omegle.onl Open in urlscan Pro
2606:4700:3034::ac43:9e26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://omegle.onl/
Effective URL:
https://omegle.onl/home/
Submission: On February 09 via api (February 9th 2024, 5:08:47 am UTC) from US — Scanned from NL

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 81 HTTP transactions. The main IP is 2606:4700:3034::ac43:9e26, located in United States and belongs to CLOUDFLARENET, US. The main domain is omegle.onl. The Cisco Umbrella rank of the primary domain is 643137.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.

This is the only time omegle.onl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:e44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2606:4700:303... 2606:4700:3034::ac43:9e26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
81	15

1 2606:4700:3037::6815:e44 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

omegle.onl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3034::ac43:9e26 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

omegle.onl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

atshroomisha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itskiddien.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	377 KB
18	omegle.onl 2 redirects omegle.onl — Cisco Umbrella Rank: 643137	333 KB
9	jouteetu.net jouteetu.net
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	112 KB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	4 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	113 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	6 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4031	1 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	72 KB
3	atshroomisha.com atshroomisha.com — Cisco Umbrella Rank: 410725	14 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
1	itskiddien.club cdn.itskiddien.club — Cisco Umbrella Rank: 221074	2 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11663	540 B
81	14

	Domain	Requested by
18	omegle.onl	2 redirects omegle.onl atshroomisha.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	omegle.onl pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	jouteetu.net	atshroomisha.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	mc.yandex.com	3 redirects omegle.onl mc.yandex.ru
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	omegle.onl googleads.g.doubleclick.net
3	mc.yandex.ru	1 redirects omegle.onl
3	atshroomisha.com	omegle.onl atshroomisha.com
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
1	mts0.google.com	googleads.g.doubleclick.net
1	cdn.itskiddien.club	atshroomisha.com
1	my.rtmark.net	atshroomisha.com
81	17

This site contains no links.

Subject Issuer	Validity	Valid
omegle.onl GTS CA 1P5	`2023-12-16` - `2024-03-15`	3 months	crt.sh
atshroomisha.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
jouteetu.net R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
itskiddien.club R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://omegle.onl/home/
Frame ID: 8C07F5792D81875C42170F8098319F1E
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: 58C6A6FF0262D3F3BD19155B61206D8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5786075630235441&output=html&h=280&slotname=1348857726&adk=540980048&adf=3777207981&pi=t.ma~as.1348857726&w=1200&fwrn=4&fwrnh=100&lmt=1707455323&rafmt=1&format=1200x280&url=https%3A%2F%2Fomegle.onl%2Fhome%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707455323311&bpp=2&bdt=212&idt=130&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&correlator=8042007364878&frm=20&pv=2&ga_vid=2132254313.1707455323&ga_sid=1707455323&ga_hid=1555687866&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080797%2C31080947%2C95322434%2C95324581%2C31080873%2C95323760%2C95324155%2C95324160%2C95324263&oid=2&pvsid=2005104522172929&tmod=928088498&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=137
Frame ID: 7D97C5CE2EBA55AC5FA5E4E2ECB93A6F
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5786075630235441&output=html&adk=1812271804&adf=3025194257&lmt=1707455323&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fomegle.onl%2Fhome%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707455323320&bpp=1&bdt=221&idt=136&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=8042007364878&frm=20&pv=1&ga_vid=2132254313.1707455323&ga_sid=1707455323&ga_hid=1555687866&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080797%2C31080947%2C95322434%2C95324581%2C31080873%2C95323760%2C95324155%2C95324160%2C95324263&oid=2&pvsid=2005104522172929&tmod=928088498&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=142
Frame ID: 93658335FF1FEFC57C9BA25598212F95
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 95CA483C21027E393293CEF7FE28C911
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F6C1A986AC4D0C9CA5F299D0769D84AC
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D4BDF75FDFE80ECC4A4A09A08029D6D3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 792C487783B78B5A5426B85EAD490900
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: 30F33A1C33C274516858E571D6560C26
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: 5CA7878AEEF6480CA148C5E8006AEB25
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA87168A5CB1AA13D798A74373A2AC8A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 470D27CAFF93A2CC6EDACD56237DE00A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Omegle

Page URL History Show full URLs

http://omegle.onl/ HTTP 301
https://omegle.onl/ HTTP 301
https://omegle.onl/home/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

81
Requests

95 %
HTTPS

73 %
IPv6

14
Domains

17
Subdomains

15
IPs

4
Countries

1161 kB
Transfer

2899 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://omegle.onl/ HTTP 301
https://omegle.onl/ HTTP 301
https://omegle.onl/home/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10274.9RLubztfyI3tuWjqQ8IcOUR6pyAvZoXOJFi_7-LSR3EwotkqU7ojEm2mgxqnkZ9h.uClFFqkngk0uOvamV6s1OHX5KmY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10274.xcsX2Et8lTFr2AY1pxcaSbGw38OTn24xtNASRB4OvIcL8S0Rs6lMXcigoFiOzWoh6MivCM8XjCCu2rbLAEXeI-3sMNrLhHWcqlqRJIbGcal2bKxanaIKHRlToQ7lGGXvbwV24c1cOMJNvtWKWXV_qcegsbal7zQSysuFA2QGSN268E3NUfhytp16Pm2TglN29DR5X08irDWIUBaXw88407slICPbZjbEGMtEmgBCZQI%2C.q3fcb8L_2PQOcxqZjm_TEOujUBY%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10274.XYE4IGxcLBErf16D7mMeLDDXMZ-E9-tG1qz6U82MtaFrhFJywA3Ft8hN2LcFZ1FFStDnQaEN47-NMjtbA7PSzUGEWfcO2XnI28wMeNsYavZo4Up3YEtf3UDh1Rx64cFjMI-e4qiqo2gTQ7D7zN3CRxVu2O5UpG1KSKUX0540Y91yypffujFwxIRSO7H1H4bsRTImQ0RFFaVNP0ol1wkD2w%2C%2C.zEdqHb8X-VfodgzuHEseV3uIqkE%2C

Request Chain 41

https://mc.yandex.com/watch/53725207?wmode=7&page-url=https%3A%2F%2Fomegle.onl%2Fhome%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A871043469804%3Ahid%3A467847340%3Az%3A60%3Ai%3A20240209060843%3Aet%3A1707455324%3Ac%3A1%3Arn%3A364864862%3Arqn%3A1%3Au%3A1707455324602827869%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C110%2C0%2C409%2C0%2C%2C144%2C0%2C%2C%2C%2C664%3Aco%3A0%3Acpf%3A1%3Ans%3A1707455322577%3Afp%3A629%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707455324%3At%3AOmegle&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/53725207/1?wmode=7&page-url=https%3A%2F%2Fomegle.onl%2Fhome%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A871043469804%3Ahid%3A467847340%3Az%3A60%3Ai%3A20240209060843%3Aet%3A1707455324%3Ac%3A1%3Arn%3A364864862%3Arqn%3A1%3Au%3A1707455324602827869%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C110%2C0%2C409%2C0%2C%2C144%2C0%2C%2C%2C%2C664%3Aco%3A0%3Acpf%3A1%3Ans%3A1707455322577%3Afp%3A629%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707455324%3At%3AOmegle&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 73

https://googleads.g.doubleclick.net/pagead/adview?ai=CfQJnW7PFZcLtHObmmLAPufuCgAeCp-CTcpX-stvJEYOChsvCARABILTNhHJgkQSgAYb7l8kCyAEJqQJfQ9rJgweyPqgDAcgDywSqBPkBT9C_tNL2wMs2t8AACwP3j3kc82Mc0I58yPpYhEt5rcM2IpQ9cO-nygarZQtqHJIE7sO-hLtR_Nf15fAj8KeUOQFfrQDJoB31n6b2-qakMzht5Fy403HSWWOXkqRXOlpnyWSGJ2Vpyv5XYPnKjp0JWPGgwmpIICYZoYr0w87aVMPuc2F7wJXNcRqkxNjgABeV01-W6RQDyX_1TrrpYsrSgl8U92y8VvSb_fLT1e0k96yaIWkixQK54hyW6WjdXQdyJOSmR3sPYWyCo0VRtPVk3fQiY_xAfYmF9jeXlmHOQgeI7brNQenz9cVqVQ7toDIPDB5G32rXyk-2wAS85K3ztgSIBbP_m41MkgUECAQYAZIFBAgFGASgBi6AB-KE6LYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQ-9ihAdIIJgiA4YBwEAEYHzIC6wI6CYBAgICEgICECEi9_cE6WKfWmeC-nYQDmgkfaHR0cHM6Ly93d3cuMTIzc3BvcnR1aXRsYWF0Lm5sL4AKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItNTc4NjA3NTYzMDIzNTQ0MRgA&sigh=lBBU6WgX8i8&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_JJZDkprp8VTz8HyrF4KINOT9fMIG_ragN9H6r5j_s-c8dKYxd5IAva2RIGGydcaaDh7wh8z6qPU796-pNudtrtI7hn4dKpXIDdYYAQ&template_id=520&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210271227916940536808%22,%22debug_reporting%22:true,%22destination%22:%22https://123sportuitlaat.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22690355590%22],%2222%22:[%22true%22],%224%22:[%2202-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228631303628758578625%22}&andc=true

81 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
omegle.onl/home/
Redirect Chain

http://omegle.onl/
https://omegle.onl/
https://omegle.onl/home/

32 KB
9 KB

111ms
110ms

Document
text/html

2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bc0f62a68812849721c8dcd65fe9ad0cf67d2fd217dc560e29d1f01264d244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85299898bfb72c29-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 05:08:43 GMT
link: <https://omegle.onl/wp-json/>; rel="https://api.w.org/" <https://omegle.onl/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json" <https://omegle.onl/?p=9>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIW3DtzBrWBCGCD5x5stwGGH6Yr6su1y%2B8TX8%2BdpJ6im5Gw65T6hqxMTHF9dyxFHMHwc13QbfSnQIfOLM8ji7h%2BEuLUQ1v3CBqdEEMCfdkLGOn8StSy3uXrc9c%2BMVP%2Fu74py1gpCb9Tn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-srcache-fetch-status: HIT
x-srcache-store-status: BYPASS
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 852998980f012c29-FRA
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 05:08:42 GMT
location: https://omegle.onl/home/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
redirecttype: Quick Page Post Redirect - Quick
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfaUzwRM52heY8NtIJptLNUnL9Pei6GMZOgy81dV9jJ%2Fo8ui1wDcrct2dDb8TrF6JlTDT%2FcZ0nkIJ9DvzSR%2FRMCp9fDdxkS9H2ApNxe4ptDIx1wTjVmNDeMkPK5vZTSfQS%2Fem2%2FwfyhC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-redirect-by: WordPress
x-srcache-fetch-status: HIT
x-srcache-store-status: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 micro.tag.min.js Show response
atshroomisha.com/pfe/current/ 31 KB
13 KB 56ms
13ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Requested by: Host: omegle.onl
URL: https://omegle.onl/home/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5c044369ca8856f06581f763d01a0394980980a470cfb7a284d4bba62d8463d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 12:32:55 GMT
server: nginx
etag: W/"65c37877-7def"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 style.min.css
omegle.onl/wp-includes/css/dist/block-library/ 108 KB
15 KB 46ms
45ms Stylesheet
text/css 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 797339
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Jan 2024 23:27:45 GMT
server: cloudflare
etag: W/"65b985f1-1ae43"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyN9WMT6PQmmbFPHI3k75GYJNBTEES7tTAGJK8alh8%2B9ecfbx7C3C%2BFyEyzNataGWFkPBSyGlBRTiQQ2ojT098u052kxxO0%2Fb7fMWcrs8Qc3xHQwQNJ8T%2FS8f2ZPGvXr7MvkDoamC1Ca"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 852998996dac30e8-FRA
expires: Thu, 29 Feb 2024 23:39:44 GMT

GET
H3 200 style.css
omegle.onl/wp-content/themes/kelly/ 24 KB
7 KB 48ms
47ms Stylesheet
text/css 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-content/themes/kelly/style.css?ver=6.4.3

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78408983802ee21d9c0ad3f0d80d3eaab490e8dec2582a77fe5b161419dc775b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 797339
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 May 2019 10:19:34 GMT
server: cloudflare
etag: W/"5ce673b6-6065"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgRA9B3eoTWh8LjFdqqX0HALoHE5iSrkubCxVdNEIasISX0AQu36m4VuAEz4seuXI%2FJiHKLvoq7Kyeu7%2BsjIWy4m0FOsq4JNXvyiXNKQMgu77UNeitHA1%2Bz%2BSiy67LVt3JETVnDTkcLR"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 852998996dae30e8-FRA
expires: Thu, 29 Feb 2024 23:39:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CLeckerli+One&subset=latin%2Clatin-ext

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40c375a15aad4d367f5ad9696c33ab3aeadb505f39727c8fcbc0dff912d3538f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 05:08:43 GMT

GET
H3 200 genericons.css
omegle.onl/wp-content/themes/kelly/genericons/ 30 KB
19 KB 28ms
27ms Stylesheet
text/css 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-content/themes/kelly/genericons/genericons.css?ver=3.0.3

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 997339
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Aug 2018 11:36:39 GMT
server: cloudflare
etag: W/"5b6c2747-7945"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxtt1MQvo54FSNzajDxn0aEVhXmrnbAXezgaTRula0TqbfZpocb2mbQ6WUebnSlQBTsQSphRzlFSAK8tGy7NMj3x5wZjQg6F2bQD%2F7C98I612fNWyzjN9RjTeX4qbmBoPnDcDaHPQh2Y"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 852998996db030e8-FRA
expires: Tue, 27 Feb 2024 16:06:24 GMT

GET
H3 200 frontend.css
omegle.onl/wp-content/plugins/carousel-slider/assets/css/ 26 KB
8 KB 65ms
64ms Stylesheet
text/css 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-content/plugins/carousel-slider/assets/css/frontend.css?ver=2.2.4

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2168c60099774d5a4d12a971c13aefd29df57fdd3f0c6dd0e72ba56bdfb34a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 997339
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 12 Nov 2023 23:28:02 GMT
server: cloudflare
etag: W/"65515f82-68c3"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo%2FbQ%2BGOu3%2B%2BjSVui7bQxhDQRn6N52GN12e%2Fxg9P6bgnz1OCgx98ARjZa0plaJ1v0ngiAmOVQBf6MqtLuzZPPKTo4FFjfCR3%2F8NXM3TOQLe5olBcP%2FlEw65pPP1FcB%2FppA%2FU65NR0WC0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 852998996db130e8-FRA
expires: Tue, 27 Feb 2024 16:06:24 GMT

GET
H3 200 jquery.min.js Show response
omegle.onl/wp-includes/js/jquery/ 86 KB
31 KB 67ms
66ms Script
application/javascript 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 996534
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 18:30:39 GMT
server: cloudflare
etag: W/"657c9b4f-15601"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJIqLHrpQe3cfDw18U3O5U4BVUQE5lf5S8mMAnxk6yTKc4eBFdQWm%2BD5JTGzp8yR0AR4mEL0vG8tL%2FxKD4u46xcRINdoj39pw1a9CK9Y%2Fzcm4GHJMcKzDoh0rWG3GQZFLWLY2FIOHbAJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 852998996db230e8-FRA
expires: Tue, 27 Feb 2024 16:19:49 GMT

GET
H3 200 jquery-migrate.min.js Show response
omegle.onl/wp-includes/js/jquery/ 13 KB
5 KB 82ms
82ms Script
application/javascript 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 996534
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 18:30:39 GMT
server: cloudflare
etag: W/"657c9b4f-3509"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXV%2FyiEz2kZzlV6Jday4o%2BXPSu5%2BsRDJ%2BtLmh6snygn7MWQx3gzPJbAo92oGXjbbAXgmt1SSKGapS65nF3xFmqMFS0VtWahWIX9%2F5XLSaYuKRze0i569ufaEmIg1wk%2FoskpbnX5JWSLv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 852998996db330e8-FRA
expires: Tue, 27 Feb 2024 16:19:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 82ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63d3e4a775050041219a55e3647ce1592a386e68142a082d9d28861f33c419f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51249
x-xss-protection: 0
server: cafe
etag: 14937648216127311579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 09 Feb 2024 05:08:43 GMT

GET
H3 200 Omegle.png
omegle.onl/wp-content/uploads/2018/08/ 13 KB
14 KB 83ms
82ms Image
image/png 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omegle.onl/wp-content/uploads/2018/08/Omegle.png

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d1e47d67469e742d8539ed9c38d036748c11a3f96cc7b0ba320ea6dc483fbf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3590035
alt-svc: h3=":443"; ma=86400
content-length: 13807
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Aug 2018 11:58:11 GMT
server: cloudflare
etag: "5b6c2c53-35ef"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7M%2BDaSqn7D4RYF4GMJrWTvdBeVtWYPykAJsqkSUJG3I3ehAcK3RohU4RiGN9rzIdSz2rcsWybyjWFxpHaBFbE9U9icrBVsSlH29RbHFb1%2FXzhaFwxcbUAbNwX9%2BEbVxZoun6PxDe9rk"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 852998996db430e8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Omegle-Screenshot-1.png
omegle.onl/wp-content/uploads/2018/08/ 29 KB
30 KB 84ms
83ms Image
image/png 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omegle.onl/wp-content/uploads/2018/08/Omegle-Screenshot-1.png

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f598cf49b54826987b54202779f0d5985b853582c27836bb1058dd9a165167b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3590035
alt-svc: h3=":443"; ma=86400
content-length: 30016
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Aug 2018 12:53:59 GMT
server: cloudflare
etag: "5b6c3967-7540"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ym2K1klFKpukTNYQb53W6d69acSNzgQWbGWJSgevbg2Wa8UFOgRG9dgQ9QSCN5HXeL93H%2FaDjIwbZqkHXRofxLnSFKsRGwNbUoQtOQbRulFyIBVrdMkJaA1bmj2TIHFlVlvJjE2eh5Zu"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 852998996db530e8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Omegle-Screenshot-2.png
omegle.onl/wp-content/uploads/2018/08/ 112 KB
113 KB 84ms
84ms Image
image/png 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omegle.onl/wp-content/uploads/2018/08/Omegle-Screenshot-2.png

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e64563e546bb698128db8d36e205b28318a043f297c0c1f18155cef3ffba5824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3590035
alt-svc: h3=":443"; ma=86400
content-length: 114606
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Aug 2018 12:53:57 GMT
server: cloudflare
etag: "5b6c3965-1bfae"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJhysOMogLjc4KzGLxtSROWL%2Farrd18ys5g8AGNTY4Qxw4Aoog4h6S33Zh0wK1uaUyceOKWBm%2BnS%2FOvnlGmz8L1IkEf4fyiqkV0ndg7h49Pi79RRoInjVxFc4lHZxHiUDX3jpg9MaXZC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 852998996db630e8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 navigation.js Show response
omegle.onl/wp-content/themes/kelly/js/ 2 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-content/themes/kelly/js/navigation.js?ver=20120206

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5695a45b920ebd68efb8d85e1e1f4fa7c94723c2c76ffc93bc3a4f6519768a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 997319
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Aug 2018 11:36:39 GMT
server: cloudflare
etag: W/"5b6c2747-6c3"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKjK7Rfjxh1Bn208ciV7Pu%2FUM4RYhh5n2vhauAcAT0rH6MjcNCRxZaDG9R%2F8JWbda3F0Lww9ie3BbBxDaEjBChgdCUr9R5BEa%2FWcLLqm%2BtaYdf1809B4ukFPdl41%2B2T4Ka%2FAHiowLg3J"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 85299899fe3630e8-FRA
expires: Tue, 27 Feb 2024 16:06:44 GMT

GET
H3 200 skip-link-focus-fix.js Show response
omegle.onl/wp-content/themes/kelly/js/ 733 B
883 B 25ms
24ms Script
application/javascript 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-content/themes/kelly/js/skip-link-focus-fix.js?ver=20130115

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53aa25d22b04cbad3939922330b5e5b97a8458c3079118c22f728cb4361f66d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 997319
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Aug 2018 11:36:39 GMT
server: cloudflare
etag: W/"5b6c2747-2dd"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUJpCO%2FFf5dpzmAqU3NAUSMGptK8qm8SED8MaFY8V%2Bxu1XTTwSdTeZwNkSo2xPZM3tSWQQrstcVYHNFUgv77gLPOc%2Bo982G73HzbrNoXn7PSRP9tYMxB3Fy%2B%2FZBIgLisxp%2FIJdJcpvUK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 85299899fe3930e8-FRA
expires: Tue, 27 Feb 2024 16:06:44 GMT

GET
H3 200 frontend.js Show response
omegle.onl/wp-content/plugins/carousel-slider/assets/js/ 64 KB
20 KB 32ms
32ms Script
application/javascript 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-content/plugins/carousel-slider/assets/js/frontend.js?ver=2.2.4

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df51260b0b49e07e95e7663bd1e15bbeaadbbfd9ada696102be35cfd5ec463a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 996534
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 12 Nov 2023 23:28:02 GMT
server: cloudflare
etag: W/"65515f82-101a0"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSABsCCOCjDD8vQJQBFx5%2BnbTSxUQZEA6%2FFvlctZJ%2BkMHK0qtFF1wUcvzINF0n2RPEe1rsBZJeAzJLS8QWnk5yi8gMqNJKpQXRzQowtZ0eYYhRuytpCpx%2FoLayYjhPKaf%2FfZzZP9qf9t"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 85299899fe3c30e8-FRA
expires: Tue, 27 Feb 2024 16:19:49 GMT

GET
BLOB 200
OK a0cefaea-aea6-4f35-abdb-b63eb27f4306
https://omegle.onl/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://omegle.onl/a0cefaea-aea6-4f35-abdb-b63eb27f4306
Requested by: Host: omegle.onl
URL: https://omegle.onl/home/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

POST
H2 200 custom
jouteetu.net/ 0
0 67ms
26ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sw-check-permissions.js
omegle.onl/ 0
819 B 27ms
27ms Other
application/javascript 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/sw-check-permissions.js?zoneId=5639634

Requested by

Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1972640
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 16:18:03 GMT
server: cloudflare
etag: W/"63c032bb-236"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qhzTjAQQKufw%2Fp6BcX06eYGSbFg%2FMbGNqPleRV0OyJSd2YRibaVuEshGgI9u6zuSGsvAuz1vU0VWvRf1h%2FeRLmVR6JXnt%2FVCHAVCHcfPCUhm5xXyvVw8H3gH%2B6k50FP613kEb5i1TVL"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 85299899fe4030e8-FRA
expires: Fri, 16 Feb 2024 09:11:23 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 54ms
15ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
atshroomisha.com/ 0
254 B 14ms
14ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://atshroomisha.com/zone?&pub=0&zone_id=5639634&is_mobile=false&domain=omegle.onl&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.482&trace_id=5343f9c5-1591-4f58-b8eb-24535a500942&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-trace-id: f87dd04aaf8d53ced703ed4213237bab
date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://omegle.onl
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 66ms
27ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 66ms
27ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 73ms
34ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 52ms
15ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5639634&checkDuplicate=true&ymid=&var=

Requested by

Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8222d4abf8c7059e8a6dc2fd7298c0e5d2aefa0b853d0d0dcb9a3261622f67cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omegle.onl
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 48ms
16ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 18ms
18ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone Show response
atshroomisha.com/ 820 B
1 KB 43ms
15ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://atshroomisha.com/zone?&pub=0&zone_id=5639634&is_mobile=false&domain=omegle.onl&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.482&trace_id=5343f9c5-1591-4f58-b8eb-24535a500942&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d93cfc3263eba51fef0e2486318426656e060b432c1ed86036a62efad3e503fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-trace-id: 73638921b893842389d2d22541fb4d64
date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omegle.onl
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 820

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CLeckerli+One&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://omegle.onl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:04:50 GMT
x-content-type-options: nosniff
age: 104633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:04:50 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 14ms
13ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 15ms
13ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://omegle.onl/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 apu.php Show response
cdn.itskiddien.club/ 968 B
2 KB 70ms
15ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddien.club/apu.php?zoneid=6543379

Requested by

Host: atshroomisha.com
URL: https://atshroomisha.com/pfe/current/micro.tag.min.js?z=5639634&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

cfc8830c860022ca3fe2fe1a84cf924c96c6b5c4869ffda75028d537bf52df04

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 968
x-trace-id: dafc469aedaca2bd81eca76596864483
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 Omegle-Screenshot-3.png
omegle.onl/wp-content/uploads/2018/08/ 53 KB
53 KB 25ms
25ms Image
image/png 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omegle.onl/wp-content/uploads/2018/08/Omegle-Screenshot-3.png

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd7ceb84c5a99503a37d0d90a80dfe95f17e70b82916c09720cccdd5104dd171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3589910
alt-svc: h3=":443"; ma=86400
content-length: 53869
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Aug 2018 12:53:55 GMT
server: cloudflare
etag: "5b6c3963-d26d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghBW3jP65gJyJX92J%2BZREm9g%2BwXClXMaEiV5OE9kTCQeTott9a7dEcR%2BUKeqyM9qnDzyM47B4vXRqf9LZtxaBXW3e%2FSyuEEKeBbJs74DdT5k65QAII5JUODpLbMgw1cYA8N%2FXlxQlBoY"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000, no-transform
accept-ranges: bytes
cf-ray: 8529989a4e7c30e8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 303ms
171ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1dcb72155edae8fec6f6fa0f8c6d6a5ae62f6c02f4cbe6cb10befe676409f6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Feb 2024 09:19:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65c49caf-11832"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71730
expires: Fri, 09 Feb 2024 06:08:43 GMT

GET
H3 200 wp-emoji-release.min.js Show response
omegle.onl/wp-includes/js/ 18 KB
5 KB 26ms
26ms Script
application/javascript 2606:4700:3034::ac43:9e26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omegle.onl/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9e26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 793908
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 18:30:39 GMT
server: cloudflare
etag: W/"657c9b4f-4904"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYS62Ej%2FIpdj6tpCT%2FweqqveNix%2BZ9upvEa%2FcOYRuixLVrSKMCcUXBE0aUXdgLT57AG%2BoqEnQEE0sFrpqOJlm193fp9Lpr6V%2FhGnCPxLZzRA9KWX2lv7CJ7Iu8cs9ZLVufJ%2BB3Yx812R"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 8529989a4e7d30e8-FRA
expires: Fri, 01 Mar 2024 00:36:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 406 KB
138 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5786075630235441&plah=omegle.onl&aplac=true&bust=31080873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccc5ebd36b177c08c980fb26dae02808299181fc5e89db0124094877445f41d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140916
x-xss-protection: 0
server: cafe
etag: 11700880251647126170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 05:08:43 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 58C6 9 KB
5 KB 66ms
20ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omegle.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 6417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 03:21:46 GMT
etag: 3890843268177463596
expires: Fri, 23 Feb 2024 03:21:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D97 159 KB
47 KB 1231ms
1231ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5786075630235441&output=html&h=280&slotname=1348857726&adk=540980048&adf=3777207981&pi=t.ma~as.1348857726&w=1200&fwrn=4&fwrnh=100&lmt=1707455323&rafmt=1&format=1200x280&url=https%3A%2F%2Fomegle.onl%2Fhome%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707455323311&bpp=2&bdt=212&idt=130&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&correlator=8042007364878&frm=20&pv=2&ga_vid=2132254313.1707455323&ga_sid=1707455323&ga_hid=1555687866&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080797%2C31080947%2C95322434%2C95324581%2C31080873%2C95323760%2C95324155%2C95324160%2C95324263&oid=2&pvsid=2005104522172929&tmod=928088498&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=137

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5786075630235441&plah=omegle.onl&aplac=true&bust=31080873

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7848c96afa78c0a1a25ce07708860d6c5866b6ea1e2d7c97affc948d7f82ff74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omegle.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 05:08:44 GMT
expires: Fri, 09 Feb 2024 05:08:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9365 215 KB
56 KB 915ms
915ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5786075630235441&output=html&adk=1812271804&adf=3025194257&lmt=1707455323&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fomegle.onl%2Fhome%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707455323320&bpp=1&bdt=221&idt=136&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=8042007364878&frm=20&pv=1&ga_vid=2132254313.1707455323&ga_sid=1707455323&ga_hid=1555687866&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080797%2C31080947%2C95322434%2C95324581%2C31080873%2C95323760%2C95324155%2C95324160%2C95324263&oid=2&pvsid=2005104522172929&tmod=928088498&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=142

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4cb761e1b8656fabb819fe722a40aadfe12d738987f2862cec8ae004d6c45de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omegle.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57120
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 05:08:44 GMT
expires: Fri, 09 Feb 2024 05:08:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10274.9RLubztfyI3tuWjqQ8IcOUR6pyAvZoXOJFi_7-LSR3EwotkqU7ojEm2mgxqnkZ9h.uClFFqkngk0uOvamV6s1OHX5KmY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10274.xcsX2Et8lTFr2AY1pxcaSbGw38OTn24xtNASRB4OvIcL8S0Rs6lMXcigoFiOzWoh6MivCM8XjCCu2rbLAEXeI-3sMNrLhHWcqlqRJIbGcal2bKxanaIKHRlToQ7lGGXvbwV24c1cOM...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10274.XYE4IGxcLBErf16D7mMeLDDXMZ-E9-tG1qz6U82MtaFrhFJywA3Ft8hN2LcFZ1FFStDnQaEN47-NMjtbA7PSzUGEWfcO2XnI28wMeNsYavZo4...

43 B
583 B

64ms
64ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10274.XYE4IGxcLBErf16D7mMeLDDXMZ-E9-tG1qz6U82MtaFrhFJywA3Ft8hN2LcFZ1FFStDnQaEN47-NMjtbA7PSzUGEWfcO2XnI28wMeNsYavZo4Up3YEtf3UDh1Rx64cFjMI-e4qiqo2gTQ7D7zN3CRxVu2O5UpG1KSKUX0540Y91yypffujFwxIRSO7H1H4bsRTImQ0RFFaVNP0ol1wkD2w%2C%2C.zEdqHb8X-VfodgzuHEseV3uIqkE%2C

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10274.XYE4IGxcLBErf16D7mMeLDDXMZ-E9-tG1qz6U82MtaFrhFJywA3Ft8hN2LcFZ1FFStDnQaEN47-NMjtbA7PSzUGEWfcO2XnI28wMeNsYavZo4Up3YEtf3UDh1Rx64cFjMI-e4qiqo2gTQ7D7zN3CRxVu2O5UpG1KSKUX0540Y91yypffujFwxIRSO7H1H4bsRTImQ0RFFaVNP0ol1wkD2w%2C%2C.zEdqHb8X-VfodgzuHEseV3uIqkE%2C
date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
476 B 79ms
79ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Feb 2024 09:19:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65c49caf-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 09 Feb 2024 06:08:43 GMT

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 95CA 2 KB
1 KB 107ms
107ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://omegle.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 862
content-type: text/html
date: Fri, 09 Feb 2024 05:08:43 GMT
etag: "65c49caf-35e"
expires: Fri, 09 Feb 2024 06:08:43 GMT
last-modified: Thu, 08 Feb 2024 09:19:43 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/53725207/
Redirect Chain

https://mc.yandex.com/watch/53725207?wmode=7&page-url=https%3A%2F%2Fomegle.onl%2Fhome%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.com/watch/53725207/1?wmode=7&page-url=https%3A%2F%2Fomegle.onl%2Fhome%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Al...

459 B
542 B

66ms
66ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53725207/1?wmode=7&page-url=https%3A%2F%2Fomegle.onl%2Fhome%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A871043469804%3Ahid%3A467847340%3Az%3A60%3Ai%3A20240209060843%3Aet%3A1707455324%3Ac%3A1%3Arn%3A364864862%3Arqn%3A1%3Au%3A1707455324602827869%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C110%2C0%2C409%2C0%2C%2C144%2C0%2C%2C%2C%2C664%3Aco%3A0%3Acpf%3A1%3Ans%3A1707455322577%3Afp%3A629%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707455324%3At%3AOmegle&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5eff96a1150b557bf94e62c47a5b4f32f13cef8c2073877d39ec69266ca4099f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 09-Feb-2024 05:08:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://omegle.onl
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 459
x-xss-protection: 1; mode=block
expires: Fri, 09-Feb-2024 05:08:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Feb 2024 05:08:43 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 09-Feb-2024 05:08:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53725207/1?wmode=7&page-url=https%3A%2F%2Fomegle.onl%2Fhome%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A871043469804%3Ahid%3A467847340%3Az%3A60%3Ai%3A20240209060843%3Aet%3A1707455324%3Ac%3A1%3Arn%3A364864862%3Arqn%3A1%3Au%3A1707455324602827869%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C110%2C0%2C409%2C0%2C%2C144%2C0%2C%2C%2C%2C664%3Aco%3A0%3Acpf%3A1%3Ans%3A1707455322577%3Afp%3A629%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707455324%3At%3AOmegle&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://omegle.onl
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 09-Feb-2024 05:08:43 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 165 KB
56 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/reactive_library_fy2021.js?bust=31080873

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c6a4207ddc04eab9a8dbc8e6dc28b6463e7380b49bde5dbfc6217c886a17d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57068
x-xss-protection: 0
server: cafe
etag: 4293158042437377672
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 05:08:44 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame F6C1 9 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omegle.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 04:24:30 GMT
etag: 3890843268177463596
expires: Fri, 23 Feb 2024 04:24:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F6C1 5 KB
790 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 05:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 03:15:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 05:08:44 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F6C1 205 B
295 B 80ms
27ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 23:56:50 GMT
x-content-type-options: nosniff
age: 105114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Feb 2025 23:56:50 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F6C1 604 B
1 KB 74ms
20ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:16:06 GMT
x-content-type-options: nosniff
age: 103958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 07 Feb 2025 00:16:06 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame F6C1 16 KB
7 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:47:02 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame F6C1 22 KB
9 KB 81ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:47:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D4BD 14 KB
1 KB 30ms
30ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 05:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:07:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 05:08:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame D4BD 2 KB
875 B 59ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame D4BD 23 KB
9 KB 54ms
43ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 792C 143 B
166 B 20ms
20ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 04:38:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame D4BD 3 KB
1 KB 53ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame D4BD 20 KB
8 KB 34ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4BD 205 KB
65 KB 64ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 05:08:44 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame D4BD 37 KB
16 KB 31ms
21ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 May 2024 00:15:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 792C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 05:08:44 GMT
expires: Fri, 09 Feb 2024 05:08:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 05:08:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 7D97 14 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5786075630235441&output=html&h=280&slotname=1348857726&adk=540980048&adf=3777207981&pi=t.ma~as.1348857726&w=1200&fwrn=4&fwrnh=100&lmt=1707455323&rafmt=1&format=1200x280&url=https%3A%2F%2Fomegle.onl%2Fhome%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707455323311&bpp=2&bdt=212&idt=130&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&correlator=8042007364878&frm=20&pv=2&ga_vid=2132254313.1707455323&ga_sid=1707455323&ga_hid=1555687866&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080797%2C31080947%2C95322434%2C95324581%2C31080873%2C95323760%2C95324155%2C95324160%2C95324263&oid=2&pvsid=2005104522172929&tmod=928088498&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=137

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Feb 2024 05:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 03:09:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Feb 2024 05:08:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7D97 2 KB
856 B 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 7D97 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7D97 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7D97 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 01:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Feb 2024 01:44:35 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D97 205 KB
65 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 05:08:44 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 7D97 37 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 May 2024 00:15:44 GMT

GET
H2 400 data=Jz_xPm5nKaWSOBZGcHdWjtKw760HvcXwrwbMVajUyaCVQN7yXOV61SLPw-aEm25hwyg09YGTBvv4BahYh1vaSw
mts0.google.com/vt/ Frame 7D97 0
0 151ms
40ms Image
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=Jz_xPm5nKaWSOBZGcHdWjtKw760HvcXwrwbMVajUyaCVQN7yXOV61SLPw-aEm25hwyg09YGTBvv4BahYh1vaSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5786075630235441&output=html&h=280&slotname=1348857726&adk=540980048&adf=3777207981&pi=t.ma~as.1348857726&w=1200&fwrn=4&fwrnh=100&lmt=1707455323&rafmt=1&format=1200x280&url=https%3A%2F%2Fomegle.onl%2Fhome%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707455323311&bpp=2&bdt=212&idt=130&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&correlator=8042007364878&frm=20&pv=2&ga_vid=2132254313.1707455323&ga_sid=1707455323&ga_hid=1555687866&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080797%2C31080947%2C95322434%2C95324581%2C31080873%2C95323760%2C95324155%2C95324160%2C95324263&oid=2&pvsid=2005104522172929&tmod=928088498&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=137
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7D97 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7D97 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7D97 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7D97 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame 30F3 51 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: omegle.onl
URL: https://omegle.onl/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:18:17 GMT

GET
DATA 200
OK truncated
/ Frame 7D97 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83bb4f856aa63422798bdd25b465fe2c3decf74fd885510a0ded821ade3c2d3f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7D97 33 KB
33 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 00:19:40 GMT
x-content-type-options: nosniff
age: 276544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 00:19:40 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7D97
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CfQJnW7PFZcLtHObmmLAPufuCgAeCp-CTcpX-stvJEYOChsvCARABILTNhHJgkQSgAYb7l8kCyAEJqQJfQ9rJgweyPqgDAcgDywSqBPkBT9C_tNL2wMs2t8AACwP3j3kc82Mc0I58yPpYhEt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210271227916940536808%22,%22debug_reporting%22:true,%22destination%22:%22https://123sportuitlaat.nl%22,%22event_report_wind...

0
0

93ms
51ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210271227916940536808%22,%22debug_reporting%22:true,%22destination%22:%22https://123sportuitlaat.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22690355590%22],%2222%22:[%22true%22],%224%22:[%2202-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228631303628758578625%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10271227916940536808","debug_reporting":true,"destination":"https://123sportuitlaat.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["690355590"],"22":["true"],"4":["02-09"],"6":["true"]},"priority":"500","source_event_id":"8631303628758578625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Feb 2024 05:08:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Feb 2024 05:08:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10271227916940536808","debug_reporting":true,"destination":"https://123sportuitlaat.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["690355590"],"22":["true"],"4":["02-09"],"6":["true"]},"priority":"500","source_event_id":"8631303628758578625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 103ms
63ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbc6e2af9c287855055311f8a19bbb3d28d99123a9c9240e3b2b3550ed0c41cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12279
x-xss-protection: 0

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CA7 51 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:18:17 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 104ms
50ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 09 Feb 2024 05:08:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 05:08:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA87 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://omegle.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 34537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 19:33:08 GMT
expires: Fri, 07 Feb 2025 19:33:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 470D 829 B
998 B 30ms
30ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45a805b285b21a8b07e815d74baabb80b8e3dacb8e0130d9095ea25a16228ac9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FxlLRZ5_mFpnI9nkaW1ZyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://omegle.onl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FxlLRZ5_mFpnI9nkaW1ZyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 05:08:45 GMT
expires: Fri, 09 Feb 2024 05:08:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame EA87 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 19:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 19:17:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 470D 0
0 51ms
50ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240207&jk=2005104522172929&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EA87 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c3BaMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 05:08:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240207&jk=2005104522172929&bg=!_f6l_rHNAAaxkZ3akZE7ADQBe5WfOOzOQ1LROtacOiZgRFz3dDy2A-yRtnmxf_j1TzcPH2LEBqV39lGXjjaArYlycCyDAgAAADJSAAAAAmgBBwoAFvAPgflNrTHHzWOwAahKKA3CX6KbTg-ZArnaMiHMVHI2ijGEzgik-I8DZiJX288pkQmeMOiXpYvPwT1Vem5vyc-3hCXrffj2sBZjZGjgFlSimeKv4oaZMRsA89TlHBzYVhxdbSiuT97lwU_rGJX62WrRRL_LAdyVuJXUfEZNphBLfPEcdsU2gCBl3Q-f2HAKYlWNGmPL4P1jMGqcQN2f1-aR4nwLMHAK95nWcfv4YXfOLQNqxbdxkP9D7tf1TVTKBr99ANFuxSiQYJcj7h-wuinUbVYtcXHKB4he8B_jY1cG5sPaeBUvxiA96riTMFkPVixtWl02fMmq9ZmofribmMJDwMrTxU8Pw8T-mRoYPdnb2HkzCWgJMbXDxnkpVc76ftraWRjrXIq91HdbhRZHJXwhoyZJZz6r9f3Iul6kr-0Ude5TttCH92B_ajyGIdUta3_lL_ybZ7gydaMPXyTOcS1H-G8PHwjo-tTSUf3tBONaXGzQY-j3vlS7BTpAaV8RS1lAmlU0XLiqE6llkoOXiDJ-f_2xBqAvjQP4HV4OF-CCsKfOCMej6pKggZaL17XVwlVPuIw01SJCDp8UndazsRCPtp8aVcb2gMAbalMyPrx7TTrI3xo0y9FdjAaHno8mmXx5E4oC6SDqdGwz9_LynFfJV3SqOCneXqHsWcQcjLULBSZ212qJSBV43af7vZ_b799gflk2krTLsb_Z9_-LIVNFP3Ih0nvfgDmalyqqYcpW07FUu59Dm6vZUw5uLjgWBDSpEOPVpobz0nn6qdTx65Nn4vjCQgge-cDvpF6-PJUWKVQYpdTHY9OTWMipyKhjfFJv-SKNt6O12NiACaeDCg10D6pVeAbmgfi8ETqq1V36NsT6WD6smnd1mPMB_Awu4jSRFawsS69aHdqGey8u_vAowXbeEfY2CeW0d-BqOyjWFMhsL1wXTfGd2Yu_iSFXuQNd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://omegle.onl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D97 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvllpsPYibrG3j5Vva90ybYAWNTdQrmFvjGhAO7kVMoPhs0Q0eUMr1hJSi6-L_V1JLGznEaQllDjQb0BN8gsWuV-zPv7dusr-sgtulHI6kvhm9V1V4M32Xjm-DVOJc-g12RFmAUStPt0ZJsISHGtXId5sJTEl5D74seAA&sai=AMfl-YQEPSFYGf7I1RAxL5grUKDZbct0_vGVsdzrbfOos5872lEu5NSI3aFfcJO5LX7w54ruY-xylpYqlU0KojUd7_nRWXBIH-zzcaTBtXfrGzB5X8Lv-xRUd5jBtGz0_MbIhPECiiE2-fYDR8j43DSqsQ&sig=Cg0ArKJSzGuXEoOLsv32EAE&cid=CAQSTwAvHhf_JJZDkprp8VTz8HyrF4KINOT9fMIG_ragN9H6r5j_s-c8dKYxd5IAva2RIGGydcaaDh7wh8z6qPU796-pNudtrtI7hn4dKpXIDdYYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=540980048&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=338812400&rst=1707455323449&rpt=1422&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Feb 2024 05:08:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 03:03:11	Name: ID Value: dfeacf40f6ba460c9875008a9cec9947
cdn.itskiddien.club/	1970-01-21 03:03:11	Name: OAID Value: 6e046aff9984452a8f70dcf8e8f71283
cdn.itskiddien.club/	1970-01-21 03:03:11	Name: oaidts Value: 1707455323
.omegle.onl/	1970-01-21 03:03:11	Name: _ym_uid Value: 1707455324602827869
.omegle.onl/	1970-01-21 03:03:11	Name: _ym_d Value: 1707455324
.mc.yandex.com/	1970-01-20 18:17:35	Name: sync_cookie_csrf Value: 163321943fake
.yandex.com/	1970-01-21 03:53:35	Name: i Value: 5L8wlV6rp0aT3Vxy7HKhSp4kL9XQ6zIDE3AbUcLpL2ftBQM8kQWsFzqxoXbPVNmDmUI1xbu6CO0RhNm3ldasUKx+NnY=
.yandex.com/	1970-01-21 03:03:11	Name: yandexuid Value: 6996590301707455323
.omegle.onl/	1970-01-20 18:18:47	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 18:17:35	Name: sync_cookie_csrf Value: 4130661148fake
.mc.yandex.com/	1970-01-20 18:19:01	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 03:53:35	Name: yandexuid Value: 6996590301707455323
.yandex.ru/	1970-01-21 03:53:35	Name: yuidss Value: 6996590301707455323
.yandex.ru/	1970-01-21 03:53:35	Name: i Value: 5L8wlV6rp0aT3Vxy7HKhSp4kL9XQ6zIDE3AbUcLpL2ftBQM8kQWsFzqxoXbPVNmDmUI1xbu6CO0RhNm3ldasUKx+NnY=
.yandex.ru/	1970-01-21 03:53:35	Name: yp Value: 1707541723.yu.476581571707455323
.yandex.ru/	1970-01-21 03:03:11	Name: ymex Value: 1710047323.oyu.476581571707455323
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1837124111707455323
.yandex.com/	1970-01-21 03:03:11	Name: yuidss Value: 6996590301707455323
.yandex.com/	1970-01-21 03:03:11	Name: ymex Value: 1738991323.yrts.1707455323
.yandex.com/	1970-01-21 03:03:11	Name: bh Value: KgI/MA==
.omegle.onl/	1970-01-21 03:39:11	Name: __gads Value: ID=264fcb184af3cf32:T=1707455323:RT=1707455323:S=ALNI_MbiYbytyzE6jL4GPg1Y_sTVbn3XAA
.omegle.onl/	1970-01-21 03:39:11	Name: __gpi Value: UID=00000d541ec605c7:T=1707455323:RT=1707455323:S=ALNI_MY9a2LBo5uNC85pKjU85PQYGWU73g
.omegle.onl/	1970-01-20 22:36:47	Name: __eoi Value: ID=ce294c9a433b6a4a:T=1707455323:RT=1707455323:S=AA-Afjb59RjDbu-BUaEVRDbyEUUl
.doubleclick.net/	1970-01-20 18:17:38	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:39:11	Name: IDE Value: AHWqTUnpU9v1WpL23NIgJcqzZSiF2udLjzUAkp7u3k3tNKi5LpgXc7qhtvVdOije_jo
.googleadservices.com/	1970-01-20 20:27:11	Name: ar_debug Value: 1

55 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://mts0.google.com/vt/data=Jz_xPm5nKaWSOBZGcHdWjtKw760HvcXwrwbMVajUyaCVQN7yXOV61SLPw-aEm25hwyg09YGTBvv4BahYh1vaSw Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://omegle.onl/home/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atshroomisha.com
cdn.itskiddien.club
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jouteetu.net
mc.yandex.com
mc.yandex.ru
mts0.google.com
my.rtmark.net
omegle.onl
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
139.45.195.8
139.45.197.236
139.45.197.251
172.217.18.2
2606:4700:3034::ac43:9e26
2606:4700:3037::6815:e44
2a00:1450:4001:800::200e
2a00:1450:4001:801::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
2a02:6b8::1:119
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
10bc0f62a68812849721c8dcd65fe9ad0cf67d2fd217dc560e29d1f01264d244
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1dcb72155edae8fec6f6fa0f8c6d6a5ae62f6c02f4cbe6cb10befe676409f6e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40c375a15aad4d367f5ad9696c33ab3aeadb505f39727c8fcbc0dff912d3538f
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45a805b285b21a8b07e815d74baabb80b8e3dacb8e0130d9095ea25a16228ac9
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53aa25d22b04cbad3939922330b5e5b97a8458c3079118c22f728cb4361f66d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5695a45b920ebd68efb8d85e1e1f4fa7c94723c2c76ffc93bc3a4f6519768a22
5c044369ca8856f06581f763d01a0394980980a470cfb7a284d4bba62d8463d2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1e47d67469e742d8539ed9c38d036748c11a3f96cc7b0ba320ea6dc483fbf6
5eff96a1150b557bf94e62c47a5b4f32f13cef8c2073877d39ec69266ca4099f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d3e4a775050041219a55e3647ce1592a386e68142a082d9d28861f33c419f5
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
78408983802ee21d9c0ad3f0d80d3eaab490e8dec2582a77fe5b161419dc775b
7848c96afa78c0a1a25ce07708860d6c5866b6ea1e2d7c97affc948d7f82ff74
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8222d4abf8c7059e8a6dc2fd7298c0e5d2aefa0b853d0d0dcb9a3261622f67cb
83bb4f856aa63422798bdd25b465fe2c3decf74fd885510a0ded821ade3c2d3f
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a4cb761e1b8656fabb819fe722a40aadfe12d738987f2862cec8ae004d6c45de
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19
b0c6a4207ddc04eab9a8dbc8e6dc28b6463e7380b49bde5dbfc6217c886a17d2
b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbc6e2af9c287855055311f8a19bbb3d28d99123a9c9240e3b2b3550ed0c41cf
ccc5ebd36b177c08c980fb26dae02808299181fc5e89db0124094877445f41d2
cfc8830c860022ca3fe2fe1a84cf924c96c6b5c4869ffda75028d537bf52df04
d2168c60099774d5a4d12a971c13aefd29df57fdd3f0c6dd0e72ba56bdfb34a1
d93cfc3263eba51fef0e2486318426656e060b432c1ed86036a62efad3e503fb
df51260b0b49e07e95e7663bd1e15bbeaadbbfd9ada696102be35cfd5ec463a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64563e546bb698128db8d36e205b28318a043f297c0c1f18155cef3ffba5824
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f598cf49b54826987b54202779f0d5985b853582c27836bb1058dd9a165167b0
fd7ceb84c5a99503a37d0d90a80dfe95f17e70b82916c09720cccdd5104dd171

omegle.onl Open in urlscan Pro 2606:4700:3034::ac43:9e26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

95 %HTTPS

73 %IPv6

14 Domains

17 Subdomains

15 IPs

4 Countries

1161 kBTransfer

2899 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

omegle.onl Open in urlscan Pro
2606:4700:3034::ac43:9e26 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

95 %
HTTPS

73 %
IPv6

14
Domains

17
Subdomains

15
IPs

4
Countries

1161 kB
Transfer

2899 kB
Size

26
Cookies

81 HTTP transactions
5 data transactions