eccNgNGY48JbQ8JGk7xMCn78iWtCvd9LxBH-NYAtoASwONHtbreJkfTgLUN3LmjqGCsX7F4mhKpuOK8NrstL5vQ_GWu8N4T9vB8wq3m5Y6ztyTtUNdnHCQyUj9bOjk8jZjMm5mS4mpDh0Bk5TYlO6NYirdOwbVUFzhd9BVI3F6xsFeH5vaS_CpuaRiE9ZQ8V_qK8qOg_Yv-YltMw7wnJcEUkvGcPa51uzCwE_ODgZHvB6Yd-4bSGtnPRGK5LOjUd43yd3tHRY4GcfM5-BG2P0zSFgNmV79hPH6YrcjN2f1hkTvgQq81nFJAx0LSAqaQimmhdbCNrv3f4jRAcHa-2hAMzjOlLKT5yKCSBxCG62kwvBeRV7qQWCxB_uyJVc2ru-1WLNnE0fqy4Mg2uQbhPv2dwjFC_HmuALmp63YDZGKhSSjg8GgAbkch2iRuMrgreLeVguHKmUyZcI7IFAvHsjzQaR_ucdq8O98V30YXKVakpYr-aS4o3n9OkcyFD5625r-ecAiSbDzoGYJpozpmHjylXXMPdPnVpzIi90PuC46RrC6ufhnFopnDVSHKwrr6BYR1Gb2yTatYEN60nw0I-ZvZNr4H71EWas_4ksI30LKaWf_lZeUwEPtpQnkrlYyZ1Nr60O38QG18C55qKQSLXsyTW8rv5-XEpaKhR51-bnrioFiBwlBvDFb5GUi0dMzNW2DCn8jLDhPmR5JA2A85on10SI1zw6PQTj3TGpYWGNIeMgNKbPe5dBB9qdsOqXashfib4zTcK_Gq25_kC6-7PI1FP_eg-XaaBxDv18YXo6LrSwFOtasTUpMguWSAg08oqe6vTZBOacvrQbQjkPT4gDkIgKgwwkoPW7uMf0eV8S-hWD4Vh6aiUWJuFmll_hdBPPVTdJKDmhtGKf7NuJl-8CNz7i-ayFz0yGaJOshlhy9CfwGloGpQZ_754-rOZNQCb7V3_783iNsyQTUt435IuGP1Ks5_iR_wct1Xyd-K2eftCGuBz89OOPWEnxauq16CPsVYe6nFEuBwOcMEq6p1sDt53S4gEznJ5qaqajOEQZqHkb5ZHHTsOj_XwohVFsUh8DxaSk7rIVZ3ZcePiGnzOQCxcjiakQSs8uRIFqpYQIuuQEnd1c8gVrkxbfCcoqmlUuxhgNQpK4Sr_hkZxaIgBcMpgwEZWVSGw3ZR6aEAWdkkt22D7CrjOFYeVYsmi01PBfBY8wTbJK617hcwvhzoEwSyBFw66bmLg3MaDkOqGaoRhBs4QjocBBI1YG7yFKrHMZK36eez2_ON14R0sGLeTsVWU_L&cid=CAASBORoEmk&rfl=1%2Chttps%253A%252F%252Fomi.app%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 22:09:54 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9626 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMmTUMwKtAPsza1q35sNZQpQO6xjA8V-GjxddcBTefcOdOx_Ga1YoshHfrVCH4u9tRp5fuSpbkCBcP-vADJja0tmWx7yXF9O9PTUZ-2qMNXeQr-Z8kzt9AMyO_Gju3Cse7_EEeyRHEw3nlwGg6qHCU7B3VjObY7BTN4jl9dU7J33EGlv6K4WfMUvi2aI1FDHWp3fNgW-LLCI0GS_HTBZmspBxKOMwJbpS-IyAQrdti_aeLxqr-4vFMHtmiLWGExaEqa_soBuXbjYM2ZpJoyG6Hf4UOXdI7TSl8w4O8q6q9sfMo3Qyk1GQeUazE3114oX1AKlI1BriX5Vslz3w-PIXtkWzSkYTcyojaDcQsaPROtUAsXLCDIT8pVlIfzLOgGM1Wx7HkIm49YGO8yYV8PCszxAJuQmIjq26Aon7UyPUWhJ1IUgcuE49aj8mXgzmSe2rWRqp3umMHK1kUgwER1ljAZHmHXP_MqwHcgPAdk_26E3dxj27DUYlx8Kn0utlf_EWYQeBHEjm-15KahNpKjYgFQJerSpTI7etnAS3BfJIGs2JeibrVweik5fzzp26yBgHOuk2nfhtZtiWPA7aZ_q91OT0L1Bxfus-xbGK22FSzdVsZmiTQkD2ZhpFBpktBJppmf22itj1xTZg4qG8KolAB7j7GdWLrfcxVoDUKav9SMTKVquYzDBfJ5fNmk5BtSpv6o33saNOOzGAy5Uxi_qpmfvAKgcZ_SQQ_IvPlxFgrPfoc74moyf4Wi4IARowXV96QhY4CBEfsuPkYXekIZ5CNolrlzf7edOVDzNid5PDQIlETOuDlbMmKV4BpvdV6Ow2kKCoWjXtPYIFlSVAxUvGz4X6BOEKXihEMEmjvIAGVzMdV6aROThC6JEvtxhBsLTc-NMLyl49LLdwUW9D8gCdT4w7lm8PmimxD7DQShgxkKUxKp6m9ss13eKWRiX-yn3-5EWVvP8iCANoIvqRb4fZSG7-fJZdFbrPu3ZbSEGFqVPaaJtB90TDNRPR13TVdl0vk0kC1ZSOwcDHyfldW8AaJ4v4EuxtcDcKGPQ7OPKFbXRSy6pz29DV-v1vOA-WKH9nBmJpag9O2oMxrO6X0wl-TPrrySwZ9O8_hQ1zUpK9UadujTMqY_7RfoBz6b2PvCIZlCD2v4PMsuCs6u0ms&sai=AMfl-YQ58t8x1aT-RaO1Pew4EFBAnrigvdHcTwWg3rM0sMWfD64J8996pY_XlKc5_VYdcauEPHxvG6pRHOlRthwdtOn81fnYpSvEWgXo6GjJ1J2INb9XcQge54h_svO1Pf93q2md&sig=Cg0ArKJSzE8VXGeruaUPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220316.32556&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeFTD9gBs63EjnTntx8amhDbbsSxpZvZmlXy-9StFKbQ4KrhlOJQM3EXBqF2cyDmfdZ-ivcLcbZLoU3NdGAa-MldIm6A&cry=1&dbm_d=AKAmf-DXD24EjApyvM_vtmvLF0jyWOIVAtbRJIbJ03kTrfSwoouPcKZ-kU2W5rwmo1oPPyR9V1Q_br2SlxyjMjDZf7EwLREuNnkcCBWA1XYZL9_87bhQ264UfCDjjpGrg3X1ndTwrN8JPSMmk-8DGn6ezpcgvAji8GzcD2JZbc59kvswwt-_PW7pxOVp7OoDezc7B9JbIoMKxt-Z0lzvOW-8cYH1tICURAeaNOy4kJHzKD2g7oTC8fT__KlTCNeXDt1pfXZE9l5bs-I0WNjen78ySEawp2_O_s3wkgtCBtC_ejK38z4InWBjmWmEAj3_1YLIbVB0GSgi7Hx1_PcxGHo4Sm29moIzCcrwtofKwMll0TTLhEu3QfTnIh_NDeCR7Dlwd_GR4s_87FpGCz-5nXlJBJCNJQKi5g_5T562ABoRyWipzbuE_Ob83R2tYOvLb6-QUdJvCsyShsJucv7HdKpyNgBc1mzlgAlgSZkDEOYkscysXe18CnkU-kthiybyYH9AKr5nwinyeZ3DhZkiV3ahm90YNpAAEmQDtEfw37oiY6ZtSaMqcLC7eA6dSKIsXRtBEfUuhBb69sTkVlPEsOE90Su_9ix2lTwOjhbRNZpYs_OOVp_k54ZFPB2eztyjDgNEFIj5ZHG-PnCIlwD72vwNcsHsBpA8tFxdovHvjgIGu94Nb_1xzIj2iBj4edLb_NeggQNdKBpeGqGE1zQYCehwnjN2oxZwAhDKUCvYLhCYWJR0BehUBSRC-qeoL5qI2r-xb_FK2h-JEptta27tfXItL0mue-T6rBXrhn-sfE2MVwRPuV01JqN5KqsZt-st4S84j_8_RN4zyi8PvDs4E5W0mct2yUCd0UOPztpP0Qm87zRJ8zLt_leCyRJ0XG641q1l1Q-7xB3lLVZIR-D-vkbxiOEHiabOVmFAo2Lkqj0Wi1dnDHmHKNzCM4JI5IuKRqu-qAE3vP7LujZ71Jrl4Mrl5MheVv31p12_JXEUTiLk9VkVtxllDGKz-EnQiPpcap6S0QeWgMLdE05YmalotiqZsb38RVIJW2PdLWrApwGcBfKNOYZPXI5FF3Zey_CDUnaB8h6omWaPuRwfBNRtoutig37NkbC4ZBeP_iZaABYGijg4rG2EpFlhcDMWxhzzEf0MY9NbacE7b3UDwMs6LJFS3qF4RSMSm7mblFTvwpGDKPS3_gHXrIazwFlTRGFiKP3Fyeiyu4x_7KwUALnXYhQ_6KXhRNsyMSzJ-p8W-p04VJ3oDmtIfzOccLqa_DNiqrpo9SCGllrQFnlPpy4NrqP9DmhzHhBUtx6ArO2VkaRT4dmyaRRQiayukPH2270djC3PYbWia-gVci9ymI9ijsQJw8uADCS9UvNOIOvWlmQDrAwU_yuMyxixGBa7UYsmrsdZzUOAcvbwX44GmAZ_Kgg7MZaUQ302r41040RFlW_oIlvycFEt68PWU9nIFixELrpfFJjiUFnFyziHtnzangAfX8891DEegAJDAnkSXOqfOM1JPkMfhPPy-yAfsu6_BfZmqq2btox2NZMwXxIqjvCXskafzcAr7KjqqUEnxpZrv3zR1i8UYWyDHEKYuBwYm43tP719UXJ0IjlqAjAopXx13rgfPwul4e0xlKcyEe7WgW68q9eccNgNGY48JbQ8JGk7xMCn78iWtCvd9LxBH-NYAtoASwONHtbreJkfTgLUN3LmjqGCsX7F4mhKpuOK8NrstL5vQ_GWu8N4T9vB8wq3m5Y6ztyTtUNdnHCQyUj9bOjk8jZjMm5mS4mpDh0Bk5TYlO6NYirdOwbVUFzhd9BVI3F6xsFeH5vaS_CpuaRiE9ZQ8V_qK8qOg_Yv-YltMw7wnJcEUkvGcPa51uzCwE_ODgZHvB6Yd-4bSGtnPRGK5LOjUd43yd3tHRY4GcfM5-BG2P0zSFgNmV79hPH6YrcjN2f1hkTvgQq81nFJAx0LSAqaQimmhdbCNrv3f4jRAcHa-2hAMzjOlLKT5yKCSBxCG62kwvBeRV7qQWCxB_uyJVc2ru-1WLNnE0fqy4Mg2uQbhPv2dwjFC_HmuALmp63YDZGKhSSjg8GgAbkch2iRuMrgreLeVguHKmUyZcI7IFAvHsjzQaR_ucdq8O98V30YXKVakpYr-aS4o3n9OkcyFD5625r-ecAiSbDzoGYJpozpmHjylXXMPdPnVpzIi90PuC46RrC6ufhnFopnDVSHKwrr6BYR1Gb2yTatYEN60nw0I-ZvZNr4H71EWas_4ksI30LKaWf_lZeUwEPtpQnkrlYyZ1Nr60O38QG18C55qKQSLXsyTW8rv5-XEpaKhR51-bnrioFiBwlBvDFb5GUi0dMzNW2DCn8jLDhPmR5JA2A85on10SI1zw6PQTj3TGpYWGNIeMgNKbPe5dBB9qdsOqXashfib4zTcK_Gq25_kC6-7PI1FP_eg-XaaBxDv18YXo6LrSwFOtasTUpMguWSAg08oqe6vTZBOacvrQbQjkPT4gDkIgKgwwkoPW7uMf0eV8S-hWD4Vh6aiUWJuFmll_hdBPPVTdJKDmhtGKf7NuJl-8CNz7i-ayFz0yGaJOshlhy9CfwGloGpQZ_754-rOZNQCb7V3_783iNsyQTUt435IuGP1Ks5_iR_wct1Xyd-K2eftCGuBz89OOPWEnxauq16CPsVYe6nFEuBwOcMEq6p1sDt53S4gEznJ5qaqajOEQZqHkb5ZHHTsOj_XwohVFsUh8DxaSk7rIVZ3ZcePiGnzOQCxcjiakQSs8uRIFqpYQIuuQEnd1c8gVrkxbfCcoqmlUuxhgNQpK4Sr_hkZxaIgBcMpgwEZWVSGw3ZR6aEAWdkkt22D7CrjOFYeVYsmi01PBfBY8wTbJK617hcwvhzoEwSyBFw66bmLg3MaDkOqGaoRhBs4QjocBBI1YG7yFKrHMZK36eez2_ON14R0sGLeTsVWU_L&cid=CAASBORoEmk&rfl=1%2Chttps%253A%252F%252Fomi.app%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 17 Mar 2022 22:16:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9626 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeFTD9gBs63EjnTntx8amhDbbsSxpZvZmlXy-9StFKbQ4KrhlOJQM3EXBqF2cyDmfdZ-ivcLcbZLoU3NdGAa-MldIm6A&cry=1&dbm_d=AKAmf-DXD24EjApyvM_vtmvLF0jyWOIVAtbRJIbJ03kTrfSwoouPcKZ-kU2W5rwmo1oPPyR9V1Q_br2SlxyjMjDZf7EwLREuNnkcCBWA1XYZL9_87bhQ264UfCDjjpGrg3X1ndTwrN8JPSMmk-8DGn6ezpcgvAji8GzcD2JZbc59kvswwt-_PW7pxOVp7OoDezc7B9JbIoMKxt-Z0lzvOW-8cYH1tICURAeaNOy4kJHzKD2g7oTC8fT__KlTCNeXDt1pfXZE9l5bs-I0WNjen78ySEawp2_O_s3wkgtCBtC_ejK38z4InWBjmWmEAj3_1YLIbVB0GSgi7Hx1_PcxGHo4Sm29moIzCcrwtofKwMll0TTLhEu3QfTnIh_NDeCR7Dlwd_GR4s_87FpGCz-5nXlJBJCNJQKi5g_5T562ABoRyWipzbuE_Ob83R2tYOvLb6-QUdJvCsyShsJucv7HdKpyNgBc1mzlgAlgSZkDEOYkscysXe18CnkU-kthiybyYH9AKr5nwinyeZ3DhZkiV3ahm90YNpAAEmQDtEfw37oiY6ZtSaMqcLC7eA6dSKIsXRtBEfUuhBb69sTkVlPEsOE90Su_9ix2lTwOjhbRNZpYs_OOVp_k54ZFPB2eztyjDgNEFIj5ZHG-PnCIlwD72vwNcsHsBpA8tFxdovHvjgIGu94Nb_1xzIj2iBj4edLb_NeggQNdKBpeGqGE1zQYCehwnjN2oxZwAhDKUCvYLhCYWJR0BehUBSRC-qeoL5qI2r-xb_FK2h-JEptta27tfXItL0mue-T6rBXrhn-sfE2MVwRPuV01JqN5KqsZt-st4S84j_8_RN4zyi8PvDs4E5W0mct2yUCd0UOPztpP0Qm87zRJ8zLt_leCyRJ0XG641q1l1Q-7xB3lLVZIR-D-vkbxiOEHiabOVmFAo2Lkqj0Wi1dnDHmHKNzCM4JI5IuKRqu-qAE3vP7LujZ71Jrl4Mrl5MheVv31p12_JXEUTiLk9VkVtxllDGKz-EnQiPpcap6S0QeWgMLdE05YmalotiqZsb38RVIJW2PdLWrApwGcBfKNOYZPXI5FF3Zey_CDUnaB8h6omWaPuRwfBNRtoutig37NkbC4ZBeP_iZaABYGijg4rG2EpFlhcDMWxhzzEf0MY9NbacE7b3UDwMs6LJFS3qF4RSMSm7mblFTvwpGDKPS3_gHXrIazwFlTRGFiKP3Fyeiyu4x_7KwUALnXYhQ_6KXhRNsyMSzJ-p8W-p04VJ3oDmtIfzOccLqa_DNiqrpo9SCGllrQFnlPpy4NrqP9DmhzHhBUtx6ArO2VkaRT4dmyaRRQiayukPH2270djC3PYbWia-gVci9ymI9ijsQJw8uADCS9UvNOIOvWlmQDrAwU_yuMyxixGBa7UYsmrsdZzUOAcvbwX44GmAZ_Kgg7MZaUQ302r41040RFlW_oIlvycFEt68PWU9nIFixELrpfFJjiUFnFyziHtnzangAfX8891DEegAJDAnkSXOqfOM1JPkMfhPPy-yAfsu6_BfZmqq2btox2NZMwXxIqjvCXskafzcAr7KjqqUEnxpZrv3zR1i8UYWyDHEKYuBwYm43tP719UXJ0IjlqAjAopXx13rgfPwul4e0xlKcyEe7WgW68q9eccNgNGY48JbQ8JGk7xMCn78iWtCvd9LxBH-NYAtoASwONHtbreJkfTgLUN3LmjqGCsX7F4mhKpuOK8NrstL5vQ_GWu8N4T9vB8wq3m5Y6ztyTtUNdnHCQyUj9bOjk8jZjMm5mS4mpDh0Bk5TYlO6NYirdOwbVUFzhd9BVI3F6xsFeH5vaS_CpuaRiE9ZQ8V_qK8qOg_Yv-YltMw7wnJcEUkvGcPa51uzCwE_ODgZHvB6Yd-4bSGtnPRGK5LOjUd43yd3tHRY4GcfM5-BG2P0zSFgNmV79hPH6YrcjN2f1hkTvgQq81nFJAx0LSAqaQimmhdbCNrv3f4jRAcHa-2hAMzjOlLKT5yKCSBxCG62kwvBeRV7qQWCxB_uyJVc2ru-1WLNnE0fqy4Mg2uQbhPv2dwjFC_HmuALmp63YDZGKhSSjg8GgAbkch2iRuMrgreLeVguHKmUyZcI7IFAvHsjzQaR_ucdq8O98V30YXKVakpYr-aS4o3n9OkcyFD5625r-ecAiSbDzoGYJpozpmHjylXXMPdPnVpzIi90PuC46RrC6ufhnFopnDVSHKwrr6BYR1Gb2yTatYEN60nw0I-ZvZNr4H71EWas_4ksI30LKaWf_lZeUwEPtpQnkrlYyZ1Nr60O38QG18C55qKQSLXsyTW8rv5-XEpaKhR51-bnrioFiBwlBvDFb5GUi0dMzNW2DCn8jLDhPmR5JA2A85on10SI1zw6PQTj3TGpYWGNIeMgNKbPe5dBB9qdsOqXashfib4zTcK_Gq25_kC6-7PI1FP_eg-XaaBxDv18YXo6LrSwFOtasTUpMguWSAg08oqe6vTZBOacvrQbQjkPT4gDkIgKgwwkoPW7uMf0eV8S-hWD4Vh6aiUWJuFmll_hdBPPVTdJKDmhtGKf7NuJl-8CNz7i-ayFz0yGaJOshlhy9CfwGloGpQZ_754-rOZNQCb7V3_783iNsyQTUt435IuGP1Ks5_iR_wct1Xyd-K2eftCGuBz89OOPWEnxauq16CPsVYe6nFEuBwOcMEq6p1sDt53S4gEznJ5qaqajOEQZqHkb5ZHHTsOj_XwohVFsUh8DxaSk7rIVZ3ZcePiGnzOQCxcjiakQSs8uRIFqpYQIuuQEnd1c8gVrkxbfCcoqmlUuxhgNQpK4Sr_hkZxaIgBcMpgwEZWVSGw3ZR6aEAWdkkt22D7CrjOFYeVYsmi01PBfBY8wTbJK617hcwvhzoEwSyBFw66bmLg3MaDkOqGaoRhBs4QjocBBI1YG7yFKrHMZK36eez2_ON14R0sGLeTsVWU_L&cid=CAASBORoEmk&rfl=1%2Chttps%253A%252F%252Fomi.app%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 13:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 13:40:29 GMT
truncated
/ Frame 9626 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72256cd634e2226f7e69336208682b8049b0ba1739f54463708d0d8445177dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A089 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Mar 2022 22:16:44 GMT
expires
Tue, 14 Mar 2023 22:16:44 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
259195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
pagead2.googlesyndication.com/bg/ Frame F98F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
259275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13802
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 22:15:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9626 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvMmTUMwKtAPsza1q35sNZQpQO6xjA8V-GjxddcBTefcOdOx_Ga1YoshHfrVCH4u9tRp5fuSpbkCBcP-vADJja0tmWx7yXF9O9PTUZ-2qMNXeQr-Z8kzt9AMyO_Gju3Cse7_EEeyRHEw3nlwGg6qHCU7B3VjObY7BTN4jl9dU7J33EGlv6K4WfMUvi2aI1FDHWp3fNgW-LLCI0GS_HTBZmspBxKOMwJbpS-IyAQrdti_aeLxqr-4vFMHtmiLWGExaEqa_soBuXbjYM2ZpJoyG6Hf4UOXdI7TSl8w4O8q6q9sfMo3Qyk1GQeUazE3114oX1AKlI1BriX5Vslz3w-PIXtkWzSkYTcyojaDcQsaPROtUAsXLCDIT8pVlIfzLOgGM1Wx7HkIm49YGO8yYV8PCszxAJuQmIjq26Aon7UyPUWhJ1IUgcuE49aj8mXgzmSe2rWRqp3umMHK1kUgwER1ljAZHmHXP_MqwHcgPAdk_26E3dxj27DUYlx8Kn0utlf_EWYQeBHEjm-15KahNpKjYgFQJerSpTI7etnAS3BfJIGs2JeibrVweik5fzzp26yBgHOuk2nfhtZtiWPA7aZ_q91OT0L1Bxfus-xbGK22FSzdVsZmiTQkD2ZhpFBpktBJppmf22itj1xTZg4qG8KolAB7j7GdWLrfcxVoDUKav9SMTKVquYzDBfJ5fNmk5BtSpv6o33saNOOzGAy5Uxi_qpmfvAKgcZ_SQQ_IvPlxFgrPfoc74moyf4Wi4IARowXV96QhY4CBEfsuPkYXekIZ5CNolrlzf7edOVDzNid5PDQIlETOuDlbMmKV4BpvdV6Ow2kKCoWjXtPYIFlSVAxUvGz4X6BOEKXihEMEmjvIAGVzMdV6aROThC6JEvtxhBsLTc-NMLyl49LLdwUW9D8gCdT4w7lm8PmimxD7DQShgxkKUxKp6m9ss13eKWRiX-yn3-5EWVvP8iCANoIvqRb4fZSG7-fJZdFbrPu3ZbSEGFqVPaaJtB90TDNRPR13TVdl0vk0kC1ZSOwcDHyfldW8AaJ4v4EuxtcDcKGPQ7OPKFbXRSy6pz29DV-v1vOA-WKH9nBmJpag9O2oMxrO6X0wl-TPrrySwZ9O8_hQ1zUpK9UadujTMqY_7RfoBz6b2PvCIZlCD2v4PMsuCs6u0ms&sai=AMfl-YQ58t8x1aT-RaO1Pew4EFBAnrigvdHcTwWg3rM0sMWfD64J8996pY_XlKc5_VYdcauEPHxvG6pRHOlRthwdtOn81fnYpSvEWgXo6GjJ1J2INb9XcQge54h_svO1Pf93q2md&sig=Cg0ArKJSzE8VXGeruaUPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=132&vt=11&dtpt=131&dett=2&cstd=0&cisv=r20220316.32556&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeFTD9gBs63EjnTntx8amhDbbsSxpZvZmlXy-9StFKbQ4KrhlOJQM3EXBqF2cyDmfdZ-ivcLcbZLoU3NdGAa-MldIm6A&cry=1&dbm_d=AKAmf-DXD24EjApyvM_vtmvLF0jyWOIVAtbRJIbJ03kTrfSwoouPcKZ-kU2W5rwmo1oPPyR9V1Q_br2SlxyjMjDZf7EwLREuNnkcCBWA1XYZL9_87bhQ264UfCDjjpGrg3X1ndTwrN8JPSMmk-8DGn6ezpcgvAji8GzcD2JZbc59kvswwt-_PW7pxOVp7OoDezc7B9JbIoMKxt-Z0lzvOW-8cYH1tICURAeaNOy4kJHzKD2g7oTC8fT__KlTCNeXDt1pfXZE9l5bs-I0WNjen78ySEawp2_O_s3wkgtCBtC_ejK38z4InWBjmWmEAj3_1YLIbVB0GSgi7Hx1_PcxGHo4Sm29moIzCcrwtofKwMll0TTLhEu3QfTnIh_NDeCR7Dlwd_GR4s_87FpGCz-5nXlJBJCNJQKi5g_5T562ABoRyWipzbuE_Ob83R2tYOvLb6-QUdJvCsyShsJucv7HdKpyNgBc1mzlgAlgSZkDEOYkscysXe18CnkU-kthiybyYH9AKr5nwinyeZ3DhZkiV3ahm90YNpAAEmQDtEfw37oiY6ZtSaMqcLC7eA6dSKIsXRtBEfUuhBb69sTkVlPEsOE90Su_9ix2lTwOjhbRNZpYs_OOVp_k54ZFPB2eztyjDgNEFIj5ZHG-PnCIlwD72vwNcsHsBpA8tFxdovHvjgIGu94Nb_1xzIj2iBj4edLb_NeggQNdKBpeGqGE1zQYCehwnjN2oxZwAhDKUCvYLhCYWJR0BehUBSRC-qeoL5qI2r-xb_FK2h-JEptta27tfXItL0mue-T6rBXrhn-sfE2MVwRPuV01JqN5KqsZt-st4S84j_8_RN4zyi8PvDs4E5W0mct2yUCd0UOPztpP0Qm87zRJ8zLt_leCyRJ0XG641q1l1Q-7xB3lLVZIR-D-vkbxiOEHiabOVmFAo2Lkqj0Wi1dnDHmHKNzCM4JI5IuKRqu-qAE3vP7LujZ71Jrl4Mrl5MheVv31p12_JXEUTiLk9VkVtxllDGKz-EnQiPpcap6S0QeWgMLdE05YmalotiqZsb38RVIJW2PdLWrApwGcBfKNOYZPXI5FF3Zey_CDUnaB8h6omWaPuRwfBNRtoutig37NkbC4ZBeP_iZaABYGijg4rG2EpFlhcDMWxhzzEf0MY9NbacE7b3UDwMs6LJFS3qF4RSMSm7mblFTvwpGDKPS3_gHXrIazwFlTRGFiKP3Fyeiyu4x_7KwUALnXYhQ_6KXhRNsyMSzJ-p8W-p04VJ3oDmtIfzOccLqa_DNiqrpo9SCGllrQFnlPpy4NrqP9DmhzHhBUtx6ArO2VkaRT4dmyaRRQiayukPH2270djC3PYbWia-gVci9ymI9ijsQJw8uADCS9UvNOIOvWlmQDrAwU_yuMyxixGBa7UYsmrsdZzUOAcvbwX44GmAZ_Kgg7MZaUQ302r41040RFlW_oIlvycFEt68PWU9nIFixELrpfFJjiUFnFyziHtnzangAfX8891DEegAJDAnkSXOqfOM1JPkMfhPPy-yAfsu6_BfZmqq2btox2NZMwXxIqjvCXskafzcAr7KjqqUEnxpZrv3zR1i8UYWyDHEKYuBwYm43tP719UXJ0IjlqAjAopXx13rgfPwul4e0xlKcyEe7WgW68q9eccNgNGY48JbQ8JGk7xMCn78iWtCvd9LxBH-NYAtoASwONHtbreJkfTgLUN3LmjqGCsX7F4mhKpuOK8NrstL5vQ_GWu8N4T9vB8wq3m5Y6ztyTtUNdnHCQyUj9bOjk8jZjMm5mS4mpDh0Bk5TYlO6NYirdOwbVUFzhd9BVI3F6xsFeH5vaS_CpuaRiE9ZQ8V_qK8qOg_Yv-YltMw7wnJcEUkvGcPa51uzCwE_ODgZHvB6Yd-4bSGtnPRGK5LOjUd43yd3tHRY4GcfM5-BG2P0zSFgNmV79hPH6YrcjN2f1hkTvgQq81nFJAx0LSAqaQimmhdbCNrv3f4jRAcHa-2hAMzjOlLKT5yKCSBxCG62kwvBeRV7qQWCxB_uyJVc2ru-1WLNnE0fqy4Mg2uQbhPv2dwjFC_HmuALmp63YDZGKhSSjg8GgAbkch2iRuMrgreLeVguHKmUyZcI7IFAvHsjzQaR_ucdq8O98V30YXKVakpYr-aS4o3n9OkcyFD5625r-ecAiSbDzoGYJpozpmHjylXXMPdPnVpzIi90PuC46RrC6ufhnFopnDVSHKwrr6BYR1Gb2yTatYEN60nw0I-ZvZNr4H71EWas_4ksI30LKaWf_lZeUwEPtpQnkrlYyZ1Nr60O38QG18C55qKQSLXsyTW8rv5-XEpaKhR51-bnrioFiBwlBvDFb5GUi0dMzNW2DCn8jLDhPmR5JA2A85on10SI1zw6PQTj3TGpYWGNIeMgNKbPe5dBB9qdsOqXashfib4zTcK_Gq25_kC6-7PI1FP_eg-XaaBxDv18YXo6LrSwFOtasTUpMguWSAg08oqe6vTZBOacvrQbQjkPT4gDkIgKgwwkoPW7uMf0eV8S-hWD4Vh6aiUWJuFmll_hdBPPVTdJKDmhtGKf7NuJl-8CNz7i-ayFz0yGaJOshlhy9CfwGloGpQZ_754-rOZNQCb7V3_783iNsyQTUt435IuGP1Ks5_iR_wct1Xyd-K2eftCGuBz89OOPWEnxauq16CPsVYe6nFEuBwOcMEq6p1sDt53S4gEznJ5qaqajOEQZqHkb5ZHHTsOj_XwohVFsUh8DxaSk7rIVZ3ZcePiGnzOQCxcjiakQSs8uRIFqpYQIuuQEnd1c8gVrkxbfCcoqmlUuxhgNQpK4Sr_hkZxaIgBcMpgwEZWVSGw3ZR6aEAWdkkt22D7CrjOFYeVYsmi01PBfBY8wTbJK617hcwvhzoEwSyBFw66bmLg3MaDkOqGaoRhBs4QjocBBI1YG7yFKrHMZK36eez2_ON14R0sGLeTsVWU_L&cid=CAASBORoEmk&rfl=1%2Chttps%253A%252F%252Fomi.app%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 22:16:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F46 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoKCAEqBnRvd2VyQQoKCAIqBnNlcnZlcgosCAQqKG15c2lkaWFfYW5hbHl0aWNzLHBlcmZfdmlkZW9fY29udHJvbDJfNXAKDRArIQAAAAAAACJAMAQKDRADIQAAAAAAIFFAMAQKDRANIQAAAACAmbk_MAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAmQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAAAC3RQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAABoZgZhQDAECg0QFCEAAAAAgBjSQDAECg0QFSEAAAAAAAAkQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAADMzHxiQDAEEhpDSlBKLVpHV3p2WUNGU0xiRVFnZFZXa0g0USIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/daef75a5e808c3b530434f7f22bcc99d.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
pagead2.googlesyndication.com/bg/ Frame A089 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
259275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13802
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 22:15:24 GMT
md
ssl.kaptcha.com/ Frame BF41 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/md
Requested by
Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
Cache-Control
no-cache, no-store, must-revalidate, private
X-Correlation-Id
1f7f2b32-6abe-416d-9da2-36307e816856
Content-Length
0
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5f4d0cfd728896060e57b77f04e5dda6c43c6bbe67dd493ae77ba194524a32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Mar 2022 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10483
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A089 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg5VSRrMzYsLVN4rX7_UP7eK2sAMAAAAAOAHgBAI&bg=!WVqlWh7NAAba2mK92to7ACkAdvg8WkIOsRNPFLu9z66a_7zUDgsrhb1xL9C0TkVu-D5dz2TZMl-I2wIAAACDUgAAAAJoAQeZAvw-qU3HLYKNKAzinzreJIpLBbkOWSd-dPsvFHN7GeDmThVGy-VdAdHFmmuq67vN9IJdl3Y1lS0cRvIaiiBW9BCZK3_oO-lsdxs3-Gy1atnU_1yO-BAr8dVHaoYKPWJ2CkkFxy6N4-uwj93DgDOR56xG6vXv32aSLbbNUDD8FhJPqc8KmO7o8aZx9QMXxQ7B48-qYY5Py-zv2vHoj-u5JS_Jdhnx1ftUPos1iIe7EGjf8vtugocXcUm1NPTp7P8kQ7Ib_sBY2iaCOjovU4601KX-KxG5Er8tL5kjykz2EeaEHpOOc5giFXwizDKhTJFx2PzabC1wLjF-q6-amPP-kr6D0HIjO1HQOZhHoRVxZYXITxDYRfHkMrXIGB8JpdNZ38hBrlsE23jb9-6t_9bLtb3WfiHBjxrfFWIJ-FducbndCJIa4qlnpWTX6ATs9RgHdMYEUmKBFDXITq-LF7eUZ4pOfmn7kChuenqjIg5QziMehUXtfiw3kgzxx1OKs9w28xnBFo7ywVPoyxyA7k1uDLchLe2YWpFbcAWuDNHgCR7YnK6vPONaggqIVPYvH1rMRCmsTx7JJZbYjEW63tQAeoh3wNoaSXr_AovFg9LIGitrr4yfougwDomfq2ItGOU2UVOC0ZAhoqppF1AXlWZSoXQpfcwJVuQOsDT3RSYX2k8VproZC-2mdt4JYwSU504GEwozts-xzCgR-IR25_I6TXiZtojHAujwYVDCJLhYV-GUwXYkdZgDjSrfi6dIpxT2QMNrTs0jdQhOAkQEjJgn_HUAXG0yJl-4NhUKOH6OkdFXh_PDbC-7DxgnDcSFT0BfFHEORQXicOLrcfCxQJfvpaNEkeb7Oq_kgGGa3lH2hOk_keqBbFqe31ED4I4qFPnsEn63ZC6CHNkJMRQZp2nDWzkcB66bzYtC8S48qkT0Gib4HdfWVAKBaW6jpx-3ZLM8C0Hkp1hTRDty0kMzWarQ84NfMTbzaJBpWiV8QoKciDlvXFsPkCZDBSsdJUKO7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4176986958163816&plah=omi.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Mar 2022 22:16:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12E5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 14:57:38 GMT
expires
Fri, 17 Mar 2023 14:57:38 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
26341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5745 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76e22180ba96b6a7352d38a099345f788e06743f4eabb5bcdea963c9a7820c6b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b4qun6eN8/ihDdx6T3YaNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 17 Mar 2022 22:16:39 GMT
date
Thu, 17 Mar 2022 22:16:39 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-b4qun6eN8/ihDdx6T3YaNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
md
ssl.kaptcha.com/ Frame BF41 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/md
Requested by
Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
Cache-Control
no-cache, no-store, must-revalidate, private
X-Correlation-Id
45019898-4de5-4760-a222-ffe22d828d1e
Content-Length
0
Expires
0
Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
pagead2.googlesyndication.com/bg/ Frame 12E5 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 22:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
259275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13802
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 22:15:24 GMT
md
ssl.kaptcha.com/ Frame BF41 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/md
Requested by
Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
Cache-Control
no-cache, no-store, must-revalidate, private
X-Correlation-Id
93c899e8-1c1f-4b42-b4c8-becb82f47418
Content-Length
0
Expires
0
md
ssl.kaptcha.com/ Frame BF41 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/md
Requested by
Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
Cache-Control
no-cache, no-store, must-revalidate, private
X-Correlation-Id
588f4a68-f766-47ad-b443-15e7c5679990
Content-Length
0
Expires
0
fin
ssl.kaptcha.com/ Frame BF41 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/fin
Requested by
Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssl.kaptcha.com/logo.htm?m=205000&s=46pp4w62rc4yj3tukwa7kx65kc5lqd24
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Thu, 17 Mar 2022 22:16:39 GMT
Cache-Control
no-cache, no-store, must-revalidate, private
X-Correlation-Id
c4005f4a-6c3c-4b47-954f-f953efbaa915
Content-Length
0
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5745 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220316&jk=4214588430618569&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 12E5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lg6Jcg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9626 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZygU1mRCqx4LT8-k2qWiHrx_aagP-SyxlmsCFvci5LZueT9IJ0Cl8sHGqfyBRSMrjogP3hsWiAWqqQChipy1YooZgOojOBHVMzDVYwTSb4DvzCixU3A&sai=AMfl-YSnQ7QA3IxsoEc94ydxZSMq5eIA7zBr0zMfna1GcrXYZ5uPvhmUcln1X_gw-heR5q_rhfF_-8_2H7Mo&sig=Cg0ArKJSzEa78bK7yZn4EAE&cid=CAASBORoEmk&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=572,1001,1001,1001,1001&tos=572,429,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647555398666&rpt=573&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220316&jk=4214588430618569&bg=!FxSlFFDNAAba2mK92to7ACkAdvg8Wgj234EjldwNvyfYQytS1tBGQctg_ttcbH--QAGe4IvUFDC5mQIAAABTUgAAAARoAQeZAuWdYqjvTseibWb301VAaQ2uIktjC_B7AdriygrhqOHrFQBT0tU7c3rVmVp2AsHSIjiQRuL8hbyQJqXt1lbC-AAWzaZkQpDmhlomDu68gEYjdR16O1jHe_lzvpYp6XyCeha-JZz67JzFc_PMOh_YHdaQ7H9No0J6JPOzqB179TV4FhCjqaLe_BXAzmf3sdQNkPJSnsmdlU9RiDEQC0y2PlTngm8Enin3lg5kATC2pnAACgiKJi4OrC7IeDBHDf3Nt6M8dWb2mtQTuoM-ubpeRxTWqyl1RrPGfZqQ8V5xAXTdVNt-UOHTsu3__N0REyyW1PF0C-jl9yJefBKbQK7GrWQaGEM8cmO481RBanZb01G9NSHPS4HS6ZyRKOWuBtgu_UUQDXmWwGa26C2Nf_FZ0BcLbfGICsSC3N_MMxuaieE3nhGWJoqoKZ2hBOTvEfG9dznptaFGWkSJLSjwYrQn_UYBi6OLkOXXuZ4qGgPxWkzu31EwxcEHQNLU6Nynef4KMH6owP5LEJO_u7q5lpOx1CH6MfC6w-h2zbjhpdGk0jB0lSOqy6t_4IVAXTMrX-i95O7AjJLVjXsqmqwo8qNcrg5kF5nryny_NYovPVlbiwLCP0DX0AdkbNS0l6NvsReqVyV9igXkgDuUlcNkH7HetbCKuEyiXH-8hCHRHqf0uQ5APsNJAygK1D5fizztEyXwWAtDT2ZUxqQzrfa8Junq5GFrFqrTDDOSsE3rWXRHLksoF-sXZtcP52fCiql0iQ9BI904EszOcce2YT-SL7t7-0wGRQnTOAZMk-M4bN0HKQjn10_zU6Fk4lJ-Qs6a4Z-_wAb2c-CEB6pxKyU1Y9Es17ZGw0uzwwJqod48AmXcD1yafJkT29fTgw-Mxop8XGxLYAXAm-oU7JaNlbcATT8wjHD0ShC4qLnzPb0xaTC1t5BZeuuZsCggLlg7JwRKekNwXFuR9_mAE0Cu2jkwTm7JJpX63T7oK5E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-4176986958163816&su=omi.app&eid=42530889&doc=complete&pg_h=1321&pg_w=1600&pg_hs=1321&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Mar 2022 22:16:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
osiris_logo-078284456c2bf90747be6db96efa76fd.png
omi.app/assets/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omi.app/assets/images/osiris_logo-078284456c2bf90747be6db96efa76fd.png
Requested by
Host: omi.app
URL: https://omi.app/assets/vendor-1cc5aa65cef971452da7a62942602449.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
729939dff7cb49ad38d3b6cd5b933826f8401456644bb25e5d9a708bc0f7e6ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:41 GMT
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:41 GMT
server
Google Frontend
etag
"5Ze1fg"
x-cloud-trace-context
a1f3865096f098af14236642c4731c1a
content-type
image/png
omi_patient_horizontal-b0159db55cce8a401b4c49b57c68020e.png
omi.app/assets/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omi.app/assets/images/omi_patient_horizontal-b0159db55cce8a401b4c49b57c68020e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3d45bb2f424d4777686cd8bee00f6b68edefc59378da5b2a1572001c054eb27e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:41 GMT
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:41 GMT
server
Google Frontend
etag
"5Ze1fg"
x-cloud-trace-context
a1f3865096f098af14236642c4731c1a
content-type
image/png
gcp.svg
omi.app/assets/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omi.app/assets/images/gcp.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
bbd3a7153cde52d0e31ab8b592eedf6e3254e36608254e8978a766b00390950e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omi.app/covid-19/welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:41 GMT
content-encoding
gzip
server
Google Frontend
etag
"5Ze1fg"
content-type
image/svg+xml
x-cloud-trace-context
d06a0835aae7a112e58513d1df8cbdd9
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:41 GMT
SohoGothicPro-Regular.otf
omi.app/assets/fonts/SohoGothicPro/ 		82 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omi.app/assets/fonts/SohoGothicPro/SohoGothicPro-Regular.otf
Requested by
Host: omi.app
URL: https://omi.app/assets/@apps/main-9659f8bae1b2ab51ef780a629d26a504.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
49061f8611df8e4f7c19fa959527223859f854b1c1f7370f1e31fc63a74ce0bd

Request headers

Referer
https://omi.app/assets/@apps/main-9659f8bae1b2ab51ef780a629d26a504.css
Origin
https://omi.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 22:16:41 GMT
content-encoding
gzip
server
Google Frontend
etag
"5Ze1fg"
content-type
font/otf
x-cloud-trace-context
0f37370dcb6ed783317af32df012000e
cache-control
public, max-age=600
expires
Thu, 17 Mar 2022 22:26:41 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| structuredClone object| oncontextlost object| oncontextrestored object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| _typeof function| bugsnag object| easyXDM function| conektaAjax object| ConektaVersion object| ConektaStorage object| bugsnagConektaClient object| Conekta string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaData object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests function| _classCallCheck function| _defineProperties function| _createClass function| _possibleConstructorReturn function| _assertThisInitialized function| _getPrototypeOf function| _inherits function| _setPrototypeOf function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles boolean| preferNative function| _get undefined| __ember_auto_import__ object| EmberENV function| moment function| $ function| jQuery object| regeneratorRuntime object| mainContext object| Ember object| Em function| Hammer function| propagating function| jsPDF function| tmp function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| html2pdf function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| saveAs object| FileSaver function| flatpickr object| es object| FullCalendar object| Papa object| base64 function| Stellar object| $Jease$ object| $Jssor$ object| $JssorSlideshowFormations$ function| $JssorSlideshowRunner$ function| $JssorBulletNavigator$ function| $JssorArrowNavigator$ function| $JssorThumbnailNavigator$ function| $JssorCaptionSlideo$ function| $JssorSlider$ function| Color function| Chart object| webpackJsonp_ember_auto_import_ function| _eai_r function| _eai_d function| emberAutoImportDynamic object| google_image_requests object| google_llp function| Intercom number| google_lpabyc function| __intercomAssignLocation object| GoogleGcLKhOms

13 Cookies

Domain/Path Name / Value
.omi.app/ Name: _ga
Value: GA1.2.556219275.1647555398
.omi.app/ Name: _gid
Value: GA1.2.1370846284.1647555398
.omi.app/ Name: _gat
Value: 1
.omi.app/ Name: __gads
Value: ID=8a4289d65d8c5b94-221494f25dcd0013:T=1647555398:RT=1647555398:S=ALNI_MZXqiyj8Tk3q7j4sp8wxGw1dWX6OA
.doubleclick.net/ Name: IDE
Value: AHWqTUnbXbxR45ZKK8shIAU_AbLoPAsYUz0-F7RKlrqDYdYP9LaK9AQJfeY7W0y9QP0
.casalemedia.com/ Name: CMID
Value: YjOzRm-CjkYYukjGpSYa1AAA
.casalemedia.com/ Name: CMPS
Value: 3271
.casalemedia.com/ Name: CMPRO
Value: 1110
.casalemedia.com/ Name: CMST
Value: YjOzR2Izs0cA
.adnxs.com/ Name: uuid2
Value: 1090739974759852230
.casalemedia.com/ Name: CMRUM3
Value: 2d6233b3472760CAESEP9pWd41Ih3iOOlb8dfXUsk
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaSK7(ka!@wnfH8K6pQK`!5=E<*L5?%L^e)8c1gYp`#m<VYJ1UJF>^lY@MC2^PfIyi7T*bpRz*qF1`*b^CP)x'F<
ssl.kaptcha.com/ Name: k
Value: 52ebad5a5a364e49bbe2e74eab797ffe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.conekta.io
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
js.intercomcdn.com
omi.app
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
ssl.kaptcha.com
stats.g.doubleclick.net
tpc.googlesyndication.com
widget.intercom.io
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
142.250.184.226
142.250.185.98
185.33.221.89
2.18.234.21
2001:4860:4802:32::15
2a00:1450:4001:800::2006
2a00:1450:4001:803::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9b
52.222.137.106
52.222.137.52
52.222.137.73
54.148.115.137
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0fd513cb87c1edba562bb984fa4a9b4d7558c4587b66ad626a09af7d28bc1b54
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
3d45bb2f424d4777686cd8bee00f6b68edefc59378da5b2a1572001c054eb27e
4213007144c37c15898f6529d459f5ad73a6f9c8edb5cb2ad92a8323e722fc9e
49061f8611df8e4f7c19fa959527223859f854b1c1f7370f1e31fc63a74ce0bd
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1dee9005bd4281c1f303cb3db45fdb3f2e719abca12a7812cad47a27bbf92a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b33d2bce2b547cbe611c20e06c57f505d659cab83fed932955447d30aca592
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
700173c53e838ff0f06b697cd53d11142a36abc311200960ccf165ab2457e350
71a7d025326d249c9216b13252cdedbdc97dfd97ac708e6b79c5d1b40fdc6426
72256cd634e2226f7e69336208682b8049b0ba1739f54463708d0d8445177dd0
729939dff7cb49ad38d3b6cd5b933826f8401456644bb25e5d9a708bc0f7e6ac
76e22180ba96b6a7352d38a099345f788e06743f4eabb5bcdea963c9a7820c6b
7a190b9dc49e32cf25b59bdc79b7a73fd839bc98271248409d16aba6d5ca0f41
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b6fad06ec82cd4f500e0251f0363246474834512e2c98c79ad55f65ad14d1fa
83fc71b25a29d00bcf4d9e74fa4af04bce0fd5c3c66995b00b4465a143e066b1
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
886332abb1d9ac205e4970c214f19ab3a113f455f7bac95c41e10978d24c3449
8b5d56eba8e277e6676341bf7fd5fd3dac576450bc88e8faaecc6117040f377b
92033d4e57186a6b76c9cfba6777cbca9bdb569bb056889110d306740e4feab4
93d2b20c1c3c85715da3880622c6ba09e33fa7b5480dd1d946c8ea90db43a8e5
9d8674a7e2fe0a76d89597205b4b03885f98788a669c30155b39e8da50934267
9fc4295b7eb2771e3a6e272d81f732f5f131029029871ce9ec18dfb3874d9e4b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc8248c65b1d5277d920cd0aaadaf2d0b0aeb2c31c3078171127866ad304b7
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbd3a7153cde52d0e31ab8b592eedf6e3254e36608254e8978a766b00390950e
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
be6f75a2748183dbea7be60403de8357de22987b565327ee738586416ea7e7fd
c5f4d0cfd728896060e57b77f04e5dda6c43c6bbe67dd493ae77ba194524a32e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ceb6019241751dffe336346c5c4540634a286aa657911b6766b77e6ee4da3620
cf108825d0b436058bdb992b20b670da7741b1ec672f2f13a18b89561a4a71c0
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d4528ddfc94c3e9eddf33c51c56238ee2c7f07abb87b4c56362d3676962029d0
e0c254788ad36f95d44c1786c590263e89ea3976fcbc9ae7c82c52493b254391
e0edfd39fc2f3bb33cc34d6a66e30f481e9724979413a27a023a4f8e059dd407
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ab115372791fd65190bb554dda1e4272e3ec3c57f89ab3b87a636b7ee199c5
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f83c0812d2ef30a334de87811cf685f2d21e23c4b6785926f987c4e164e7e3eb