soothingnature.xyz Open in urlscan Pro
54.38.29.221 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://soothingnature.xyz/
Submission: On February 27 via manual (February 27th 2021, 6:54:04 am UTC) from FR

Summary HTTP 146 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 16 domains to perform 146 HTTP transactions. The main IP is 54.38.29.221, located in France and belongs to OVH, FR. The main domain is soothingnature.xyz.

This is the only time soothingnature.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	54.38.29.221 54.38.29.221	16276 (OVH) (OVH)
7	54.38.29.222 54.38.29.222	16276 (OVH) (OVH)
21	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
3 6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
146	23

36 54.38.29.221 (France)

ASN16276 (OVH, FR)
PTR: ip221.ip-54-38-29.eu

soothingnature.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.webeyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.38.29.222 (France)

ASN16276 (OVH, FR)
PTR: ip222.ip-54-38-29.eu

revenueflex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1074cb23299a34172a7af08428bb971d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1084a231a6398f61d4814e21619a28ee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com 1074cb23299a34172a7af08428bb971d.safeframe.googlesyndication.com tpc.googlesyndication.com 1084a231a6398f61d4814e21619a28ee.safeframe.googlesyndication.com pagead2.googlesyndication.com	180 KB
24	webeyo.com cdn.webeyo.com	2 MB
20	ampproject.org cdn.ampproject.org	396 KB
18	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	286 KB
12	soothingnature.xyz soothingnature.xyz	122 KB
10	google.com 3 redirects apis.google.com adservice.google.com www.google.com	23 KB
7	revenueflex.com revenueflex.com	160 KB
6	gstatic.com fonts.gstatic.com	110 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	googletagmanager.com www.googletagmanager.com	116 KB
2	google.nl adservice.google.nl	2 KB
2	facebook.net connect.facebook.net	63 KB
1	google.de www.google.de	107 B
1	jquery.com code.jquery.com	33 KB
146	16

	Domain	Requested by
24	cdn.webeyo.com	soothingnature.xyz
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net soothingnature.xyz tpc.googlesyndication.com cdn.ampproject.org
20	cdn.ampproject.org	securepubads.g.doubleclick.net
14	securepubads.g.doubleclick.net	soothingnature.xyz securepubads.g.doubleclick.net revenueflex.com
12	soothingnature.xyz	soothingnature.xyz
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
7	www.google.com	3 redirects soothingnature.xyz
7	revenueflex.com	soothingnature.xyz revenueflex.com
6	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com soothingnature.xyz
4	fonts.googleapis.com	soothingnature.xyz securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	soothingnature.xyz
3	www.googletagmanager.com	soothingnature.xyz
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.nl	securepubads.g.doubleclick.net
2	platform.twitter.com	soothingnature.xyz platform.twitter.com
2	connect.facebook.net	soothingnature.xyz connect.facebook.net
1	syndication.twitter.com	platform.twitter.com
1	www.google.de	soothingnature.xyz
1	1084a231a6398f61d4814e21619a28ee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	1074cb23299a34172a7af08428bb971d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	code.jquery.com	soothingnature.xyz
1	apis.google.com	soothingnature.xyz
146	24

This site contains links to these domains. Also see Links.

Domain
webeyo.com

Subject Issuer	Validity	Valid
revenueflex.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google.nl GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://soothingnature.xyz/
Frame ID: 3CCCF0E150289DC3FEA1F8F3110D41BA
Requests: 71 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=http%3A%2F%2Fsoothingnature.xyz
Frame ID: 3A64A3877B13A232516137E8E9A66129
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4FA13073D0C30BD6DFE95E023D2668C6
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: E9BB307D2B0609CEFB725F4C0A80A1D6
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 298C287A3F9A7AF5D1CFE033275B70CB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042011201932000/amp4ads-v0.mjs
Frame ID: 5FECB0A5B8C29D355BC8B82742F1B13C
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042012090206000/amp4ads-v0.mjs
Frame ID: E18C3A3814E7B08437587897D3E2B002
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 197D5739C4A3A1EBD36D89F9C532D74E
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 63600487F7978A926F73E24A49AC7449
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

146
Requests

73 %
HTTPS

82 %
IPv6

16
Domains

24
Subdomains

23
IPs

5
Countries

3312 kB
Transfer

5935 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://webeyo.com/
Title: Webeyo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://connect.facebook.net/en_EN/sdk.js HTTP 307
https://connect.facebook.net/en_EN/sdk.js

Request Chain 52

http://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c

Request Chain 96

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 126

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 141

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

146 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request / Show response
soothingnature.xyz/ 28 KB
29 KB 124ms
77ms Document
text/html 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://soothingnature.xyz/

Protocol

HTTP/1.1

Server

54.38.29.221 , France, ASN16276 (OVH, FR),

Reverse DNS

ip221.ip-54-38-29.eu

Software

nginx/1.16.1 /

Resource Hash

e64d0f41035ae3f7dc714c1f628607ffc252485fd08dcb20123aae2cdd5a6f44

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';script-src * data: blob: 'unsafe-inline' 'unsafe-eval';connect-src * data: blob:;img-src * data: blob: 'unsafe-inline';frame-src * data: blob:;style-src * data: blob: 'unsafe-inline';font-src * data: blob: 'unsafe-inline'

Request headers

Host: soothingnature.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Sat, 27 Feb 2021 06:53:45 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Legth: 28736
Expires: Sat, 27 Feb 2021 06:54:15 GMT
Cache-Control: max-age=30 public
Pragma: public
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';script-src * data: blob: 'unsafe-inline' 'unsafe-eval';connect-src * data: blob:;img-src * data: blob: 'unsafe-inline';frame-src * data: blob:;style-src * data: blob: 'unsafe-inline';font-src * data: blob: 'unsafe-inline'
X-Proxy-Cache: EXPIRED

GET
H/1.1 200 1146 Show response
revenueflex.com/rest/siteconfig/ 47 B
605 B 119ms
38ms Script
text/plain 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/rest/siteconfig/1146?pg=http%3A%2F%2Fsoothingnature.xyz%2F&cache_buster=0.028412929045001922
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 962ccd103e3addd1c3119c689f4ad7240175517e44523203a2ff10d219a55d7e

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 06:53:45 GMT
X-Mobile-Device: 0
Server: nginx/1.16.1
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,HEAD,OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:15 GMT
Cache-Control: max-age=30
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length: 47
X-Proxy-Cache: EXPIRED

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 79ms
29ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

15804f1ce387ae0329b029657f0cee65e62be2ba0cac809a8620d43d8806ff00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "796 / 893 of 1000 / last-modified: 1614381521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19360
x-xss-protection: 0
expires: Sat, 27 Feb 2021 06:53:45 GMT

GET
H/1.1 200
OK prebid.js Show response
revenueflex.com/d/ons/ 280 KB
89 KB 106ms
31ms Script
application/javascript 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/ons/prebid.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 4b68ac5bebfad97e8eeb6faa468a74da58d90a0055d7226170090ad94651e367

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 06:53:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 21:00:44 GMT
Server: nginx/1.16.1
ETag: "60356cfc-1639f"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 91039
Expires: Sat, 27 Feb 2021 07:03:45 GMT

GET
H/1.1 200
OK 21b3251820e2a3b961c2b49757af0272ce7a950f.js Show response
revenueflex.com/d/2/1/b/ 101 KB
34 KB 106ms
31ms Script
application/javascript 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 60c250dda1aac5889f56aa7f35ef287b92059add61a1aac8c8535228f370c03d

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 06:53:45 GMT
Content-Encoding: gzip
X-Mobile-Device: 0
Server: nginx/1.16.1
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60
Connection: keep-alive
Expires: Sat, 27 Feb 2021 06:54:45 GMT

GET
H/1.1 200 ipinfo Show response
cdn.webeyo.com/ 199 B
494 B 76ms
43ms Script
text/plain 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.webeyo.com/ipinfo
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 3afd112a7028362ffd5ad58c02a6f28f0fa99c2d3377d00213b955bb0ae2a778

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: text/plain;charset=ISO-8859-1
Expires: Sat, 27 Feb 2021 07:53:45 GMT
Cache-Control: max-age=3600, public
Connection: keep-alive
Content-Length: 199
X-Proxy-Cache: MISS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155207744-1

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb431fde68d006b91696301dbed291230beab9035d5f3f24d247091678006ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39454
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 06:53:45 GMT

GET
H/1.1 200 style.css
soothingnature.xyz/v4/desktop/ 29 KB
29 KB 36ms
34ms Stylesheet
text/css 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://soothingnature.xyz/v4/desktop/style.css
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 39fcb4a98d2e61d57bb930252d1037341cf4b1795b19f87c7731fb64bd8913a7

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: text/css
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 29206
X-Proxy-Cache: HIT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 42ms
23ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UgsgD07NzdFLaly216/8bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "623116f45e9f09f5d58245285ae27df0"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-UgsgD07NzdFLaly216/8bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 27 Feb 2021 06:53:45 GMT

GET
H/1.1 200
OK 6243_logo.png
soothingnature.xyz/contentimages/0site_imgs_data/2/4/3/ 2 KB
3 KB 50ms
39ms Image
image/png 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/contentimages/0site_imgs_data/2/4/3/6243_logo.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 27b763b49fef2eed192f42812ac3719530206dc5baf4b0da3522a409b9663fdc

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Thu, 07 Jan 2021 10:08:38 GMT
Server: nginx/1.16.1
ETag: "5ff6dda6-8c6"
Content-Type: image/png
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2246
X-Proxy-Cache: HIT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 52ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164836676-23

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a495086825ae576bb41088e71fe50cbf51a3f3167f7b1f5d2ac9fc97cf777787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39363
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 06:53:45 GMT

GET
H2 200 jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
33 KB 25ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: gzip
last-modified: Tue, 28 Apr 2015 16:20:58 GMT
server: nginx
etag: W/"553fb36a-176d5"
vary: Accept-Encoding
x-hw: 1614408825.dop216.fr8.t,1614408825.cds232.fr8.hc,1614408825.cds127.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33261

GET
H/1.1 200 owl.carousel.js Show response
soothingnature.xyz/v4/desktop/js/ 52 KB
52 KB 34ms
32ms Script
text/plain 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://soothingnature.xyz/v4/desktop/js/owl.carousel.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: text/plain; charset=UTF-8
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 52797
X-Proxy-Cache: HIT

GET
H/1.1 200 custom.js Show response
soothingnature.xyz/v4/desktop/js/ 3 KB
3 KB 32ms
30ms Script
text/plain 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://soothingnature.xyz/v4/desktop/js/custom.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 4f24994cf474ab631f0048cd64efa084cc8e53b9bbd0c97d67f66389e7f0f806

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: text/plain; charset=UTF-8
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 3247
X-Proxy-Cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
718 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,700,800,500,300

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5f3952e2ef2035850d79f04862739ee276900e3fb6223a7228ed1d715e8c5f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:53:45 GMT
server: ESF
date: Sat, 27 Feb 2021 06:53:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Feb 2021 06:53:45 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_EN/
Redirect Chain

http://connect.facebook.net/en_EN/sdk.js
https://connect.facebook.net/en_EN/sdk.js

3 KB
3 KB

34ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_EN/sdk.js

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1264782a129966f07a0c55310f18575bcbca3c0969fd8e516268c3d04ee52c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5HPs8sjfDw3UaHeSM07NGw==
cross-origin-resource-policy: cross-origin
expires: Sat, 27 Feb 2021 07:10:57 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: sUUCOCgISSD4+Rf+ocdqfL2kRfQ8XvHgJ3KydIEh1ZWB21Q4YQ00Mt67XOpyyECXxdSDN3BFVUYmijTVZ1Jegw==
x-fb-trip-id: 686109401
x-fb-content-md5: d67e909ed3336ca130ec749b4164bc8a
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 27 Feb 2021 06:53:45 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "f27e320671895b69aaae8dc01790fc92"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_EN/sdk.js#xfbml=1&version=v2.0
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 39ms
24ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B85) /
Resource Hash: c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 06:53:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1074
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28744
x-tw-cdn: VZ
Last-Modified: Mon, 08 Feb 2021 21:21:01 GMT
Server: ECS (amb/6B85)
Etag: "11a0c75a945561958f0b924da0e67334+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200 searchbg.png
soothingnature.xyz/v4/desktop/images/ 212 B
485 B 39ms
38ms Image
image/png 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/searchbg.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 9e797b9e6fd24e5a7da5feec0388488fc247be90c6f81c9a50ee96771554c5ac

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 212
X-Proxy-Cache: HIT

GET
H/1.1 200 search.png
soothingnature.xyz/v4/desktop/images/ 493 B
766 B 57ms
44ms Image
image/png 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/search.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 7e1150dbc4124a8d6dfa07c66f475f2fa4064a33c888474c73427bc3b49e09d8

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 493
X-Proxy-Cache: HIT

GET
H/1.1 200 home.png
soothingnature.xyz/v4/desktop/images/ 619 B
892 B 39ms
32ms Image
image/png 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/home.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: b395ec4964eaea12636df05446d2b869fc711b7cf7cd630cd7bce422c954aaaf

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 619
X-Proxy-Cache: HIT

GET
H/1.1 200 dots.png
soothingnature.xyz/v4/desktop/images/ 282 B
555 B 57ms
44ms Image
image/png 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/dots.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 752384965c9820183a08c77c9a12567f7be4eaa4f898646f37db0c21cbce67ef

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 282
X-Proxy-Cache: HIT

GET
H/1.1 200
OK most-absurd-coincidences-tn.jpg
cdn.webeyo.com/c/9/9/7/most-absurd-coincidences/ 75 KB
75 KB 66ms
53ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/9/9/7/most-absurd-coincidences/most-absurd-coincidences-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 63e23bb3f126a0057e5f87ab6855b65e589bf36e7e2ea446cd0cab16040400b2

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 26 Feb 2021 08:05:39 GMT
Server: nginx/1.16.1
ETag: "6038abd3-12a60"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76384
X-Proxy-Cache: MISS

GET
H/1.1 200
OK 25-terrifying-archaeological-discoveries-tn.jpg
cdn.webeyo.com/c/5/5/5/25-terrifying-archaeological-discoveries/ 116 KB
116 KB 58ms
30ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/5/5/5/25-terrifying-archaeological-discoveries/25-terrifying-archaeological-discoveries-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 996e5c64b65e91ac6230e51bd3e1066d8528ca886d4629fe6868401f28a5e6ce

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sun, 21 Feb 2021 16:22:00 GMT
Server: nginx/1.16.1
ETag: "603288a8-1cf09"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118537
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK top-10-places-to-see-fossils-that-rock-tn.jpg
cdn.webeyo.com/c/3/9/0/top-10-places-to-see-fossils-that-rock/ 148 KB
148 KB 62ms
34ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/3/9/0/top-10-places-to-see-fossils-that-rock/top-10-places-to-see-fossils-that-rock-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: a8b9520692636f899ac58da8b48fb4c52f75b8ebd1ad4b23ff82d3beb45dec52

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sun, 21 Feb 2021 10:23:07 GMT
Server: nginx/1.16.1
ETag: "6032348b-24e41"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151105
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK frozen-cars-tn.jpg
cdn.webeyo.com/c/3/8/5/frozen-cars/ 108 KB
108 KB 44ms
40ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/3/8/5/frozen-cars/frozen-cars-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: b4c9f3afd45ec4a00166932dddb6328aedbe4a899446285590d0d92377d53bd9

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sun, 21 Feb 2021 09:18:51 GMT
Server: nginx/1.16.1
ETag: "6032257b-1ae2d"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110125
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK caught-taking-funny-selfies-tn.jpg
cdn.webeyo.com/c/1/6/3/caught-taking-funny-selfies/ 92 KB
93 KB 67ms
53ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/1/6/3/caught-taking-funny-selfies/caught-taking-funny-selfies-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 21c7866e77e04c770e55ac51981d6590cc6dec62a2d5df1d1fcc2814699dd06e

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sat, 20 Feb 2021 19:55:59 GMT
Server: nginx/1.16.1
ETag: "6031694f-1706d"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94317
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK seebergsee-tn.jpg
cdn.webeyo.com/c/1/0/5/seebergsee/ 107 KB
107 KB 65ms
53ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/1/0/5/seebergsee/seebergsee-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 94c773dcde64d37e7e0c794d01170d887dd0a3970b7756bf9559dd5f95cbc535

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sat, 20 Feb 2021 17:51:14 GMT
Server: nginx/1.16.1
ETag: "60314c12-1ab18"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109336
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK https-youtu-be-kmsd9sq86qi-tn.jpg
cdn.webeyo.com/c/1/0/3/https-youtu-be-kmsd9sq86qi/ 79 KB
79 KB 69ms
68ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/1/0/3/https-youtu-be-kmsd9sq86qi/https-youtu-be-kmsd9sq86qi-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: d2e59a705b8eacd189c1ffbc010a7dd82266a78a97602c52990f93d4c28d3e3c

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sat, 20 Feb 2021 17:41:57 GMT
Server: nginx/1.16.1
ETag: "603149e5-13a83"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80515
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK best-hairstyles-1-tn.jpg
cdn.webeyo.com/c/0/4/9/best-hairstyles-1/ 102 KB
103 KB 29ms
29ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/0/4/9/best-hairstyles-1/best-hairstyles-1-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 90484e5ee10b3b73380166327c3d50cc14203fafb8072a110e58b782fc0b25e9

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sat, 20 Feb 2021 15:29:39 GMT
Server: nginx/1.16.1
ETag: "60312ae3-1982e"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104494
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK abandoned-train-and-subway-stations-of-the-world-tn.jpg
cdn.webeyo.com/c/8/6/3/abandoned-train-and-subway-stations-of-the-world/ 177 KB
178 KB 65ms
64ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/8/6/3/abandoned-train-and-subway-stations-of-the-world/abandoned-train-and-subway-stations-of-the-world-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 389f810081adb6aa2ba7fe10b96924ec69484e5662b5a3361f087670f8e7e274

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sat, 20 Feb 2021 11:28:09 GMT
Server: nginx/1.16.1
ETag: "6030f249-2c589"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181641
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK karlstejn-castle-tn.jpg
cdn.webeyo.com/c/8/6/0/karlstejn-castle/ 140 KB
140 KB 64ms
63ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/8/6/0/karlstejn-castle/karlstejn-castle-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: d011a4101fd4988a5f39a8a5002b2d725398224fb8d3c9b7b203e075891b7548

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sat, 20 Feb 2021 10:40:36 GMT
Server: nginx/1.16.1
ETag: "6030e724-22efc"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143100
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK spotted-pardalote-pardalotus-punctatus-tn.jpg
cdn.webeyo.com/c/6/6/1/spotted-pardalote-pardalotus-punctatus/ 94 KB
95 KB 133ms
33ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/6/6/1/spotted-pardalote-pardalotus-punctatus/spotted-pardalote-pardalotus-punctatus-tn.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 2328d5414427f92593c9bf308f7e0ecd003403c9528be11dfa899f2321a16b61

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 20:36:06 GMT
Server: nginx/1.16.1
ETag: "60302136-1790c"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96524
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK interesting-facts-about-daisies-tn-small.jpg
cdn.webeyo.com/c/6/3/9/interesting-facts-about-daisies/ 43 KB
44 KB 110ms
29ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/6/3/9/interesting-facts-about-daisies/interesting-facts-about-daisies-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: a74e8e09a8ed5e6af50dc8b11de9bdfb88eb2f32f7ac31eeb5a9882732642be0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 20:01:24 GMT
Server: nginx/1.16.1
ETag: "60301914-acca"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44234
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK the-meaning-of-the-red-rose-tn-small.jpg
cdn.webeyo.com/c/6/0/8/the-meaning-of-the-red-rose/ 25 KB
26 KB 111ms
29ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/6/0/8/the-meaning-of-the-red-rose/the-meaning-of-the-red-rose-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 0c9490e92e52ac1f7afb971f21968de9d39a7c477a46cf53049abc5b275d7773

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 19:04:26 GMT
Server: nginx/1.16.1
ETag: "60300bba-64db"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25819
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK 10-regular-food-items-that-can-cause-you-serious-harm-tn-small.jpg
cdn.webeyo.com/c/5/6/5/10-regular-food-items-that-can-cause-you-serious-harm/ 32 KB
33 KB 123ms
31ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/5/6/5/10-regular-food-items-that-can-cause-you-serious-harm/10-regular-food-items-that-can-cause-you-serious-harm-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: c4ec9a806a1f6ac0a51ba942a405f4b8dba3f44fdfe4841b4d6632f890a5a3c3

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 18:11:48 GMT
Server: nginx/1.16.1
ETag: "602fff64-8068"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32872
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK unusual-growth-of-different-fruits-tn-small.jpg
cdn.webeyo.com/c/4/8/6/unusual-growth-of-different-fruits/ 35 KB
35 KB 112ms
31ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/4/8/6/unusual-growth-of-different-fruits/unusual-growth-of-different-fruits-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 350fa6b81a7d23f77c5382368f4f614e108ecd6df188033258e2825edb79cc21

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 14:59:17 GMT
Server: nginx/1.16.1
ETag: "602fd245-8b37"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35639
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200 catarrow.png
soothingnature.xyz/v4/desktop/images/ 262 B
539 B 32ms
31ms Image
image/png 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/catarrow.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 08196ab534a0139fec71d97c2037daaaef0997ca8e2e139a9a33611dbf7dc374

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 262
X-Proxy-Cache: EXPIRED

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v19/ 41 KB
42 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700,800,500,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/css?family=Raleway:400,700,800,500,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:43:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:51:07 GMT
server: sffe
age: 598
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42444
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:43:47 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCMIT4ttDfCmxA.woff2
fonts.gstatic.com/s/raleway/v19/ 25 KB
25 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyCMIT4ttDfCmxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700,800,500,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c9a86d084f63f0e120f67bfdb88e3841be15905b6f55d36968d2a1da407b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/css?family=Raleway:400,700,800,500,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:49:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:16:18 GMT
server: sffe
age: 183827
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25516
x-xss-protection: 0
expires: Fri, 25 Feb 2022 03:49:58 GMT

GET
H/1.1 200 arrowleft.png
soothingnature.xyz/v4/desktop/images/ 1 KB
2 KB 33ms
32ms Image
image/png 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/arrowleft.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 8804e09bd9622f62c7ea9d112aadc64b1076efb855fd6874428c1ea1421f8049

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 1314
X-Proxy-Cache: HIT

GET
H/1.1 200 arrowright.png
soothingnature.xyz/v4/desktop/images/ 1 KB
2 KB 32ms
32ms Image
image/png 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://soothingnature.xyz/v4/desktop/images/arrowright.png
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/v4/desktop/style.css
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 84c9b7fb37ffcb48f3013d74e9873a134c75422d94cd1195fb5968a3b8fc4683

Request headers

Referer: http://soothingnature.xyz/v4/desktop/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Content-Type: image/png
Expires: Sat, 27 Feb 2021 07:03:45 GMT
Cache-Control: max-age=600, public
Connection: keep-alive
Content-Length: 1308
X-Proxy-Cache: HIT

GET
H3-Q050 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ 290 KB
102 KB 85ms
56ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sat, 27 Feb 2021 06:53:45 GMT

GET
H/1.1 200
OK genetic-mutations-in-humans-tn-small.jpg
cdn.webeyo.com/c/4/5/4/genetic-mutations-in-humans/ 24 KB
24 KB 53ms
53ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/4/5/4/genetic-mutations-in-humans/genetic-mutations-in-humans-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: a92f2804951ebc50c30e8d7c051a4baf40f783c1b2e0c67780576b9963cd2505

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 13:59:45 GMT
Server: nginx/1.16.1
ETag: "602fc451-5ef7"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24311
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK winter-photos-and-memes-tn-small.jpg
cdn.webeyo.com/c/4/5/0/winter-photos-and-memes/ 33 KB
34 KB 79ms
36ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/4/5/0/winter-photos-and-memes/winter-photos-and-memes-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 09ff39f979369e275ffaea4e0b3af3619e153f4a781f598c1c6d4e9ce2ba6e7e

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 13:18:13 GMT
Server: nginx/1.16.1
ETag: "602fba95-846f"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33903
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK 21-fairy-tale-towns-in-germany-tn-small.jpg
cdn.webeyo.com/c/2/9/9/21-fairy-tale-towns-in-germany/ 43 KB
43 KB 77ms
32ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/2/9/9/21-fairy-tale-towns-in-germany/21-fairy-tale-towns-in-germany-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 6e76c35f28ee83b2619ce93866026a7e92cc82087427c72e3e4e7f61a9d4d8ec

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 08:56:53 GMT
Server: nginx/1.16.1
ETag: "602f7d55-aaad"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43693
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK pig-beach-tn-small.jpg
cdn.webeyo.com/c/5/9/3/pig-beach/ 38 KB
39 KB 75ms
31ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/5/9/3/pig-beach/pig-beach-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: b889702b507ada15404590aba51cd396eeeb03ac4332c1c252256db3c892e552

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Fri, 19 Feb 2021 07:55:52 GMT
Server: nginx/1.16.1
ETag: "602f6f08-98f4"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39156
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK proboscis-monkey-tn-small.jpg
cdn.webeyo.com/c/9/3/4/proboscis-monkey/ 43 KB
43 KB 73ms
29ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/9/3/4/proboscis-monkey/proboscis-monkey-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 4476a0ab00f70fc6bb5a0668f9d2db5e091158ddbb3dfd74c443385b56c56735

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Thu, 18 Feb 2021 14:15:42 GMT
Server: nginx/1.16.1
ETag: "602e768e-abed"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44013
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK dong-tao-dragon-chicken-tn-small.jpg
cdn.webeyo.com/c/9/3/3/dong-tao-dragon-chicken/ 40 KB
40 KB 85ms
29ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/9/3/3/dong-tao-dragon-chicken/dong-tao-dragon-chicken-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 64dca2d6365dc7d521ddbfbdb9f82fd448cbd91ee3c8794629187a109359f6d0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Thu, 18 Feb 2021 14:06:04 GMT
Server: nginx/1.16.1
ETag: "602e744c-9f87"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40839
X-Proxy-Cache: REVALIDATED

GET
H/1.1 200
OK these-sculptures-are-works-of-art-tn-small.jpg
cdn.webeyo.com/c/5/5/7/these-sculptures-are-works-of-art/ 36 KB
37 KB 80ms
79ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/5/5/7/these-sculptures-are-works-of-art/these-sculptures-are-works-of-art-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 044659678eb4cf720c8d278b72a699bf78acb798538796d2ebeb205ae518a989

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Sun, 14 Feb 2021 10:53:24 GMT
Server: nginx/1.16.1
ETag: "60290124-9197"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37271
X-Proxy-Cache: MISS

GET
H/1.1 200
OK facts-about-lions-tn-small.jpg
cdn.webeyo.com/c/4/7/1/facts-about-lions/ 28 KB
29 KB 60ms
59ms Image
image/jpeg 54.38.29.221
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.webeyo.com/c/4/7/1/facts-about-lions/facts-about-lions-tn-small.jpg
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS: ip221.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 22120cbf95c0b2243502de361ec3d50d5f73df2db1e83eaf9fcada691c6da509

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sat, 27 Feb 2021 06:53:45 GMT
Last-Modified: Wed, 17 Feb 2021 18:18:48 GMT
Server: nginx/1.16.1
ETag: "602d5e08-70fc"
Access-Control-Test: 1
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 27 Feb 2021 06:54:45 GMT
Cache-Control: max-age=60, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28924
X-Proxy-Cache: REVALIDATED

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 196 KB
60 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=62344255ede2af3d4970cd835566b9d1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_EN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2c156c3a8a897e8e14e828b22ca9674d6a278781405590548244032e2a37c021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://soothingnature.xyz
Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ccB82e4PFylIMiOyOqPXTQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 27 Feb 2022 02:45:26 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60505
x-fb-rlafr: 0
x-fb-debug: 8CK/ecd3Bxy2FoBRtuekZjSLPzIE7pOjVKtSOQyIWJbl8jjqONQ3wTaWnhL7NI/w4gh174LOG313H/0MIjcpag==
x-fb-trip-id: 686109401
x-fb-content-md5: f335ad05558d27717f89f018013d0d75
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 27 Feb 2021 06:53:45 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "b0dd3b972a7e4542509cde4c1e2b9c41"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html Show response
platform.twitter.com/widgets/ Frame 3A64 320 KB
104 KB 74ms
30ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=http%3A%2F%2Fsoothingnature.xyz
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B99) /
Resource Hash: 99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://soothingnature.xyz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://soothingnature.xyz/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1504050
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 27 Feb 2021 06:53:45 GMT
Etag: "d9fdaa7a36dc36e57ad53c2039f52486+gzip"
Last-Modified: Mon, 08 Feb 2021 21:19:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B99)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105677

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155207744-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3988
date: Sat, 27 Feb 2021 05:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 27 Feb 2021 07:47:17 GMT

GET
H3-Q050

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c

98 KB
39 KB

22ms
21ms

Script
application/javascript

2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d399b1c23f44bd52d6cde9572036fd38f9721ed04fbd46477599c49935352e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39398
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 06:53:45 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-164836676-23&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H/1.1 200 1146 Show response
revenueflex.com/rest/pagehit/ 1 B
577 B 92ms
29ms XHR
text/plain 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/rest/pagehit/1146?pg=http%3A%2F%2Fsoothingnature.xyz%2F&cache_buster=546766
Requested by: Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 06:53:45 GMT
Server: nginx/1.16.1
Allow: OPTIONS, GET, HEAD, POST
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,HEAD,OPTIONS, GET,POST,PUT,DELETE,HEAD,OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers, *
Content-Length: 1

GET
H/1.1 200
OK adstyles.css
revenueflex.com/d/ons/ 5 KB
1 KB 31ms
31ms Stylesheet
text/css 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/ons/adstyles.css
Requested by: Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 9220439615e1c2ad633b1f760f50826d858acf491cbddebca9409fa2641be0d0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 06:53:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 21:00:43 GMT
Server: nginx/1.16.1
ETag: "60356cfb-400"
Content-Type: text/css
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 1024
Expires: Sat, 27 Feb 2021 07:03:45 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4FA1 56 KB
19 KB 29ms
29ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

15804f1ce387ae0329b029657f0cee65e62be2ba0cac809a8620d43d8806ff00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "796 / 95 of 1000 / last-modified: 1614381521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19360
x-xss-protection: 0
expires: Sat, 27 Feb 2021 06:53:45 GMT

GET
H/1.1 200
OK 21b3251820e2a3b961c2b49757af0272ce7a950f.js Show response
revenueflex.com/d/2/1/b/ Frame 4FA1 101 KB
34 KB 31ms
31ms Script
application/javascript 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Requested by: Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 60c250dda1aac5889f56aa7f35ef287b92059add61a1aac8c8535228f370c03d

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 06:53:45 GMT
Content-Encoding: gzip
X-Mobile-Device: 0
Server: nginx/1.16.1
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=60
Connection: keep-alive
Expires: Sat, 27 Feb 2021 06:54:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
799 B 34ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=soothingnature.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 33ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=soothingnature.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 384ms
384ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3529709747362135&correlator=1933979346776162&output=ldjh&impl=fif&eid=31060237&vrg=2021022301&ptt=17&sc=0&sfv=1-0-37&ecs=20210227&iu_parts=65969644%2Cgenerich&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=webeyo_ad_info%3D_PA_T23_M0_Urozelmast_%26adsense_test%3D1%26adreact_domain%3Dsoothingnature.xyz%26lazy_load%3Dd0%26cmsadunitname%3Drozelmast&cookie_enabled=1&bc=23&abxe=1&lmt=1614408825&dt=1614408825886&dlt=1614408825227&idt=570&frm=20&biw=1600&bih=1200&oid=3&adxs=217&adys=122&adks=90468564&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsoothingnature.xyz%2F&vis=1&scr_x=0&scr_y=0&psz=1166x250&msz=1166x250&ga_vid=168127564.1614408826&ga_sid=1614408826&ga_hid=1420991855&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6e94fc42822bcdec23995b16f05cb35c9f6fda6f244d869247253838383f230a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11459
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://soothingnature.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1074cb23299a34172a7af08428bb971d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1074cb23299a34172a7af08428bb971d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 871ms
871ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3529709747362135&correlator=1933979346776162&output=ldjh&impl=fif&eid=31060237&vrg=2021022301&ptt=17&sc=0&sfv=1-0-37&ecs=20210227&iu_parts=65969644%2Cgenerica&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=webeyo_ad_info%3D_PA_T23_M0_Ur728_%26adsense_test%3D1%26adreact_domain%3Dsoothingnature.xyz%26lazy_load%3Dd0%26cmsadunitname%3Dr728&cookie_enabled=1&bc=23&abxe=1&lmt=1614408825&dt=1614408825891&dlt=1614408825227&idt=570&frm=20&biw=1600&bih=1200&oid=3&adxs=237&adys=812&adks=3970744568&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsoothingnature.xyz%2F&vis=1&scr_x=0&scr_y=0&psz=1126x90&msz=1126x90&ga_vid=168127564.1614408826&ga_sid=1614408826&ga_hid=1420991855&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

5f611916b0fc92f053479876d7f95e2ce203fce641d8e0677c54a4a60307c526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10479
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://soothingnature.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 598ms
597ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3529709747362135&correlator=1933979346776162&output=ldjh&impl=fif&eid=31060237&vrg=2021022301&ptt=17&sc=0&sfv=1-0-37&ecs=20210227&iu_parts=65969644%2Cgenericb&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=webeyo_ad_info%3D_PA_T23_M0_Ur7282_%26adsense_test%3D1%26adreact_domain%3Dsoothingnature.xyz%26lazy_load%3Dd0%26cmsadunitname%3Dr7282&cookie_enabled=1&bc=23&abxe=1&lmt=1614408825&dt=1614408825893&dlt=1614408825227&idt=570&frm=20&biw=1600&bih=1200&oid=3&adxs=237&adys=1603&adks=2940367168&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fsoothingnature.xyz%2F&vis=1&scr_x=0&scr_y=0&psz=1126x90&msz=1126x90&ga_vid=168127564.1614408826&ga_sid=1614408826&ga_hid=1420991855&fws=0&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6565717933ce076884394952cc66e6d66bfc3ba97bc04d0dafa463b256be435b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10484
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://soothingnature.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4FA1 290 KB
102 KB 30ms
30ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sat, 27 Feb 2021 06:53:45 GMT

GET
H/1.1 200
OK adstyles.css
revenueflex.com/d/ons/ Frame 4FA1 5 KB
1 KB 31ms
30ms Stylesheet
text/css 54.38.29.222
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://revenueflex.com/d/ons/adstyles.css
Requested by: Host: revenueflex.com
URL: https://revenueflex.com/d/2/1/b/21b3251820e2a3b961c2b49757af0272ce7a950f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.29.222 , France, ASN16276 (OVH, FR),
Reverse DNS: ip222.ip-54-38-29.eu
Software: nginx/1.16.1 /
Resource Hash: 9220439615e1c2ad633b1f760f50826d858acf491cbddebca9409fa2641be0d0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 06:53:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 21:00:43 GMT
Server: nginx/1.16.1
ETag: "60356cfb-400"
Content-Type: text/css
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 1024
Expires: Sat, 27 Feb 2021 07:03:45 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1420991855&t=pageview&_s=1&dl=http%3A%2F%2Fsoothingnature.xyz%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=360364058&gjid=505591304&cid=168127564.1614408826&tid=UA-155207744-1&_gid=21325318.1614408826&_r=1&gtm=2ou2h0&z=1474333626

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://soothingnature.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1420991855&t=pageview&_s=1&dl=http%3A%2F%2Fsoothingnature.xyz%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAjAAUABAAAAAC~&jid=561764245&gjid=692270882&cid=168127564.1614408826&tid=UA-164836676-23&_gid=21325318.1614408826&_r=1&gtm=2ou2h0&z=1926401353

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://soothingnature.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1420991855&t=event&_s=2&dl=http%3A%2F%2Fsoothingnature.xyz%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=soothingnature.xyz&_u=IAhAAUABAAAAAC~&jid=&gjid=&cid=168127564.1614408826&tid=UA-155207744-1&_gid=21325318.1614408826&gtm=2ou2h0&z=2120759105

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 07:34:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83974
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-155207744-1&cid=168127564.1614408826&jid=360364058&gjid=505591304&_gid=21325318.1614408826&_u=IAhAAUAAAAAAAC~&z=1923030771

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Feb 2021 06:53:46 GMT
content-type: text/plain
access-control-allow-origin: http://soothingnature.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 4FA1 107 B
777 B 43ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=soothingnature.xyz&meb=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4FA1 107 B
531 B 42ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=soothingnature.xyz&meb=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4FA1 50 KB
12 KB 392ms
391ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1763660261962018&correlator=1432715663815011&output=ldjh&impl=fifs&eid=31060236%2C21069711&vrg=2021022301&ptt=17&sc=0&sfv=1-0-37&ecs=20210227&iu_parts=65969644%2Cdalt3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200&prev_scp=revflex_site_group%3D1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1614408826&dt=1614408826077&dlt=1614408825680&idt=381&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1300&adys=950&adks=674908685&ucis=s7xnh57ph9o9&ifi=1&ifk=2830206442&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fsoothingnature.xyz%2F&ref=http%3A%2F%2Fsoothingnature.xyz%2F&top=http%3A%2F%2Fsoothingnature.xyz%2F&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=168127564.1614408826&ga_sid=1614408826&ga_hid=2142404224&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

28c664fb46c234c60af6f96a47eb99711a2f51ad2db4ecac7a09fcdcae4a2626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11792
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://soothingnature.xyz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1084a231a6398f61d4814e21619a28ee.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4FA1 0
0 46ms
13ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1084a231a6398f61d4814e21619a28ee.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4FA1 0
0 34ms
21ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-155207744-1&cid=168127564.1614408826&jid=360364058&_u=IAhAAUAAAAAAAC~&z=425884396

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-155207744-1&cid=168127564.1614408826&jid=360364058&_u=IAhAAUAAAAAAAC~&z=425884396

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3A64 183 B
411 B 189ms
131ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ce1920b4e20329216cf45d1d6b477581b07dd04e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=http%3A%2F%2Fsoothingnature.xyz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=http%3A%2F%2Fsoothingnature.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time: 110
date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: gzip
last-modified: Sat, 27 Feb 2021 06:53:46 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: f75602cde1905a6502d59cfaf51453ca
strict-transport-security: max-age=631138519
content-length: 152

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame E9BB 185 KB
53 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E9BB 12 KB
5 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E9BB 87 KB
27 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E9BB 3 KB
1 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E9BB 40 KB
13 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E9BB 6 KB
701 B 44ms
30ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:08:06 GMT
server: ESF
date: Sat, 27 Feb 2021 06:53:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Feb 2021 06:53:46 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E9BB 4 KB
1 KB 41ms
28ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:52:48 GMT
server: ESF
date: Sat, 27 Feb 2021 06:53:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Feb 2021 06:53:46 GMT

GET
DATA 200
OK truncated
/ Frame E9BB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5a4ba8b071cadba3b57ad718f630f13568fd17facc6a06a37de1c2e09fc138

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/936332213926376656/ Frame E9BB 20 KB
20 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/936332213926376656/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qmBAci7JnWA-NR9ahq2z2ptyI2tlQ

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43c1bca8ad964d1529d9c621b6d9b157b143d3af28dfe992f94746af29c6d3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:46:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:09:20 GMT
server: sffe
age: 433
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20643
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:46:33 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5775927357447063434/ Frame E9BB 55 KB
55 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5775927357447063434/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qn88S2HEL5rKDrMkKHMajd29Qx3iA

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7fc5100b8438012ae74186509753a6f0bd2100e558d67f5abf47af25f1052f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 05:08:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Feb 2019 15:42:44 GMT
server: sffe
age: 179115
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56124
x-xss-protection: 0
expires: Fri, 25 Feb 2022 05:08:31 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E9BB 0
0 57ms
56ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA9Rveew5YI3cOJecgAf036RQjuSUyGGYnYKduQ3tm5av4R8QASCsgtYjYJGEk4X8F6ABqefL4wPIAQapAh7P86NHQbQ-4AIAqAMByAMKqgTXAU_Q7H-IGRP-Wqe1Un6AqSmQuhy13_UzUW5uyswipz8eCiE0xbOH1P-Vzq2HPtF787r7FsNECm1avtxw8V8GmOxWxGk-CKw96pp9FNCdECiAuKNp7DuEYFHEvW2RW1KPjy2dTdn2CKTeIR3UdM4ZNFxbudrTBAIpCZeLIz_9ocjTXk7kSI5KDpkQCqDRH3U60miUIz0SsiuURruvMgVc16tLBSCOH8JDQYhQTVhD4N-qXRp8zkIu7FY_uW41wEeVkjdv_8wem5qoYubjmHzZyCupvUlDtubKwAT577uRtAPgBAGgBjeAB7-YtByoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQzeMZ0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi01NTUzOTk4NjAyMTI2MzgxgAoDyAsB2BMDmBYBshcaChgIABIUcHViLTcxMDQ1NDM4MDE1MDA5Njg&sigh=Zutu03e6wvc&template_id=492&tpd=AGWhJmvxHwUAWfK23OXFAuWWUagwRmKV12H9yEWyNKABInKp8A
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame E9BB 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaRW-j6UH79rFWFwoZnZHfYsnUpo1u1K9ZZydMRzhWBdhfQ_h1PnFka9CJG8yZQIWfdjvJHe
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E9BB 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 81049
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 27 Feb 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E9BB 295 B
389 B 7ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 26935
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 27 Feb 2021 23:24:51 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 23ms
23ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5939602143d5c618bad77696f6284d1001fb8d1ff0eaff0be99a9bf3ff799db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6589
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 27 Feb 2021 06:53:46 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E9BB 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 96908
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 03:58:38 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E9BB 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 74080
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 10:19:06 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E9BB
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

32ms
14ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Sat, 27 Feb 2021 06:53:46 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 298C 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://soothingnature.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://soothingnature.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 26 Feb 2021 18:17:50 GMT
expires: Sat, 26 Feb 2022 18:17:50 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45356
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042011201932000/ Frame 5FEC 187 KB
53 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e41d274d84180bb88caadfcf7aeb7bd7c186c11ee50aca6596727cbc2134f14

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59955
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53568
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 14:14:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "edf1e7003a59fb72"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 14:14:31 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042011201932000/v0/ Frame 5FEC 13 KB
5 KB 74ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23420576b21bcc177885d26d7c92ea2aec52a82fe0ae33eea54524404c186469

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 591
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 06:43:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "132e0756afd6b3f5"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 06:43:55 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042011201932000/v0/ Frame 5FEC 90 KB
27 KB 75ms
61ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81fb18f0aec660394554e70ac7168c0561a3885ebb2dea308c50dd1af48d1eaf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59954
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27748
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 14:14:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "731f3d04177aadff"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 14:14:32 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042011201932000/v0/ Frame 5FEC 3 KB
2 KB 74ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcf470918cdf64149fce46d045b601f5d393bc28d0662aa9791738a790da186e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 69599
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1362
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 11:33:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe70e509a46329f5"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:33:47 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042011201932000/v0/ Frame 5FEC 41 KB
13 KB 78ms
64ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011201932000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73bd86f3cb0add00357e8ae2f1305ef8afd47d9fbc9fc57287c6c3e11a4470d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 69600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13037
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 11:33:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08fb34764e14c346"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:33:46 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5FEC 4 KB
651 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:49:34 GMT
server: ESF
date: Sat, 27 Feb 2021 06:53:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Feb 2021 06:53:46 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5FEC 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 81049
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 27 Feb 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5FEC 295 B
320 B 6ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 26935
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 27 Feb 2021 23:24:51 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8219078550287534429/ Frame 5FEC 11 KB
11 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8219078550287534429/downsize_200k_v1?w=400&h=209

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a318e7cbafdaaeaeb31b65d0cb5d6a59ce036d6789eb90a4e809ab8dfd4f2263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 16:35:41 GMT
x-content-type-options: nosniff
age: 51485
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
last-modified: Wed, 19 Aug 2020 09:22:18 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 16:35:41 GMT

GET
DATA 200
OK truncated
/ Frame 5FEC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5FEC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3667bae269b92c7039acf219b6b30f02de4c475b668d5923216d73326f74a153

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 5FEC 0
0 13ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQeArvOHrvCQklkQrSvH63ffZ3CItCmz3uyBLpwO3h0tfHh6CjdS6WRk66XqjKUSU9nUY2Y
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5FEC 0
0 71ms
71ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP3OYeuw5YJaMB8nIgAeZsav4A5_L6Ylh5MKiq44M9qjQjO8YEAEgrILWI2CRhJOF_BegAYujw_4DyAEJqQIwh_U92V23PuACAKgDAcgDCqoE3QFP0C4_GdsApHer_cm7n48t6KEx_gdImQvjVTytTZ9Y1qNghjVyxmnB72OGxFgh1jpFRMj36B7KWL16yvYjMI9uKcEjF9EKfz-Zr-EFMRH5XnVeNPxZX63HR5datFvrloUfSPRa18SA4WvDlIBsajucX6p5DEvLFq_4ddG-fI6FdmIyO-_OZ6wKP5ZweBXyXquKD3BbkhXZbt-SQEHy7jyiZ8NxzMGp9F820eAi2MZ9x6La_7m2h9mI6Ep2xkf47KgTKCw1kWeKZ0V3XUasa1EoCwuDOtSAyUyihB9aSsAE09fajpoD4AQBkgUECAQYAZIFBAgFGASgBi6AB93cvAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQmbQt0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi01NTUzOTk4NjAyMTI2MzgxgAoDyAsB2BMNiBQCshcaChgIABIUcHViLTcxMDQ1NDM4MDE1MDA5Njg&sigh=PJSYTZEh-Rg&template_id=5000&tpd=AGWhJmunlIn6CZqSgn6fKMVg36AoHcpI0Iq6IpIAK9HtjIh3vQ
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4FA1 8 KB
7 KB 70ms
55ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13bd626530b12b6b9a42bc4c82fd10a6b2cec77c389a06f6fabe25be48ec952e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042012090206000/ Frame E18C 186 KB
52 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042012090206000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea701dffec9517f424f99c79116234c08c0ef59e6d75ad1771a1edfd675655d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 325494
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53260
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 12:28:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb76fa911f809129"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 12:28:52 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042012090206000/v0/ Frame E18C 13 KB
5 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042012090206000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b5fa8b798a8a602bdcddb9bde8027debae81cf34c1c6a3b4cf727472dd98273

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1977
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4851
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 06:20:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dac3c43e61407a59"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 06:20:49 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042012090206000/v0/ Frame E18C 90 KB
28 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042012090206000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eb8839b6e18854fc0630549d85e2e28a4ced4385eabe38c8ebfc91239e9c6b2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 304104
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27693
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 18:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9297ad0297fd434"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 18:25:22 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042012090206000/v0/ Frame E18C 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042012090206000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6d44f1c840d0c0310dbf96a7853de3783992d590b66b2d01b3c4928a6f476eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 73049
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1348
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 10:36:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ebf43798031581ac"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 10:36:17 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042012090206000/v0/ Frame E18C 41 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042012090206000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61021dfb1f844037d9aded5069bcede123b3bd4e669af36c110de8a218761e9b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 264558
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12916
x-xss-protection: 0
server: sffe
date: Wed, 24 Feb 2021 05:24:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e1365b6445bc231a"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 05:24:28 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E18C 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 81049
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 27 Feb 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E18C 295 B
320 B 8ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 26935
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 27 Feb 2021 23:24:51 GMT

GET
DATA 200
OK truncated
/ Frame E18C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ea32e31c940cc4435d0fc56decba7c8957c7fd17ff780291cd2e8558e408e86

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 16246682866028832494
tpc.googlesyndication.com/simgad/ Frame E18C 7 KB
7 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16246682866028832494?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlE7w_heC3aCzmd69xFmXn1dCuAuQ

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1070cd00d5aee9e142c57efd4519c35f29bc3379d28bb843c50184ed0b5efde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 20:16:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 13:39:52 GMT
server: sffe
age: 211017
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7305
x-xss-protection: 0
expires: Thu, 24 Feb 2022 20:16:49 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame E18C 0
0 13ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaTKqckp47rbnk59XmAjNbhFsDnuqdRvRKel2OX7s8lxwY2UlTdBp0el5ubD9J1Af_XEXL-w
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E18C 0
0 57ms
56ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeSYveuw5YLivD42o7gOE-rR4hLqQzGGp96ynpQ2izZDd2iAQASCsgtYjYJGEk4X8F6ABqfTs9QLIAQLgAgCoAwHIAwiqBNYBT9A283dyPVPm0t72Tj0AKWopfNlmt_G44FhRudYa4bNV0U6ciloCN-ZRZus6RuSjodN-vR08qyEq6NjDsh_VP4CLH7TULNXLifTaBvKUKluSwzTU6OiiiKiocT1iWOy06p373aIZZF0lrN5--nCG__jqlj3fHMJP6lzUZI00eCZVQOJ6RPt75Xj3xIHNGhz4iUewaPoKuHvSdxIt70rfzIjRosMjB_d41W8Z0YHe3wwY4dNS5RKJfjkliM9RmEOK1HPGfe2xiDWiJmTgn1XiFkFx3F1gf8AEuJGU6LkD4AQBkgUECAQYAZIFBAgFGASgBgKAB7Ch48cBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKfOEdIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNTU1Mzk5ODYwMjEyNjM4MYAKA8gLAdgTDbIXGgoYCAASFHB1Yi03MTA0NTQzODAxNTAwOTY4&sigh=6fict_M5LxI&tpd=AGWhJmutCw_NpktEqu2_7pQlMc2_aF3hpqBZVfmHRKzk14JzMQ
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5FEC 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 74080
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 10:19:06 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5FEC 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://soothingnature.xyz
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 96908
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 03:58:38 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4FA1 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 27 Feb 2021 06:53:46 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E18C
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

64ms
51ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Sat, 27 Feb 2021 06:53:46 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 197D 185 KB
53 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 197D 12 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 197D 87 KB
27 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 197D 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 197D 40 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 118016
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 22:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 22:06:50 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 197D 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 81049
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 27 Feb 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 197D 295 B
320 B 9ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 26935
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 27 Feb 2021 23:24:51 GMT

GET
DATA 200
OK truncated
/ Frame 197D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9606e40f6bc0a04506098b0a9d82be63b2782a1d24607e889bfdfc1c5a593466

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 14090596321714828783
tpc.googlesyndication.com/simgad/ Frame 197D 24 KB
24 KB 9ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14090596321714828783?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkiD9GnqMM-4HYZEmHSbeOqaUnBtw

Requested by

Host: soothingnature.xyz
URL: http://soothingnature.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e5308c70677b9c10a399c338626b9f7d710a26eefba1c5c3f0cd0082121787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:03:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 12:35:51 GMT
server: sffe
age: 28246
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24522
x-xss-protection: 0
expires: Sat, 26 Feb 2022 23:03:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 197D 0
0 66ms
66ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cpc2veuw5YJvgHLyXx_APobyw-A3D_OLAYeuA0uabDeuKiqTFIhABIKyC1iNgkYSThfwXoAHF3pD7A8gBAqkCHs_zo0dBtD7gAgCoAwHIAwiqBNYBT9CTBL8tvaq-9XxmezoBX7L79ZQ8gUL-cKtFx74Fs_SgF9N_hiQkLamTvdl6GROpdz4zQonsJQ3zlyoGgsyU64LM5vQcIbdCNzGTRIJ3maIcdKzRucmrRgnd7t3vIO8DI2zz6HlfpoSVIAQpJi111h1cZ-p6RfOsroYmYaTZewN5nBPFztJ3a4KM4_YiSLbz9kme-Lgp2vaP3EuF5XoDZoYlkUdgTz9tNXlhPMEw56QDiWBpM-jALSP5jVC4sQ3Juz0MR2LJx1XwcoaG92QyQU7mj9Cn4cAE9P7hj9cD4AQBoAYCgAejoe8EqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENKbBdIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNTU1Mzk5ODYwMjEyNjM4MYAKA8gLAdgTA5gWAbIXGgoYCAASFHB1Yi03MTA0NTQzODAxNTAwOTY4&sigh=4ryT4v1qzT0&tpd=AGWhJmt3cAbKFKMaJZYJkZOtcGodaqArFPYO2QacB2yMeDNxUA
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5FEC 2 KB
3 KB 11ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011201932000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 81049
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 27 Feb 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5FEC 295 B
337 B 9ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011201932000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 26935
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 27 Feb 2021 23:24:51 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6360 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://soothingnature.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://soothingnature.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 26 Feb 2021 18:17:50 GMT
expires: Sat, 26 Feb 2022 18:17:50 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 45356
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 298C 14 KB
6 KB 21ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 17:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 222192
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Thu, 24 Feb 2022 17:10:34 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 197D
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: soothingnature.xyz
URL: http://soothingnature.xyz/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Sat, 27 Feb 2021 06:53:46 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6360 14 KB
6 KB 25ms
24ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 17:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 222193
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Thu, 24 Feb 2022 17:10:34 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
143 B 56ms
55ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=3529709747362135&bg=!CAulC0jNAAXB_3NtwTsAKQB2-DxahMSyOQNUb9ukCDhIYzDyNTWfsqE8H8EPVgamYpN_EcZoCE8PAgAAAMZSAAAAEWgBBwoBMMzLpw4M8klRnLVpjEDoafN7-WPL7VWVyXm1Z_t_xB_CWdAep94sBSAmwSJs-er4u4XAK9nyADEv3btsp1lNpi9aHsSVUTdaDeFqORq_rwlvTHlMre1mEb7dx5fD1heRdTiN4uBgVU3h4BymAInmi4dbYOQzN4pcBP4ZUwTRbsa7nh9HZhyfG745qRAtxC-rqGyo5dTZRKyN8COjRizIiw7jhAcOuy3Oa9XmPO1bg6anyV3C6MnylNZb_qlgLy8S0taAM5mnYiuciIiQ8stNYtllYGePO2rTNuOPpnAjk5cSDmkOeJKIFjK_Ha7hpKho4ZdPpLnkwUd9a-unsKvl96U-71LzxLBdHU_epFWsag8r9EAouwf4FoZeXovwn9pL3PcyEBieB-awa1FGY5M3mIGZAdZUmUjaY6IcZFtfBvoAQhNiyPhlUUIQpOH6EpQiWsOUwZAETb7F5HOrm5-yRVeXOv0HvbYinyptb7I_U54Gb132erFlDVZ7dhxmj1EI-W-5jYc1hfcX-_pnIFCwW5u_uXnf6hvJFC6CgI9vlajYZ9XGBbgailDuVatypqEasUO3cNBzQofAUE4BmCleI8xiPtfSSY_Mf9SOPE6XQwyPdqkSpKsB-fUp5-_YfSUShlai6cULKWq-V5w3b1UWRrpIgUgXI4xBLGJgBSofoWvQg_hZXVoGa_9iLMzzwAwaDkJPDqJk-IzdjowZ1AUo_23TWRI7mrtcWU30Eh36Q89kqO37FREfUjXJ_WHyXzr-mL9W9FB7gT2FgAUvoF2AzQTSCR60AhDwWvzlMNqCkkIlMOayX8_3R4WuXq1sagQuOI9QsJw_OCfmYL0NorPWFGAwYTSFQifFTQZBdb8iiVVLbg16yhai5yo3brT9j8RpTEx2lNBaMmLqMTnfbh6VlBnSnbmthcoTf47XWxvf9D9gDuL_pH1ak1OVTllHI7oKUhkO4rsf0JpNXXs4hT1ioNaGyihHmnKxMo96zO7Ad299nDn9wAHn6bH-sB-DcsI4xDPP-oe2WwmO_g

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FA1 0
23 B 56ms
56ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=1763660261962018&bg=!Q0ClQAPNAAXB_3NtwTsAKQB2-Dxa5qXpviQH7eyHQeiDJ1CTSqBCpRT580TSOJTVR49vJK1TG246AgAAAI1SAAAADGgBBwoBdtDz43vYky1jMWH6kEIl81iOUHnM5Lq5J9c5APAnvkKryikEtOX4TOiOeLs1LNDEfrC-A93tkmWG-q18DC831zHt8CZedJ6GCvSWpT-pbfMaoXlAZ7Bcn1Lcy-kqe2t1-Xt2u-pBRt_5TduF715m50ex8VeVE07hDScHxI6sRcF0XplhtJjZRrVDOkEsGTiT1iZmKPsQjr0dOwiHOyEfkr59Mg04KfhedRogo3FzfNxHDixIzz8Vh6FKRXoVx9Xois10Ffuz4i_ixaX3AdJMj0nCInZWCdoG9wBXubYD1nFY_mnnTKfHN32FFhU5cfdGzeSDUHNKbnUZfZ7OoE2DMWI6WpJp--_Tdv1ZAHipvKgVSE8MtfVVKeIYka6vCQj-Q9fG5MU9fNBIVJQQHBkJ2nPSio4ORyHYLsAJJRT9ovjiWYGTWlwSgHvvJzHei2aiepyU6Otjd0Fhft-TVJrkOkMK6CFVWLzBogfNBdGdXwSJIKFdhSWTmQHoO0pt75lUYkfDVUBVqdgIKo-hyxpDRoagEpN3ImqrtyGvRvuSZT9gWQ_-9aj2sqxt_4xSZ42SHxQqXeBRq69K0GGV6sYt_7qLZX8NUwP4PfH_WcypJW1g6qLd7-_ye34ViYIVveMQYSgL1HQ-z34oLfb25nCaPl2sBpy3WMJhjeSjzLHGh2J17luu4gTKzSaIwwicojGZFKZFTG2EjGgyZShd_D5ads3f8BMoMtDgAAq5dxq0NLmIzuypTRjQk3quqq7CleKE-daigTkFZ4uJcUfZoGBwMTqZxehsYlrtJg-9vFXIa45ftArPFyQN3Y6fkeN80lBAx7kIYumhA_8EzsesQVlad9dcKTdFIAtF8p8CPnuRpq-jIVW5SxH37lJ3CjaRZUiftOzciHRgrMn1G42j-EiVlxZVdp9CDEvZop1OIoB-iYUWRKbLSHMITJxJvmPskYbZwST0qOaT1oFCu5mZwVa4M7jrSRkRHYvRozuh_42igxWa1EvnNefr5tt9HSjHzSTA7hrXS-KHRtTySE_zvDzkU5MXDV_rRYAK5iWBflKmfGHu21pM3rbfgWpNoMe9HhXWurQCZt8eKTJzdTs26T8zQGWb5UMs8SQEGzU1uFuMhD4kt7QcRM4tWRA_4wBcYhSl8ec

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E9BB 0
0 57ms
57ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj3wyeew5YI3cOJecgAf036RQjuSUyGGYnYKduQ3tm5av4R8QASCsgtYjYJGEk4X8F6ABqefL4wPIAQapAh7P86NHQbQ-4AIAqAMBqgTXAU_Q7H-IGRP-Wqe1Un6AqSmQuhy13_UzUW5uyswipz8eCiE0xbOH1P-Vzq2HPtF787r7FsNECm1avtxw8V8GmOxWxGk-CKw96pp9FNCdECiAuKNp7DuEYFHEvW2RW1KPjy2dTdn2CKTeIR3UdM4ZNFxbudrTBAIpCZeLIz_9ocjTXk7kSI5KDpkQCqDRH3U60miUIz0SsiuURruvMgVc16tLBSCOH8JDQYhQTVhD4N-qXRp8zkIu7FY_uW41wEeVkjdv_8wem5qoYubjmHzZyCupvUlDtubKwAT577uRtAPgBAGgBjeAB7-YtByoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQzeMZ0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi01NTUzOTk4NjAyMTI2MzgxgAoDyAsB2BMDmBYBshcaChgIABIUcHViLTcxMDQ1NDM4MDE1MDA5Njg&sigh=Drbbwd59ZzY&vt=1&template_id=492
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E9BB 42 B
71 B 60ms
60ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutqZZXQ89blKXZaN5sCMsNhWE6hseckcuCt49XEUEtGBcdwwu6rhxAakof2pN5uvf9bXeC8gs8T-TWPmuqruEdASvJMNBQUj9F1jEpUl-3qsc6BzjkvEKMJBE0fw3KPjPctY-nNxTWG6pKJFM6jxnp&sai=AMfl-YQzGyZa4QOzj1xiZMZO67Vlk7zNJbU7-l6Vy22mTkwkNnBQOVcuuIKLN1fm2bV4Q1qitwLDoeR8QtsEy1lOHfgcedAzP9q6lvd7wcdXW82c94TUaREXPfgP00PgZLxy&sig=Cg0ArKJSzC0HhaZO0H3pEAE&cid=CAASPeRoTtlp8-0bBkx-7u-WVbF-79cr0mIj2DXIiMnNJEkZELtWOV5NGeKTkjF-hs63WDw9s4GtgBV8my3ytvQ&id=ampim&o=315,122&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=235&tls=1236&g=100&h=100&tt=1236&r=v&avms=ampa&adk=90468564

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5FEC 42 B
66 B 60ms
59ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvR4S6smZBnx2ltURWH44EZrqE5lWkvUfAPxBDXJZaky86xTv3VH8R1N2KOwZR89IpOCU56XR76YTwcFc-rbyctOOu7OuRlP6bclaWmOMFsiwe4YFVHkPS84wijsuyVNSkn9WwSV4tEIle1YoH3WISm&sai=AMfl-YTynzGGG3waPY3DslTsToGKg6uUVFcpnwK2ASy1vFk74YFwo94nfGpbW1GAEtbjW8bre9jwy8w0gPbqI8_903HvVr6Qp4HIJ28OivMmPdWf_zWUU0nVmN8i-dBCFTg&sig=Cg0ArKJSzKcbgw44XYOCEAE&cid=CAASPeRoPqjv1Qe62NI7mWQ6Rv69SBMyfqrGVHNnbPB2Waoz-hVktSi49p8qABYFl5cq5jJi-P0kV9tNffhPSZ0&id=ampim&o=1300,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=199&tls=1200&g=100&h=100&tt=1200&r=v&avms=ampa&adk=674908685

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 197D 0
0 57ms
56ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CncUdeuw5YJvgHLyXx_APobyw-A3D_OLAYeuA0uabDeuKiqTFIhABIKyC1iNgkYSThfwXoAHF3pD7A8gBAqkCHs_zo0dBtD7gAgCoAwGqBNYBT9CTBL8tvaq-9XxmezoBX7L79ZQ8gUL-cKtFx74Fs_SgF9N_hiQkLamTvdl6GROpdz4zQonsJQ3zlyoGgsyU64LM5vQcIbdCNzGTRIJ3maIcdKzRucmrRgnd7t3vIO8DI2zz6HlfpoSVIAQpJi111h1cZ-p6RfOsroYmYaTZewN5nBPFztJ3a4KM4_YiSLbz9kme-Lgp2vaP3EuF5XoDZoYlkUdgTz9tNXlhPMEw56QDiWBpM-jALSP5jVC4sQ3Juz0MR2LJx1XwcoaG92QyQU7mj9Cn4cAE9P7hj9cD4AQBoAYCgAejoe8EqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENKbBdIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNTU1Mzk5ODYwMjEyNjM4MYAKA8gLAdgTA5gWAbIXGgoYCAASFHB1Yi03MTA0NTQzODAxNTAwOTY4&sigh=ppggmR-mYBw&vt=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 197D 42 B
89 B 56ms
55ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusAZYeb0gIecz2xmaJuUyLqkJlT598ydmgAKpOCwRJwj8cKW-IT28JA2N3oKSyE6Pn36MHVjNwqGmf4qHmxpPZgsN4XDIVH5Xq9O-o3RFABmWLdgj13II5l9w7rQ&sai=AMfl-YQhMy_0JGJSd7vr4As8G0bKDjB-iCy2hlQogL_8U_mi3Nin1cXA-JaA97ZuE2QRGdEM8AaciPSrGziyTBMuPmpfRLrRlUym-x-gj6KugLvtlUGcT7tULCYDOiez123r&sig=Cg0ArKJSzJp397YdJw9uEAE&cid=CAASPeRozrB6TSlLFBD_Cp2Tt5S8Drd7tQ9j8YLK87COPTED59QZ6tU4j1SjySXxSbdxtIWQmG2ZLezLJxqGCJQ&id=ampim&o=436,882&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=118&tls=1118&g=100&h=100&tt=1118&r=v&avms=ampa&adk=3970744568

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://soothingnature.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 06:53:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.soothingnature.xyz/	1970-01-19 16:26:48	Name: _gat_gtag_UA_155207744_1 Value: 1
.soothingnature.xyz/	1970-01-19 16:28:15	Name: _gid Value: GA1.2.21325318.1614408826
.soothingnature.xyz/	1970-01-19 16:26:48	Name: _gat_gtag_UA_164836676_23 Value: 1
.soothingnature.xyz/	1970-01-20 09:58:00	Name: _ga Value: GA1.2.168127564.1614408826

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://soothingnature.xyz/v4/desktop/js/custom.js(Line 57) Message: 0
console-api	log	URL: http://soothingnature.xyz/v4/desktop/js/custom.js(Line 57) Message: 0
console-api	log	URL: http://soothingnature.xyz/(Line 157) Message: IP INFORMATION: Country is NL, continent is EU
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 http://soothingnature.xyz/
console-api	info	URL: https://cdn.ampproject.org/rtv/042011201932000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2011201932000 http://soothingnature.xyz/
console-api	info	URL: https://cdn.ampproject.org/rtv/042012090206000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2012090206000 http://soothingnature.xyz/
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 http://soothingnature.xyz/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval';script-src * data: blob: 'unsafe-inline' 'unsafe-eval';connect-src * data: blob:;img-src * data: blob: 'unsafe-inline';frame-src * data: blob:;style-src * data: blob: 'unsafe-inline';font-src * data: blob: 'unsafe-inline'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1074cb23299a34172a7af08428bb971d.safeframe.googlesyndication.com
1084a231a6398f61d4814e21619a28ee.safeframe.googlesyndication.com
adservice.google.com
adservice.google.nl
apis.google.com
cdn.ampproject.org
cdn.webeyo.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
platform.twitter.com
revenueflex.com
securepubads.g.doubleclick.net
soothingnature.xyz
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.72
142.250.186.34
2001:4de0:ac19::1:b:3a
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:802::2001
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:400c:c1b::9d
2a03:2880:f01c:8012:face:b00c:0:3
54.38.29.221
54.38.29.222
044659678eb4cf720c8d278b72a699bf78acb798538796d2ebeb205ae518a989
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
08196ab534a0139fec71d97c2037daaaef0997ca8e2e139a9a33611dbf7dc374
09ff39f979369e275ffaea4e0b3af3619e153f4a781f598c1c6d4e9ce2ba6e7e
0c9490e92e52ac1f7afb971f21968de9d39a7c477a46cf53049abc5b275d7773
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1070cd00d5aee9e142c57efd4519c35f29bc3379d28bb843c50184ed0b5efde4
1264782a129966f07a0c55310f18575bcbca3c0969fd8e516268c3d04ee52c3b
13bd626530b12b6b9a42bc4c82fd10a6b2cec77c389a06f6fabe25be48ec952e
15804f1ce387ae0329b029657f0cee65e62be2ba0cac809a8620d43d8806ff00
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1eb8839b6e18854fc0630549d85e2e28a4ced4385eabe38c8ebfc91239e9c6b2
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
21c7866e77e04c770e55ac51981d6590cc6dec62a2d5df1d1fcc2814699dd06e
22120cbf95c0b2243502de361ec3d50d5f73df2db1e83eaf9fcada691c6da509
2328d5414427f92593c9bf308f7e0ecd003403c9528be11dfa899f2321a16b61
23420576b21bcc177885d26d7c92ea2aec52a82fe0ae33eea54524404c186469
27b763b49fef2eed192f42812ac3719530206dc5baf4b0da3522a409b9663fdc
28c664fb46c234c60af6f96a47eb99711a2f51ad2db4ecac7a09fcdcae4a2626
29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423
2c156c3a8a897e8e14e828b22ca9674d6a278781405590548244032e2a37c021
2ea32e31c940cc4435d0fc56decba7c8957c7fd17ff780291cd2e8558e408e86
350fa6b81a7d23f77c5382368f4f614e108ecd6df188033258e2825edb79cc21
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3667bae269b92c7039acf219b6b30f02de4c475b668d5923216d73326f74a153
389f810081adb6aa2ba7fe10b96924ec69484e5662b5a3361f087670f8e7e274
39fcb4a98d2e61d57bb930252d1037341cf4b1795b19f87c7731fb64bd8913a7
3a7fc5100b8438012ae74186509753a6f0bd2100e558d67f5abf47af25f1052f
3afd112a7028362ffd5ad58c02a6f28f0fa99c2d3377d00213b955bb0ae2a778
3b5fa8b798a8a602bdcddb9bde8027debae81cf34c1c6a3b4cf727472dd98273
3e41d274d84180bb88caadfcf7aeb7bd7c186c11ee50aca6596727cbc2134f14
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
43c1bca8ad964d1529d9c621b6d9b157b143d3af28dfe992f94746af29c6d3b5
4476a0ab00f70fc6bb5a0668f9d2db5e091158ddbb3dfd74c443385b56c56735
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b68ac5bebfad97e8eeb6faa468a74da58d90a0055d7226170090ad94651e367
4f24994cf474ab631f0048cd64efa084cc8e53b9bbd0c97d67f66389e7f0f806
54e5308c70677b9c10a399c338626b9f7d710a26eefba1c5c3f0cd0082121787
56e4953af5c01ed820d5e5dc430e77234a87e8d019c38fda46f9f3593cd05e0f
5939602143d5c618bad77696f6284d1001fb8d1ff0eaff0be99a9bf3ff799db4
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f611916b0fc92f053479876d7f95e2ce203fce641d8e0677c54a4a60307c526
60c250dda1aac5889f56aa7f35ef287b92059add61a1aac8c8535228f370c03d
61021dfb1f844037d9aded5069bcede123b3bd4e669af36c110de8a218761e9b
63e23bb3f126a0057e5f87ab6855b65e589bf36e7e2ea446cd0cab16040400b2
64dca2d6365dc7d521ddbfbdb9f82fd448cbd91ee3c8794629187a109359f6d0
6565717933ce076884394952cc66e6d66bfc3ba97bc04d0dafa463b256be435b
69c9a86d084f63f0e120f67bfdb88e3841be15905b6f55d36968d2a1da407b58
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e76c35f28ee83b2619ce93866026a7e92cc82087427c72e3e4e7f61a9d4d8ec
6e94fc42822bcdec23995b16f05cb35c9f6fda6f244d869247253838383f230a
73bd86f3cb0add00357e8ae2f1305ef8afd47d9fbc9fc57287c6c3e11a4470d6
752384965c9820183a08c77c9a12567f7be4eaa4f898646f37db0c21cbce67ef
7e1150dbc4124a8d6dfa07c66f475f2fa4064a33c888474c73427bc3b49e09d8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81fb18f0aec660394554e70ac7168c0561a3885ebb2dea308c50dd1af48d1eaf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c9b7fb37ffcb48f3013d74e9873a134c75422d94cd1195fb5968a3b8fc4683
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
8804e09bd9622f62c7ea9d112aadc64b1076efb855fd6874428c1ea1421f8049
8d399b1c23f44bd52d6cde9572036fd38f9721ed04fbd46477599c49935352e4
8d5a4ba8b071cadba3b57ad718f630f13568fd17facc6a06a37de1c2e09fc138
90484e5ee10b3b73380166327c3d50cc14203fafb8072a110e58b782fc0b25e9
9220439615e1c2ad633b1f760f50826d858acf491cbddebca9409fa2641be0d0
9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d
94c773dcde64d37e7e0c794d01170d887dd0a3970b7756bf9559dd5f95cbc535
9606e40f6bc0a04506098b0a9d82be63b2782a1d24607e889bfdfc1c5a593466
962ccd103e3addd1c3119c689f4ad7240175517e44523203a2ff10d219a55d7e
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
996e5c64b65e91ac6230e51bd3e1066d8528ca886d4629fe6868401f28a5e6ce
99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d
9e797b9e6fd24e5a7da5feec0388488fc247be90c6f81c9a50ee96771554c5ac
a318e7cbafdaaeaeb31b65d0cb5d6a59ce036d6789eb90a4e809ab8dfd4f2263
a495086825ae576bb41088e71fe50cbf51a3f3167f7b1f5d2ac9fc97cf777787
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a74e8e09a8ed5e6af50dc8b11de9bdfb88eb2f32f7ac31eeb5a9882732642be0
a8b9520692636f899ac58da8b48fb4c52f75b8ebd1ad4b23ff82d3beb45dec52
a92f2804951ebc50c30e8d7c051a4baf40f783c1b2e0c67780576b9963cd2505
b395ec4964eaea12636df05446d2b869fc711b7cf7cd630cd7bce422c954aaaf
b4c9f3afd45ec4a00166932dddb6328aedbe4a899446285590d0d92377d53bd9
b889702b507ada15404590aba51cd396eeeb03ac4332c1c252256db3c892e552
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c4ec9a806a1f6ac0a51ba942a405f4b8dba3f44fdfe4841b4d6632f890a5a3c3
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
cb431fde68d006b91696301dbed291230beab9035d5f3f24d247091678006ec8
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d011a4101fd4988a5f39a8a5002b2d725398224fb8d3c9b7b203e075891b7548
d2e59a705b8eacd189c1ffbc010a7dd82266a78a97602c52990f93d4c28d3e3c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea701dffec9517f424f99c79116234c08c0ef59e6d75ad1771a1edfd675655d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e5f3952e2ef2035850d79f04862739ee276900e3fb6223a7228ed1d715e8c5f2
e64d0f41035ae3f7dc714c1f628607ffc252485fd08dcb20123aae2cdd5a6f44
e6d44f1c840d0c0310dbf96a7853de3783992d590b66b2d01b3c4928a6f476eb
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcf470918cdf64149fce46d045b601f5d393bc28d0662aa9791738a790da186e

soothingnature.xyz Open in urlscan Pro 54.38.29.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

146 Requests

73 %HTTPS

82 %IPv6

16 Domains

24 Subdomains

23 IPs

5 Countries

3312 kBTransfer

5935 kBSize

4 Cookies

1 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

soothingnature.xyz Open in urlscan Pro
54.38.29.221 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

73 %
HTTPS

82 %
IPv6

16
Domains

24
Subdomains

23
IPs

5
Countries

3312 kB
Transfer

5935 kB
Size

4
Cookies

146 HTTP transactions
5 data transactions